1LOGROTATE(8)             System Administrator's Manual            LOGROTATE(8)
2
3
4

NAME

6       logrotate ‐ rotates, compresses, and mails system logs
7
8

SYNOPSIS

10       logrotate   [--force]   [--debug]  [--state  file]  [--skip-state-lock]
11       [--verbose] [--log file]  [--mail  command]  config_file  [config_file2
12       ...]
13
14

DESCRIPTION

16       logrotate  is  designed to ease administration of systems that generate
17       large numbers of log files.  It allows automatic rotation, compression,
18       removal, and mailing of log files.  Each log file may be handled daily,
19       weekly, monthly, or when it grows too large.
20
21       Normally, logrotate is run as a daily cron job.  It will not  modify  a
22       log  more  than  once  in  one day unless the criterion for that log is
23       based on the log's size and logrotate is being run more than once  each
24       day, or unless the -f or --force option is used.
25
26       Any  number  of  config  files may be given on the command line.  Later
27       config files may override the options given in earlier  files,  so  the
28       order  in  which  the  logrotate  config files are listed is important.
29       Normally, a single config file which includes any  other  config  files
30       which are needed should be used.  See below for more information on how
31       to use the include directive to accomplish this.   If  a  directory  is
32       given  on  the  command line, every file in that directory is used as a
33       config file.
34
35       If no command line arguments are given, logrotate  will  print  version
36       and  copyright  information,  along with a short usage summary.  If any
37       errors occur while rotating logs, logrotate  will  exit  with  non-zero
38       status.
39
40

OPTIONS

42       -f, --force
43              Tells  logrotate to force the rotation, even if it doesn't think
44              this is necessary.  Sometimes this is useful  after  adding  new
45              entries  to  a  logrotate  config file, or if old log files have
46              been removed by hand, as the new files will be created, and log‐
47              ging will continue correctly.
48
49
50       -d, --debug
51              Turn  on debug mode, which means that no changes are made to the
52              logs and the logrotate state file is not  updated.   Only  debug
53              messages are printed.
54
55
56       -s, --state statefile
57              Tells  logrotate to use an alternate state file.  This is useful
58              if logrotate is being run as a different user for  various  sets
59              of  log  files.   To  prevent  parallel  execution  logrotate by
60              default acquires a lock on the  state  file,  if  it  cannot  be
61              acquired  logrotate  will  exit with value 3.  The default state
62              file is /var/lib/logrotate/logrotate.status.
63
64
65       --skip-state-lock
66              Do not lock the state file, for example  if  locking  is  unsup‐
67              ported or prohibited.
68
69
70       -v, --verbose
71              Turns  on  verbose  mode, for example to display messages during
72              rotation.
73
74
75       -l, --log file
76              Tells logrotate to log verbose output into  the  log_file.   The
77              verbose  output  logged to that file is the same as when running
78              logrotate with -v switch.  The log file is overwritten on  every
79              logrotate execution.
80
81
82       -m, --mail command
83              Tells  logrotate  which  command to use when mailing logs.  This
84              command should accept the following arguments:
85
86              1) the subject of the message given with '-s subject'
87              2) the recipient.
88
89              The command must then read a message on standard input and  mail
90              it to the recipient.  The default mail command is /bin/mail.
91
92
93       --usage
94              Prints a short usage message.
95
96
97       -?, --help
98              Prints help message.
99
100
101       --version
102              Display version information.
103
104
105

