To tell Logrotate which user or group must be used for rotation, set an
su directive in the config file:
- Using your preferred editor, edit the /opt/NAI/LinuxShield/apache/bin/apachectl file at the following section, inserting the line of text shown in bold.
startssl|sslstart|start-SSL)
if [ $RUNNING -eq 1 ]; then
echo "$0 $ARG: $httpd (pid $PID) already running"
continue
fi
if LD_LIBRARY_PATH=/opt/NAI/LinuxShield/lib $HTTPD -DSSL
then
echo "$0 $ARG: $httpd started"
chown nails:nailsgroup /var/opt/NAI/LinuxShield/log/apache/error_log
else
echo "$0 $ARG: $httpd could not be started"
ERROR=3
fi
;;
- Edit the /etc/logrotate.d/nailswebd file as shown below, inserting the line of text shown in bold.
'/var/opt/NAI/LinuxShield/log/apache/error_log' '/var/opt/NAI/LinuxShield/log/apache/access_log' '/var/opt/NAI/LinuxShield/log/apache/ssl_engine_log'
'/var/opt/NAI/LinuxShield/log/apache/ssl_request_log' {
compress
create 644 nails nailsgroup
missingok
notifempty
rotate 9
size=+1024k
sharedscripts
postrotate
killall -HUP nailswebd
endscript
su nails nailsgroup
}
- Restart the nails service using the following command:
#service nails restart
Or
#/etc/init.d/nails restart
- To perform Logrotate, run the following command:
#logrotate -f /etc/logrotate.d/nailswebd
There must be no errors on Logrotate.
