Date: Wed, 9 Mar 2005 08:24:27 -0600 (CST) From: David Fleck <david.fleck@mchsi.com> To: Mark <admin@asarian-host.net> Cc: 'FreeBSD-Questions Questions' <freebsd-questions@freebsd.org> Subject: Re: Auth.log date issue? Message-ID: <20050309082001.G98716@grond.sourballs.org> In-Reply-To: <200503091024.j29AOsEp004882@asarian-host.net> References: <200503091024.j29AOsEp004882@asarian-host.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Mar 2005, Mark wrote: > Which is curious, as the IP address no longer has a machine on it. Then I > checked, and after a while I suddenly noticed /var/log/auth.log was dated > March 8, 2004! Apparently, the security script just checks the date, but > not the year? Is it supposed to work this way? It gave me a good scare, > all for nothing. :) The exact same thing happened to me a few months ago. I think the script is written with the assumption that the auth.log will be rotated at least once a year; but if you don't have a lot of authorization activity, it can easily go beyond that without rotating, because the default for newsyslog.conf is to only rotate auth.log when it gets beyond a certain size. Just add a time for auth.log to rotate, and this will go away. (rotates auth.log once a month) /var/log/auth.log 600 7 256 $M1D0 Z -- David Fleck david.fleck@mchsi.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050309082001.G98716>