CONFIGURATION FILE

107       logrotate  reads  everything  about the log files it should be handling
108       from the series of configuration files specified on the  command  line.
109       Each configuration file can set global options (local definitions over‐
110       ride global ones, and later  definitions  override  earlier  ones)  and
111       specify  logfiles  to  rotate.   Global options do not affect preceding
112       include directives.  A simple configuration file looks like this:
113
114       # sample logrotate configuration file
115       compress
116
117       /var/log/messages {
118           rotate 5
119           weekly
120           postrotate
121               /usr/bin/killall -HUP syslogd
122           endscript
123       }
124
125       "/var/log/httpd/access.log" /var/log/httpd/error.log {
126           rotate 5
127           mail recipient@example.org
128           size 100k
129           sharedscripts
130           postrotate
131               /usr/bin/killall -HUP httpd
132           endscript
133       }
134
135       /var/log/news/* {
136           monthly
137           rotate 2
138           olddir /var/log/news/old
139           missingok
140           postrotate
141               kill -HUP $(cat /var/run/inn.pid)
142           endscript
143           nocompress
144       }
145
146       ~/log/*.log {}
147
148
149
150       The first few lines set global options; in the example, logs  are  com‐
151       pressed after they are rotated.  Note that comments may appear anywhere
152       in the config file as long as the first non-whitespace character on the
153       line is a #.
154
155       Values  are  separated from directives by whitespace and/or an optional
156       =.  Numbers must be specified in a format understood by strtoul(3).
157
158       The next section of the config file defines how to handle the log  file
159       /var/log/messages.   The  log  will  go  through  five weekly rotations
160       before being removed.  After the log file has been rotated (but  before
161       the   old  version  of  the  log  has  been  compressed),  the  command
162       /usr/bin/killall -HUP syslogd will be executed.
163
164       The    next    section    defines    the    parameters     for     both
165       /var/log/httpd/access.log   and   /var/log/httpd/error.log.    Each  is
166       rotated whenever it grows over 100 kilobytes in size, and the old  logs
167       files  are  mailed  (uncompressed) to recipient@example.org after going
168       through 5 rotations, rather  than  being  removed.   The  sharedscripts
169       means  that  the postrotate script will only be run once (after the old
170       logs have been compressed), not once for each  log  which  is  rotated.
171       Note that log file names may be enclosed in quotes (and that quotes are
172       required if the name contains  spaces).   Normal  shell  quoting  rules
173       apply, with ', ", and \ characters supported.
174
175       The  next  section  defines  the  parameters  for  all  of the files in
176       /var/log/news. Each file is rotated on a monthly basis.  This  is  con‐
177       sidered  a  single rotation directive and if errors occur for more than
178       one file, the log files are not compressed.
179
180       The last section uses tilde expansion to rotate log files in  the  home
181       directory  of  the  current user.  This is only available, if your glob
182       library supports tilde expansion.  GNU glob does support this.
183
184       Please use wildcards with caution.  If you specify  *,  logrotate  will
185       rotate all files, including previously rotated ones.  A way around this
186       is to use the olddir directive  or  a  more  exact  wildcard  (such  as
187       *.log).
188
189       Here  is  more information on the directives which may be included in a
190       logrotate configuration file:
191
192

