From owner-freebsd-questions@FreeBSD.ORG Tue Mar 16 16:16:16 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7B92916A4CE for ; Tue, 16 Mar 2004 16:16:16 -0800 (PST) Received: from theatre.msu.edu (theatre.msu.edu [35.8.69.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D7CD43D31 for ; Tue, 16 Mar 2004 16:16:16 -0800 (PST) (envelope-from sagejona@theatre.msu.edu) Received: from theatre.msu.edu (c-67-167-140-34.client.comcast.net [67.167.140.34]) (authenticated bits=0) by theatre.msu.edu (8.12.11/8.12.11) with ESMTP id i2H0FkHh086208 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 16 Mar 2004 19:15:47 -0500 (EST) (envelope-from sagejona@theatre.msu.edu) Message-ID: <405798BD.4030301@theatre.msu.edu> Date: Tue, 16 Mar 2004 19:15:57 -0500 From: "Jonathan T. Sage" Organization: MSU Dept of Theatre User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Wayne Sierke References: <000c01c2eafb$52cfdbc0$0401a8c0@bloodlust> <4055EAFE.7050503@theatre.msu.edu> <8FDB539E-76AA-11D8-A92D-000A956D2452@chrononomicon.com> <4055EFAD.5080202@theatre.msu.edu> <588423B0-76AC-11D8-A92D-000A956D2452@chrononomicon.com> <40562AFC.4080004@theatre.msu.edu> <1079479714.3992.138.camel@ovirt.dyndns.ws> In-Reply-To: <1079479714.3992.138.camel@ovirt.dyndns.ws> X-Enigmail-Version: 0.83.3.0 X-Enigmail-Supports: pgp-inline, pgp-mime X-Phone: +1-517-974-1428 X-WWW-Home-Page: http://theatre.msu.edu X-PGP-Key-Figerprint: 182C CF3F 93A9 1DAA 2EBE D4D5 A159 96D9 452E A7F1 X-IM: AIM(jonathantsage,spartyman), ICQ(9587621), YIM(wisesage98) Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig32660EB884B596043B048CBC" X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on www.theatre.msu.edu X-Virus-Scanned: clamd / ClamAV version devel-20040309, clamav-milter version 0.67j cc: questions@freebsd.org cc: Bart Silverstrim Subject: Re: ClamAV Log Rotation (WAS: Antivirus suggestion...) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Mar 2004 00:16:16 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig32660EB884B596043B048CBC Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Wayne Sierke wrote: > > >>Clamd log rotation: >> >>first and foremost, make sure that clamav is gonna drop a pidfile. in >>/usr/local/etc/clamav.conf, uncomment: >> >># This option allows you to save the process identifier of the listening >># daemon (main thread). >>PidFile /var/run/clamd.pid >> >>then, add the following (one line) to /etc/newsyslog.conf >> >>/var/log/clamd.log 644 3 * $W0D1 BJ \ >> /var/run/clamd.pid 1 >> >>this will rotate the log once a week, keep 3 of them (current log +3 >>weeks). it will also compress the old one with bzip2 and SIGHUP the >>clamd process. seems to work just fine for me, running clamav-devel on >>-current (Mar 3 or so right now) >> > > Here's what I got: > > # ls -lrt /var/log/clamd* > -rw-r----- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log > -rw-r----- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 > > # tail -n 6 /var/log/clamd.log.0 > Wed Mar 17 05:58:54 2004 -> SelfCheck: Database status OK. > Wed Mar 17 06:00:00 2004 -> SIGHUP catched: log file re-opened. > Wed Mar 17 06:00:00 2004 -> ERROR: accept() failed. > Wed Mar 17 06:59:32 2004 -> SelfCheck: Database status OK. > Wed Mar 17 08:00:10 2004 -> SelfCheck: Database status OK. > Wed Mar 17 09:00:48 2004 -> SelfCheck: Database status OK. > > # portversion -v "clamav*" > clamav-0.67.1 = up-to-date with port > > > Hmm, just saw a submission to -ports for an update to 0.70-rc, looks > like that version is needed to have the SIGHUP handling (according to > its NEWS file). > Ah. yes, When I wrote this, i was using clamav-devel, and the SIGHUP handling works fine there. thanks for the info though. ~j -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design [HTTP://www.JTSage.com] [sagejona@msu.edu] [See Headers for Contact Info] --------------enig32660EB884B596043B048CBC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAV5i9oVmW2UUup/ERAkQkAJ9X4zQJFanILA1n6c3NAM62x6kNHACfUoZX 7Zza+HPC30d5q3eGS1k4JCg= =Yvb7 -----END PGP SIGNATURE----- --------------enig32660EB884B596043B048CBC--