Logs

System logs

General information

http://linux.overshoot.tv/var/log
http://en.wikipedia.org/wiki/Syslog

System loggers

There are several different system loggers. The best strategy for you would be to use whichever one comes as default with your distribution. On Ubuntu systems, the default is rsyslog.

sysklogd

http://www.infodrom.org/projects/sysklogd/

syslog-ng

http://www.balabit.com/network-security/syslog-ng
http://en.wikipedia.org/wiki/Syslog-ng

rsylog

http://www.rsyslog.com/
http://en.wikipedia.org/wiki/Rsyslog

logrotate does not rotate a log file, while logs accumulate in file with timestamp.

Conditions:

- A log file remains empty.
- A log file with the same base name with timestamp added keeps growing, remains active and is never rotated.

In the following example, the file to rotate is /var/log/messages.

# ls -ltr /var/log/messages*
-rw-------  1 root    root    205K Sep  3  2023 messages-20230903.gz
-rw-------  1 root    root    181K Sep 10  2023 messages-20230910.gz
-rw-------  1 root    root       0 Sep 17  2023 messages
-rw-------  1 root    root    109M Jul 11 07:26 messages-20230917

MySQL binary logs administration

Documentation

MySQL 8.0 Reference Manual / The Binary Log / 5.4.4 The Binary Log
https://dev.mysql.com/doc/refman/8.0/en/binary-log.html

17.1.6.4 Binary Logging Options and Variables
https://dev.mysql.com/doc/refman/8.0/en/replication-options-binary-log.h...

MySQL 8.0 Reference Manual / MySQL Programs / Administrative and Utility Programs / 4.6.8 mysqlbinlog — Utility for Processing Binary Log Files
https://dev.mysql.com/doc/refman/8.0/en/mysqlbinlog.html

/var/log/faillog

/var/log/faillog is a binary file that is processed by /usr/bin/faillog.
See:

man 8 faillog
man 5 faillog

faillog depends on pam_tally.so .

eg:

# /etc/pam.d/system-auth
auth      required     pam_tally.so no_magic_root
account   required     pam_tally.so deny=2 no_magic_root


kcheckpass[6209]: pam_tally(kde:auth): Error opening /var/log/faillog for update
kcheckpass[6209]: pam_tally(kde:auth): Error opening /var/log/faillog for read
kcheckpass[6209]: pam_ecryptfs: seteuid error

virtual/logger

virtual package that can be satisfied by one of the following:

app-admin/metalog
app-admin/rsyslog
app-admin/socklog
app-admin/sysklogd
app-admin/syslog-ng
app-admin/syslogread
sys-freebsd/freebsd-usbin
sys-apps/busybox[syslog]
>=sys-apps/systemd-38

mysql-bin log files take a lot of space

Symptom and cause

Symptom: the directory /var/lib/mysql/ is taking an increasing amount of space because of the numerous “server-bin.n” or mysql-bin.00000n files stored there.

This is because /etc/mysql/my.cnf has:

log-bin=mysql-bin

Binary logging is used for data recovery and for replication with master/slave servers.

To clear those binary log files, you must first decide whether you want/need binary logging or not.

Disable binary logging

In /etc/mysql/my.cnf:
disable log-bin and related settings as below (comment out or delete):

sddm requires systemd to log errors

See #11018: sddm upgrade: missing logs and missing maui theme
for an example of an error that was not properly logged.
Upstream says that logging errors requires systemd :(

sddm upgrade: missing logs and missing maui theme

Last night, I did an emerge update @world, which included an upgrade of sddm

I think it's this package x11-misc/sddm, but I'm not sure.
Installed versions: 0.14.0-r2(12:07:07 30/01/17)(consolekit pam -systemd)

In any case, when I logged in this morning, I was greeted by the sddm session manager with the message:
"The current theme cannot be loaded due to the errors below. please select another theme."
"file:///usr/share/sddm/themes/maui/Main.qml: file not found."

I know where and how to configure the sddm theme.

The problems are:

X.Org Server logs

Check the X.org Server logs for errors:

fgrep '(EE)' /var/log/Xorg.0.log

The timestamp in front of each log entry corresponds to the number of seconds since the server was started.

Syndicate content