CONFIGURATION FILE DIRECTIVES

194       These directives may be included in a logrotate configuration file:
195
196
197   Rotation
198       rotate count
199              Log files are rotated count times before being removed or mailed
200              to  the  address  specified in a mail directive.  If count is 0,
201              old versions are removed rather than rotated.  If count  is  -1,
202              old  logs  are  not  removed at all, except they are affected by
203              maxage (use with caution, may waste performance and disk space).
204              Default is 0.
205
206
207       olddir directory
208              Logs  are moved into directory for rotation.  The directory must
209              be on the same physical device as the log  file  being  rotated,
210              unless  copy,  copytruncate  or  renamecopy option is used.  The
211              directory is assumed to be relative to the directory holding the
212              log  file  unless an absolute path name is specified.  When this
213              option is used all old versions of the log end up in  directory.
214              This option may be overridden by the noolddir option.
215
216
217       noolddir
218              Logs  are rotated in the directory they normally reside in (this
219              overrides the olddir option).
220
221
222       su user group
223              Rotate log files set under this user and group instead of  using
224              default user/group (usually root).  user specifies the user name
225              used for rotation and group specifies the group used  for  rota‐
226              tion.   If  the user/group you specify here does not have suffi‐
227              cient privilege to make files with the ownership  you've  speci‐
228              fied  in  a create directive, it will cause an error.  If logro‐
229              tate runs with root privileges, it is recommended to use the  su
230              directive  to  rotate  files in directories that are directly or
231              indirectly in control of non-privileged users.
232
233
234   Frequency
235       hourly Log files are rotated every hour.  Note that  usually  logrotate
236              is  configured to be run by cron daily.  You have to change this
237              configuration and run logrotate hourly  to  be  able  to  really
238              rotate logs hourly.
239
240
241       daily  Log files are rotated every day.
242
243
244       weekly [weekday]
245              Log  files  are  rotated  once  each  weekday, or if the date is
246              advanced by at least 7  days  since  the  last  rotation  (while
247              ignoring the exact time).  The weekday interpretation is follow‐
248              ing: 0 means Sunday, 1 means Monday, ..., 6 means Saturday;  the
249              special  value  7  means each 7 days, irrespectively of weekday.
250              Defaults to 0 if the weekday argument is omitted.
251
252
253       monthly
254              Log files are rotated the first time logrotate is run in a month
255              (this is normally on the first day of the month).
256
257
258       yearly Log files are rotated if the current year is not the same as the
259              last rotation.
260
261
262       size size
263              Log files are rotated only if they grow bigger than size  bytes.
264              If  size  is  followed  by k, the size is assumed to be in kilo‐
265              bytes.  If the M is used, the size is in megabytes, and if G  is
266              used,  the  size  is  in gigabytes. So size 100, size 100k, size
267              100M and size 100G are  all  valid.   This  option  is  mutually
268              exclusive  with  the  time  interval  options, and it causes log
269              files to be rotated without regard for the last  rotation  time,
270              if  specified after the time criteria (the last specified option
271              takes the precedence).
272
273
274   File selection
275       missingok
276              If the log file is missing, go on to the next one without  issu‐
277              ing an error message.  See also nomissingok.
278
279
280       nomissingok
281              If  a  log  file  does  not  exist, issue an error.  This is the
282              default.
283
284
285       ifempty
286              Rotate the  log  file  even  if  it  is  empty,  overriding  the
287              notifempty option (ifempty is the default).
288
289
290       notifempty
291              Do not rotate the log if it is empty (this overrides the ifempty
292              option).
293
294
295       minage count
296              Do not rotate logs which are less than <count> days old.
297
298
299       maxage count
300              Remove rotated logs older than <count> days.  The  age  is  only
301              checked  if  the  logfile  is to be rotated.  rotate -1 does not
302              hinder removal.  The files are mailed to the configured  address
303              if maillast and mail are configured.
304
305
306       minsize size
307              Log files are rotated when they grow bigger than size bytes, but
308              not before the  additionally  specified  time  interval  (daily,
309              weekly, monthly, or yearly).  The related size option is similar
310              except that it is mutually  exclusive  with  the  time  interval
311              options,  and  it  causes log files to be rotated without regard
312              for the last rotation time, if specified after the time criteria
313              (the  last specified option takes the precedence).  When minsize
314              is used, both the size and timestamp of a log file  are  consid‐
315              ered.
316
317
318       maxsize size
319              Log files are rotated when they grow bigger than size bytes even
320              before the additionally specified time interval (daily,  weekly,
321              monthly,  or yearly).  The related size option is similar except
