touch command

[071]

My understanding of the touch command is that it creates and modifies the time of a file.
Can I use this command to create new log files in the /var/adm directory such as messages and last log ?
(rm lastlog ; touch lastlog)
Also does anyone know what 'wtmpx' in that directory means....
One other thing, I understand that the /proc file system contains interfaces to kernal structures and running processes. Do I really need to back it up ??

 

[Danne]

Yes you can use touch to create new logfiles, but instead of removing the old ones copy them to lastlog1 and so on. It's always wise to keep logfiles for at least the last week. I'm fairly new to Solaris my self so there might be some sort of configuration or utility for logfile handling.

The /var/adm/wtmpx contains the history of user access and adminstrative information.

I'm not sure you need to back up the /proc but as always it's better to back up more than you think you need, in the end you realise that you haven't back up enough anyway

 

[grega]

A simpler way of clearing log files is

cat /dev/null > filename

Greg.

 

[sureshp]

Hi,
When ever you are deleting a file and creating a new one using touch , don't forget to note down the owner ,group and mode of permissions of the old file .I have experienced a lot in this. I am speaking generally not specifically about the log files.

Suresh.

 

[jad]

the cat command overwrites the old file (but leaves the old permissions alone ...)

if you are doing this command, and want a backup, it's a lot easier to 'cp' the file rather than 'mv' it ...

 

[crazyenglishman]

does anyone know , how to purge the wtmpx.

this files grows and grows and is using up disk space

thanks

 

[jad]

ouch, Nec 20, 2000 -> Nov 7, 2001

see your other thread

 

[MarkBox]

The below script named newsyslog is what I use for log backups. It provides for creating archives of logs that you choose as well as proper creation of new empty logs (including correct permissions, ownership and signaling the syslogd daemon to start using the new log).

You will need to do some initial setup for the below script to function. Essentially you create an /etc/logdirs file that lists the directories (one per line) containing logs you want archived (or just use the defaults built into the script). Then in each directory containing logs you want archived you create another file named logfiles in which you list the file names of the logs to be archived (one per line).

There are two archiving schemes. One creates a rotation of archive files (set to 5 by default). The other uses a date stamp in the file name allowing for infinite archive files. See the NUMLOGS variable below. Set NUMLOGS to 0 and the script uses date/time stamps in the archive file names and NUMLOGS set to any positive number uses that number of rotating archives (with a number embedded in the file name).

Finally, to enable use of this newsyslog script you will need to adjust the root crontab (log in as root and do "crontab -e&quot so that the existing cron entry for newsyslog points to this new version.

Note: For Solaris there should already be a newsyslog script that manages archiving of log files but the cron job that launches this script is set for 3:10AM so if your machine is powered off at night it will never run.

Enjoy

newsyslog script:
-----------------
#!/bin/sh
#
# newsyslog
#
PATH="/bin:/usr/bin:/usr/ucb:/etc:/usr/etc:/usr/local/gnu/bin"
export PATH
ARCHIVE_DIR="."
ARC_OWNER="root"
ARC_GROUP="staff"
if [ -s /etc/logdirs ]; then
DIRS=`cat /etc/logdirs`
else
DIRS="/var/adm /var/log"
fi
OLD=$$
# If NUMLOGS=0 then all logs are kept with a date/time extension
# Uncomment the following 2 lines and comment out the NUMLOGS=# to get this
#NUMLOGS=0
DATE=`/bin/date +%y%m%d.%H%M`
NUMLOGS=5
#
# Run through twice, the first time we just move the file to a new name
# - thus syslog keeps writing to it.
# Then we tell syslog to re-read it's config thus making it switch to the
# new file
#
for LOGDIR in ${DIRS}
do
if [ ! -d ${LOGDIR} ]; then
echo "${0}: ${LOGDIR} does not exist."
continue
fi
cd ${LOGDIR}
if [ -f logfiles ]; then
FILES=`cat logfiles`
else
echo "${0}: File ${LOGDIR}/logfiles does not exist."
continue
fi
for LOG in ${FILES}
do
if [ ! -f ${LOG} ]; then
echo "${0}: Log file ${LOGDIR}/${LOG} does not exist."
cp /dev/null ${LOGDIR}/${LOG}
continue
fi
if [ -s ${LOG} ]; then
MODE=`ls -l ${LOG} | sed -e "s/[ ].*//" -e "s/[^.]//" -e "s/rwx/7/g" -e "s/rw-/6/g" -e "s/r-x/5/g" -e "s/r--/4/g" -e "s/-wx/3/g" -e "s/-w-/2/g" -e "s/--x/1/g" -e "s/---/0/g"`
OWNER=`ls -l ${LOG} | awk '{print $3}'`
GROUP=`ls -l ${LOG} | awk '{print $4}'`
mv ${LOG} ${LOG}.${OLD}
cp /dev/null ${LOG}
chmod ${MODE} ${LOG}
# echo "Changing owner/group of ${LOG} to ${OWNER} and ${GROUP}"
chown ${OWNER} ${LOG}
chgrp ${GROUP} ${LOG}
fi
done
done
#
kill -HUP `cat /etc/syslog.pid`
#
for LOGDIR in ${DIRS}
do
if [ ! -d ${LOGDIR} ]; then
continue
fi
cd ${LOGDIR}
if [ -f logfiles ]; then
FILES=`cat logfiles`
else
continue
fi
for LOG in ${FILES}
do
if [ ! -f ${LOG} ]; then
continue
fi
if [ -s ${LOG}.${OLD} ]; then
MODE=`ls -l ${LOG}.${OLD} | sed -e "s/[ ].*//" -e "s/[^.]//" -e "s/rwx/7/g" -e "s/rw-/6/g" -e "s/r-x/5/g" -e "s/r--/4/g" -e "s/-wx/3/g" -e "s/-w-/2/g" -e "s/--x/1/g" -e "s/---/0/g" -e "s/7/5/g" -e "s/6/4/g" -e "s/3/1/g" -e "s/2/0/g"`
if [ ${NUMLOGS} = 0 ]; then
ARCHFILE=${ARCHIVE_DIR}/${LOG}.${DATE}.gz
else
ARCHFILE=${ARCHIVE_DIR}/${LOG}.0.gz
COUNT=${NUMLOGS}
while [ ${COUNT} -gt 0 ]
do
FROM=`expr ${COUNT} - 1`
test -f ${LOG}.${FROM}.gz&& mv ${LOG}.${FROM}.gz ${LOG}.${COUNT}.gz
COUNT=`expr ${COUNT} - 1`
done
fi
gzip -c ${LOG}.${OLD} >${ARCHFILE}
if [ $? = 0 ]; then
chmod ${MODE} ${ARCHFILE}
chown $ARC_OWNER ${ARCHFILE}
chgrp $ARC_GROUP ${ARCHFILE}
rm -f ${LOG}.${OLD}
fi
fi

done
done

#comment this next line out if you use NUMLOGS=0
cp -p /var/log/authlog.0.gz /usr/local/archive/authlog.$DATE.gz