Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Jan 2015 11:19:09 +0100 (CET)
From:      =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no>
To:        Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Rotating freeradius log
Message-ID:  <alpine.BSF.2.11.1501141114020.1551@mail.fig.ol.no>
In-Reply-To: <wu7ppahofob.fsf@banyan.cs.ait.ac.th>
References:  <wu7ppahofob.fsf@banyan.cs.ait.ac.th>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Jan 2015 16:49+0700, Olivier Nicole wrote:

> Hi,
> 
> Is there a way to use newsyslog to rotate freeradius accounting logs?
> 
> Freeradius creates accounting logs of the form
> /var/log/radacct/IP-ADDRESS/reply-detail-DATE and
> /var/log/radacct/IP-ADDRESS/auth-detail-DATE
> 
> Is there a way to configure newsyslog to remove the files that are older
> than X days?
> 
> /var/log/radacct/*/* is not working in /etc/newsyslog.conf

How about creating an entry in /etc/crontab, executing:

/usr/bin/find /var/log/radacct -mtime 7d -delete

The example above deletes everything older than 7 days. See find(1) 
for more information, the documentation for the -mtime option refers 
to the documentation for -atime option.

We can refine the example to only cover (ordinary) files:

/usr/bin/find /var/log/radacct -type f -mtime 7d -delete

-- 
+-------------------------------+------------------------------------+
| Vennlig hilsen,               | Best regards,                      |
| Trond Endrestøl,              | Trond Endrestøl,                   |
| IT-ansvarlig,                 | System administrator,              |
| Fagskolen Innlandet,          | Gjøvik Technical College, Norway,  |
| tlf. mob.   952 62 567,       | Cellular...: +47 952 62 567,       |
| sentralbord 61 14 54 00.      | Switchboard: +47 61 14 54 00.      |
+-------------------------------+------------------------------------+
From owner-freebsd-questions@FreeBSD.ORG  Wed Jan 14 21:36:58 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id A1E19BE3
 for <freebsd-questions@freebsd.org>; Wed, 14 Jan 2015 21:36:58 +0000 (UTC)
Received: from mail-wg0-x236.google.com (mail-wg0-x236.google.com
 [IPv6:2a00:1450:400c:c00::236])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 33B4FE90
 for <freebsd-questions@freebsd.org>; Wed, 14 Jan 2015 21:36:58 +0000 (UTC)
Received: by mail-wg0-f54.google.com with SMTP id z12so11397776wgg.13
 for <freebsd-questions@freebsd.org>; Wed, 14 Jan 2015 13:36:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=from:content-type:content-transfer-encoding:subject:message-id:date
 :to:mime-version;
 bh=vt/sx+BArB8hhilCPZ7qJ1QV0PD1yuz4LCiEruhwNz0=;
 b=tkvQTGkS5niiEamEn+0yqd84t5TWxC/K2uTeTLu1mFFDkEAoMyxnOy1eA+NbYNGr6u
 yfSVRPd2P3xtbehLSAOgBR4NlYgOz7F6smThoSRm63uEuC6q/d6cdIU4Jf0l8b5nPF3+
 eCj/SCpjx9thkH1jRy0bi/ycvR4J4iNuu72lFzr62y+U+m7qJlkzvnNxs5OpUnHbqTBK
 x4wq3RtAVWF6ez/7lo463Bf+/7+tB2bKa5qNnUHnw0uNzRJ7BKKmhlCt1YTiUWfiSHfk
 512KfK/uNWVHEsfxbazcnzQo34cUmm0Tzkp1YUJeokMghJl5Zdad3WEt8WtNcTEO9B3H
 vnpA==
X-Received: by 10.194.243.165 with SMTP id wz5mr11286551wjc.98.1421271416475; 
 Wed, 14 Jan 2015 13:36:56 -0800 (PST)
Received: from [30.10.10.111] ([41.33.182.201])
 by mx.google.com with ESMTPSA id u13sm31673658wjr.26.2015.01.14.13.36.55
 for <freebsd-questions@freebsd.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Wed, 14 Jan 2015 13:36:55 -0800 (PST)
From: Florian Heigl <florian.heigl@gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Subject: https://svn0.eu.freebsd.org self signed Cert
Message-Id: <397D5A8E-6497-4015-9D61-3D196EF22ADE@gmail.com>
Date: Wed, 14 Jan 2015 23:36:53 +0200
To: freebsd-questions@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>;
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2015 21:36:58 -0000

Hi,

I wonder if this has been brought up before but didn=92t see anything =
about it.
The EU SVN mirror is running a selfsigned cert, while the US one is =
running with a public accepted cert.

The documentation has the fingerprint for the certificate, it can be =
found at:
https://www.freebsd.org/doc/handbook/svn.html


Honestly it would be a lot easier to simply use a valid and public =
certificate for each of the SVN mirrors.
By now we should all have learned that any, really any slight chance of =
attack is being abused.

With a self signed cert we offload the problem to all users to actually =
verify the cert each time they do a fresh checkout.=20
Even better, with a self-signed cert we won=92t have any CRL support, =
right? Or is there a CRL provided for them?
(Disclaimer, mostly this depends on that feature =93ever=94 being added =
to SVN anyway)

I hope this plea reaches the right set of eyes for consideration.
Since the SVN page asks to send any questions to -questions instead of =
mirrors/infra, i=92m sending it here.


tl;dr
Please: ditch any self signed certs from freebsd source and build infra =
chain.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.11.1501141114020.1551>