322              that it is mutually exclusive with the  time  interval  options,
323              and  it  causes  log  files to be rotated without regard for the
324              last rotation time, if specified after the  time  criteria  (the
325              last  specified  option  takes the precedence).  When maxsize is
326              used, both the size and timestamp of a log file are considered.
327
328
329       tabooext [+] list
330              The current taboo extension list is  changed  (see  the  include
331              directive for information on the taboo extensions).  If a + pre‐
332              cedes the list of extensions, the current taboo  extension  list
333              is  augmented,  otherwise it is replaced.  At startup, the taboo
334              extension list ,v, .cfsaved,  .disabled,  .dpkg-bak,  .dpkg-del,
335              .dpkg-dist,   .dpkg-new,   .dpkg-old,  .rhn-cfg-tmp-*,  .rpmnew,
336              .rpmorig, .rpmsave, .swp, .ucf-dist, .ucf-new, .ucf-old, ~
337
338
339       taboopat [+] list
340              The current taboo glob pattern list is changed (see the  include
341              directive for information on the taboo extensions and patterns).
342              If a + precedes the list of patterns, the current taboo  pattern
343              list  is  augmented,  otherwise it is replaced.  At startup, the
344              taboo pattern list is empty.
345
346
347   Files and Folders
348       create mode owner group, create owner group
349              Immediately after rotation (before the postrotate script is run)
350              the log file is created (with the same name as the log file just
351              rotated).  mode specifies the mode for the  log  file  in  octal
352              (the  same  as chmod(2)), owner specifies the user name who will
353              own the log file, and group specifies the  group  the  log  file
354              will  belong to.  Any of the log file attributes may be omitted,
355              in which case those attributes for the new  file  will  use  the
356              same values as the original log file for the omitted attributes.
357              This option can be disabled using the nocreate option.
358
359
360       nocreate
361              New log  files  are  not  created  (this  overrides  the  create
362              option).
363
364
365       createolddir mode owner group
366              If  the  directory specified by olddir directive does not exist,
367              it is created. mode specifies the mode for the olddir  directory
368              in  octal  (the same as chmod(2)), owner specifies the user name
369              who will own the olddir directory, and group specifies the group
370              the  olddir  directory  will belong to.  This option can be dis‐
371              abled using the nocreateolddir option.
372
373
374       nocreateolddir
375              olddir directory is not created by logrotate when  it  does  not
376              exist.
377
378
379       copy   Make  a  copy  of the log file, but don't change the original at
380              all.  This option can be used, for instance, to make a  snapshot
381              of  the  current  log  file, or when some other utility needs to
382              truncate or parse the file.  When this option is used, the  cre‐
383              ate  option  will  have  no effect, as the old log file stays in
384              place.
385
386
387       nocopy Do not copy the original log file and leave it in place.   (this
388              overrides the copy option).
389
390
391       copytruncate
392              Truncate  the original log file to zero size in place after cre‐
393              ating a copy, instead of moving the old log file and  optionally
394              creating  a new one.  It can be used when some program cannot be
395              told to close  its  logfile  and  thus  might  continue  writing
396              (appending)  to  the previous log file forever.  Note that there
397              is a very small time slice between copying the file and truncat‐
398              ing it, so some logging data might be lost.  When this option is
399              used, the create option will have no effect, as the old log file
400              stays in place.
401
402
403       nocopytruncate
404              Do  not truncate the original log file in place after creating a
405              copy (this overrides the copytruncate option).
406
407
408       renamecopy
409              Log file is renamed to temporary filename in the same  directory
410              by adding ".tmp" extension to it.  After that, postrotate script
411              is run and log file is copied from temporary filename  to  final
412              filename.   This allows storing rotated log files on the differ‐
413              ent devices using olddir directive. In the end, temporary  file‐
414              name is removed.
415
416
417       shred  Delete  log  files  using  shred  -u  instead of unlink().  This
418              should ensure that logs are not readable after  their  scheduled
419              deletion; this is off by default.  See also noshred.
420
421
422       noshred
423              Do not use shred when deleting old log files.  See also shred.
424
425
426       shredcycles count
427              Asks  GNU  shred(1)  to  overwrite  log files count times before
428              deletion.  Without this option, shred's default will be used.
429
430
431   Compression
432       compress
433              Old versions  of  log  files  are  compressed  with  gzip(1)  by
434              default.  See also nocompress.
435
436
437       nocompress
438              Old  versions  of  log  files are not compressed.  See also com‐
439              press.
440
441
442       compresscmd
443              Specifies which command to  use  to  compress  log  files.   The
444              default is gzip(1).  See also compress.
445
446
447       uncompresscmd
