From owner-freebsd-questions@FreeBSD.ORG Tue Mar 16 15:28:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE93716A579 for ; Tue, 16 Mar 2004 15:28:57 -0800 (PST) Received: from smtp1.adl2.internode.on.net (smtp1.adl2.internode.on.net [203.16.214.181]) by mx1.FreeBSD.org (Postfix) with ESMTP id F3B6343D3F for ; Tue, 16 Mar 2004 15:28:54 -0800 (PST) (envelope-from ws+freebsd-questions@au.dyndns.ws) Received: from lillith-iv.ovirt.dyndns.ws (ppp142-192.lns1.adl2.internode.on.net [150.101.142.192]) i2GNSbwn078807; Wed, 17 Mar 2004 09:58:38 +1030 (CST) X-Envelope-From: ws+freebsd-questions@au.dyndns.ws X-Envelope-To: questions@freebsd.org Received: from [192.168.100.132] (ppp142-192.lns1.adl2.internode.on.net [150.101.142.192])i2GNSZ6i086390; Wed, 17 Mar 2004 09:58:36 +1030 (CST) (envelope-from ws+freebsd-questions@au.dyndns.ws) From: Wayne Sierke To: "Jonathan T. Sage" In-Reply-To: <40562AFC.4080004@theatre.msu.edu> References: <000c01c2eafb$52cfdbc0$0401a8c0@bloodlust> <4055EAFE.7050503@theatre.msu.edu> <8FDB539E-76AA-11D8-A92D-000A956D2452@chrononomicon.com> <4055EFAD.5080202@theatre.msu.edu> <588423B0-76AC-11D8-A92D-000A956D2452@chrononomicon.com> <40562AFC.4080004@theatre.msu.edu> Content-Type: text/plain Message-Id: <1079479714.3992.138.camel@ovirt.dyndns.ws> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Wed, 17 Mar 2004 09:58:35 +1030 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.39 X-Scanned-By: SpamAssassin 2.63 (2004-01-11) X-Scanned-By: F-Prot X-Scanned-By: ClamAV X-Spam-Score: 0 () cc: questions@freebsd.org cc: Bart Silverstrim Subject: Re: ClamAV Log Rotation (WAS: Antivirus suggestion...) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Mar 2004 23:28:57 -0000 On Tue, 2004-03-16 at 08:45, Jonathan T. Sage wrote: > Hope this is of some use: > > > Clamd log rotation: > > first and foremost, make sure that clamav is gonna drop a pidfile. in > /usr/local/etc/clamav.conf, uncomment: > > # This option allows you to save the process identifier of the listening > # daemon (main thread). > PidFile /var/run/clamd.pid > > then, add the following (one line) to /etc/newsyslog.conf > > /var/log/clamd.log 644 3 * $W0D1 BJ \ > /var/run/clamd.pid 1 > > this will rotate the log once a week, keep 3 of them (current log +3 > weeks). it will also compress the old one with bzip2 and SIGHUP the > clamd process. seems to work just fine for me, running clamav-devel on > -current (Mar 3 or so right now) > Here's what I got: # ls -lrt /var/log/clamd* -rw-r----- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log -rw-r----- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 # tail -n 6 /var/log/clamd.log.0 Wed Mar 17 05:58:54 2004 -> SelfCheck: Database status OK. Wed Mar 17 06:00:00 2004 -> SIGHUP catched: log file re-opened. Wed Mar 17 06:00:00 2004 -> ERROR: accept() failed. Wed Mar 17 06:59:32 2004 -> SelfCheck: Database status OK. Wed Mar 17 08:00:10 2004 -> SelfCheck: Database status OK. Wed Mar 17 09:00:48 2004 -> SelfCheck: Database status OK. # portversion -v "clamav*" clamav-0.67.1 = up-to-date with port Hmm, just saw a submission to -ports for an update to 0.70-rc, looks like that version is needed to have the SIGHUP handling (according to its NEWS file). Wayne