From owner-svn-src-head@FreeBSD.ORG  Mon Mar 19 15:28:48 2012
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 641091065674
	for <svn-src-head@freebsd.org>; Mon, 19 Mar 2012 15:28:48 +0000 (UTC)
	(envelope-from freebsd@damnhippie.dyndns.org)
Received: from qmta04.emeryville.ca.mail.comcast.net
	(qmta04.emeryville.ca.mail.comcast.net [76.96.30.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 457838FC22
	for <svn-src-head@freebsd.org>; Mon, 19 Mar 2012 15:28:48 +0000 (UTC)
Received: from omta15.emeryville.ca.mail.comcast.net ([76.96.30.71])
	by qmta04.emeryville.ca.mail.comcast.net with comcast
	id nRXT1i0011Y3wxoA4TUihl; Mon, 19 Mar 2012 15:28:42 +0000
Received: from damnhippie.dyndns.org ([24.8.232.202])
	by omta15.emeryville.ca.mail.comcast.net with comcast
	id nTUg1i00u4NgCEG8bTUhAj; Mon, 19 Mar 2012 15:28:42 +0000
Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240])
	by damnhippie.dyndns.org (8.14.3/8.14.3) with ESMTP id q2JFSdTq029470; 
	Mon, 19 Mar 2012 09:28:39 -0600 (MDT)
	(envelope-from freebsd@damnhippie.dyndns.org)
From: Ian Lepore <freebsd@damnhippie.dyndns.org>
To: Gleb Smirnoff <glebius@freebsd.org>
In-Reply-To: <201203190930.q2J9UeO5060866@svn.freebsd.org>
References: <201203190930.q2J9UeO5060866@svn.freebsd.org>
Content-Type: text/plain; charset="us-ascii"
Date: Mon, 19 Mar 2012 09:28:39 -0600
Message-ID: <1332170919.8403.35.camel@revolution.hippie.lan>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
	src-committers@freebsd.org
Subject: Re: svn commit: r233167 - head/etc
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2012 15:28:48 -0000

On Mon, 2012-03-19 at 09:30 +0000, Gleb Smirnoff wrote:
> Author: glebius
> Date: Mon Mar 19 09:30:40 2012
> New Revision: 233167
> URL: http://svn.freebsd.org/changeset/base/233167
> 
> Log:
>   Rotate auth.log and messages at the beginning of a year. Otherwise,
>   daily security checks 800.loginfail and 900.tcpwrap may produce
>   false positive alerts.
> 
> Modified:
>   head/etc/newsyslog.conf
> 
> Modified: head/etc/newsyslog.conf
> ==============================================================================
> --- head/etc/newsyslog.conf	Mon Mar 19 08:10:23 2012	(r233166)
> +++ head/etc/newsyslog.conf	Mon Mar 19 09:30:40 2012	(r233167)
> @@ -19,7 +19,7 @@
>  # logfilename          [owner:group]    mode count size when  flags [/pid_file] [sig_num]
>  /var/log/all.log			600  7	   *	@T00  J
>  /var/log/amd.log			644  7	   100	*     J
> -/var/log/auth.log			600  7     100  *     JC
> +/var/log/auth.log			600  7     100  @0101T JC
>  /var/log/console.log			600  5	   100	*     J
>  /var/log/cron				600  3	   100	*     JC
>  /var/log/daily.log			640  7	   *	@T00  JN
> @@ -28,7 +28,7 @@
>  /var/log/kerberos.log			600  7	   100	*     J
>  /var/log/lpd-errs			644  7	   100	*     JC
>  /var/log/maillog			640  7	   *	@T00  JC
> -/var/log/messages			644  5	   100	*     JC
> +/var/log/messages			644  5	   100	@0101T JC
>  /var/log/monthly.log			640  12	   *	$M1D0 JN
>  /var/log/pflog				600  3	   100	*     JB    /var/run/pflogd.pid
>  /var/log/ppp.log	root:network	640  3	   100	*     JC


This change may not behave exactly as you expect unless the patch in PR
kern/160432 or something equivelent is commited.  (It should have been
bin/ not kern/, my bad.)

 http://www.freebsd.org/cgi/query-pr.cgi?pr=160432

To summarize, if both 'size' and 'when' are specified, the size is
ignored and only the time is used.  The patch in that PR fixes it.
We've been running our embedded products with the patch for years
because rotating based on size is important when /var/log is a ramdisk.

-- Ian