448              Specifies  which  command  to  use to uncompress log files.  The
449              default is gunzip(1).
450
451
452       compressext
453              Specifies which extension to use on compressed logfiles, if com‐
454              pression is enabled.  The default follows that of the configured
455              compression command.
456
457
458       compressoptions
459              Command line options may be passed to the  compression  program,
460              if  one  is  in  use.  The default, for gzip(1), is "-6" (biased
461              towards high compression at the expense of speed).  If you use a
462              different  compression  command, you may need to change the com‐
463              pressoptions to match.
464
465
466       delaycompress
467              Postpone compression of the previous log file to the next  rota‐
468              tion  cycle.  This only has effect when used in combination with
469              compress.  It can be used when some program cannot  be  told  to
470              close  its logfile and thus might continue writing to the previ‐
471              ous log file for some time.
472
473
474       nodelaycompress
475              Do not postpone compression of the previous log file to the next
476              rotation cycle (this overrides the delaycompress option).
477
478
479   Filenames
480       extension ext
481              Log files with ext extension can keep it after the rotation.  If
482              compression is used, the compression  extension  (normally  .gz)
483              appears  after  ext.   For  example  you  have  a  logfile named
484              mylog.foo and want to rotate it  to  mylog.1.foo.gz  instead  of
485              mylog.foo.1.gz.
486
487
488       addextension ext
489              Log  files are given the final extension ext after rotation.  If
490              the original file already ends with ext, the  extension  is  not
491              duplicated,  but  merely moved to the end, that is both filename
492              and filenameext would get rotated to filename.1ext.  If compres‐
493              sion  is  used, the compression extension (normally .gz) appears
494              after ext.
495
496
497       start count
498              This is the number to use as the base for rotation.   For  exam‐
499              ple, if you specify 0, the logs will be created with a .0 exten‐
500              sion as they are rotated from the original log  files.   If  you
501              specify  9,  log  files will be created with a .9, skipping 0–8.
502              Files will still be rotated the number of times  specified  with
503              the rotate directive.
504
505
506       dateext
507              Archive  old  versions of log files adding a date extension like
508              YYYYMMDD instead of simply adding a number.  The  extension  may
509              be configured using the dateformat and dateyesterday options.
510
511
512       nodateext
513              Do  not  archive  old  versions of log files with date extension
514              (this overrides the dateext option).
515
516
517       dateformat format_string
518              Specify the extension for dateext using the notation similar  to
519              strftime(3)  function.   Only %Y %m %d %H %M %S %V and %s speci‐
520              fiers are allowed.  The default value is -%Y%m%d except  hourly,
521              which uses -%Y%m%d%H as default value.  Note that also the char‐
522              acter separating log name from the  extension  is  part  of  the
523              dateformat  string.   The  system clock must be set past Sep 9th
524              2001 for %s to work correctly.  Note that the datestamps  gener‐
525              ated  by  this  format must be lexically sortable (that is first
526              the year, then the month then the day.  For  example  2001/12/01
527              is  ok, but 01/12/2001 is not, since 01/11/2002 would sort lower
528              while it is later).  This  is  because  when  using  the  rotate
529              option,  logrotate sorts all rotated filenames to find out which
530              logfiles are older and should be removed.
531
532
533       dateyesterday
534              Use yesterday's instead of today's date to  create  the  dateext
535              extension,  so  that the rotated log file has a date in its name
536              that is the same as the timestamps within it.
537
538
539       datehourago
540              Use hour ago instead of  current  date  to  create  the  dateext
541              extension,  so  that the rotated log file has a hour in its name
542              that is the same as  the  timestamps  within  it.   Useful  with
543              rotate hourly.
544
545
546   Mail
547       mail address
548              When a log is rotated out of existence, it is mailed to address.
549              If no mail should be generated by a particular log,  the  nomail
550              directive may be used.
551
552
553       nomail Do not mail old log files to any address.
554
555
556       mailfirst
557              When using the mail command, mail the just-rotated file, instead
558              of the about-to-expire file.
559
560
561       maillast
562              When using the mail  command,  mail  the  about-to-expire  file,
563              instead of the just-rotated file (this is the default).
564
565
566   Additional config files
567       include file_or_directory
568              Reads the file given as an argument as if it was included inline
569              where the include directive appears.  If a directory  is  given,
570              most of the files in that directory are read in alphabetic order
571              before processing of the including  file  continues.   The  only
572              files  which  are  ignored are files which are not regular files
573              (such as directories and named pipes) and files whose names  end
574              with  one  of  the taboo extensions or patterns, as specified by
575              the tabooext or taboopat directives,  respectively.   The  given
576              path may start with ~/ to make it relative to the home directory
577              of the executing user.  For security reasons configuration files
578              must not be group-writable nor world-writable.
579
580
581   Scripts
582       sharedscripts
583              Normally,  prerotate and postrotate scripts are run for each log
584              which is rotated and the absolute path to the log file is passed
585              as first argument to the script.  That means a single script may
586              be run multiple times for log file entries which match  multiple
587              files  (such  as the /var/log/news/* example).  If sharedscripts
588              is specified, the scripts are only run once, no matter how  many
589              logs  match  the wildcarded pattern, and whole pattern is passed
590              to them.  However, if none of the logs in  the  pattern  require
591              rotating,  the  scripts  will not be run at all.  If the scripts
592              exit with error (or any log  fails  to  rotate),  the  remaining
593              actions  will  not  be executed for any logs.  This option over‐
594              rides the nosharedscripts option.
595
596
597       nosharedscripts
598              Run prerotate and postrotate scripts for every log file which is
599              rotated  (this  is  the default, and overrides the sharedscripts
600              option).  The absolute path to the log file is passed  as  first
601              argument  to the script.  The absolute path to the final rotated
602              log file is passed as the  second  argument  to  the  postrotate
603              script.   If  the scripts exit with error, the remaining actions
604              will not be executed for the affected log only.
605
606       firstaction
607           script
608       endscript
609              The script is executed once before all log files that match  the
610              wildcarded  pattern  are rotated, before the prerotate script is
611              run and only if at least  one  log  will  actually  be  rotated.
612              These  directives  may only appear inside a log file definition.
613              The whole pattern is passed to the script as its first argument.
614              If  the  script  exits  with  an error, no further processing is
615              done.  See also lastaction and the SCRIPTS section.
616
617       lastaction
618           script
619       endscript
620              The script is executed once after all log files that  match  the
621              wildcarded  pattern  are rotated, after the postrotate script is
622              run and only if at least one log is rotated.   These  directives
623              may only appear inside a log file definition.  The whole pattern
624              is passed to the script as its first argument.   If  the  script
625              exits  with an error, just an error message is shown (as this is
626              the last action).  See also firstaction and the SCRIPTS section.
627
628       prerotate
629           script
630       endscript
631              The script is executed before the log file is rotated  and  only
632              if  the log will actually be rotated.  These directives may only
633              appear inside a log file  definition.   Normally,  the  absolute
634              path  to  the  log  file  is passed as the first argument to the
635              script.  If sharedscripts is specified,  the  whole  pattern  is
636              passed  to the script.  See also postrotate and the SCRIPTS sec‐
637              tion.  See sharedscripts and nosharedscripts for error handling.
638
639       postrotate
640           script
641       endscript
642              The script is executed after the log  file  is  rotated.   These
643              directives  may  only appear inside a log file definition.  Nor‐
644              mally, the absolute path to the log file is passed as the  first
645              argument  to  the  script  and  the  absolute  path to the final
646              rotated log file is passed as the second argument to the script.
647              If  sharedscripts  is  specified, the whole pattern is passed as
648              the first argument to the script, and  the  second  argument  is
649              omitted.   See  also  prerotate  and  the  SCRIPTS section.  See
650              sharedscripts and nosharedscripts for error handling.
651
652       preremove
653           script
654       endscript
655              The script is executed once just before removal of a  log  file.
656              logrotate will pass the name of file which is soon to be removed
657              as the first argument to the script. See  also  firstaction  and
658              the SCRIPTS section.
659
660

SCRIPTS

662       The  lines  between the starting keyword (e.g. prerotate) and endscript
663       (both of which must appear on lines by themselves) are executed  (using
664       /bin/sh).   The script inherits some traits from the logrotate process,
665       including stderr, stdout, the current directory, the  environment,  and
666       the  umask.   Scripts are run as the invoking user and group, irrespec‐
667       tive of any su directive.   If  the  --log  flag  was  specified,  file
668       descriptor 3 is the log file.
669
670

FILES

672       /var/lib/logrotate/logrotate.status   Default state file.
673       /etc/logrotate.conf                   Configuration options.
674
675
676

SEE ALSO

678       chmod(2),  gunzip(1),  gzip(1),  mail(1),  shred(1),  strftime(3), str‐
679       toul(3), <https://github.com/logrotate/logrotate>
680
681

AUTHORS

683       Erik Troan, Preston Brown, Jan Kaluza.
684
685       <https://github.com/logrotate/logrotate>
686
687
688
689
690Linux                               3.17.0                        LOGROTATE(8)
Impressum