/var/log/daemon.log taking more space how to reduce it? - linux

below are the files
-rw-r----- 1 root adm 4.4G Mar 6 09:04 daemon.log
-rw-r----- 1 root adm 6.2G Mar 1 06:26 daemon.log.1
-rw-r----- 1 root adm 50M Feb 23 06:26 daemon.log.2.gz
-rw-r----- 1 root adm 41M Feb 17 06:25 daemon.log.3.gz
-rw-r----- 1 root adm 72K Feb 9 06:25 daemon.log.4.gz
how can I remove it? will it affect if I directly delete it?
Thanks in advance.

Best way to manage the logs would be to use Logrotate
This is Serhii's comment on your other similar question:
Have a look at this Logrotate tutorial
linode.com/docs/uptime/logs/use-logrotate-to-manage-log-files. You can
use size to force log rotation when it grows bigger than the
specified [value], also you can use rotate to control how many
times a log is rotated before old logs are removed (If you set it to
0 logs will be removed immediately after they are rotated).
You can delete the logs but depending on the software you're running - if some of it needs some part of logs or utilises them in any way - if you delete them it will stop working as intended.
You can also have a look at the logs and analyse them to see which software writes the most data and try to reconfigure it so the number of logs info generated will drop significantly. That - combined with logrorate should yield satisfactory results.
And if that's not enough you can store your logs in a bucket and mount it as a disk in your VM's filesystem. That way any software installed on your VM will be able to write to it.
But this will incur some charges for using the bucket storage so keep that in mind.

Related

what happens if I create a file using vim in /dev directory. How the file will be created as the /dev is not standard file system

What happens if I create a file using vim in the /dev directory. How will the file be created as the /dev is not a standard file system. I can see a file being created but standard Kernel file operation create was not called. Now I am not sure how this file was created by kernel. Will it use some udev bound Kernel API to create this file.
Note : I can see the file in /dev after creation. Look at the ls output below.
crw-rw-rw- 1 root tty 5, 0 Aug 24 17:32 tty
-rw-r--r-- 1 root root 35 Aug 24 17:37 abc
-rw-r--r-- 1 root root 0 Aug 24 17:37 ght
-rw-r--r-- 1 root root 0 Aug 24 17:51 ioiu
I want to find this out to determine what will happen if some illegal SW forcefully writes to /dev directory , how can I find that out.
If you try in MacOS it won't work even as root.
If you try in CentOS 8 it will work if you're root.
Other Linux flavors your mileage may vary.
It is a very interesting directory that highlights one important aspect of the Linux filesystem - everything is a file or a directory.
Example
[root]# date > /dev/date
[root]# cat /dev/date
Tue Aug 24 19:13:04 UTC 2021
All that being said, your concern about nefarious software creating a file in this specific directory seems too specific. If the software has the ability to write to /dev it can write to anywhere and hide in plain site. If you're really concerned about this, install a file integrity monitoring (FIM) package to monitor file CRUD.
References
dev filesystem

kafka remove content from topic index files

I am testing kafka integration with spark as consumer. For debugging , have set-up log.retention.minutes = 2 in server.properties which cleans up .log file every 2mins. But .index file is not cleaned up
[cloudera#quickstart airline1-1]$ ls -l
total 0
-rw-r--r-- 1 root root 10485760 Apr 29 15:08 00000000000000000101.index
-rw-r--r-- 1 root root 0 Apr 29 15:08 00000000000000000101.log
-rw-r--r-- 1 root root 10485756 Apr 29 15:08 00000000000000000101.timeindex
Wondering why .index files are not cleaned up. Any insight would be helpful to understand what's happening in the background.
Also please share recommended approach to clean up log and index during testing. Found many google links referring to stop kakfa server -> remove topic partition files -> Restart kafka. But not inclined towards this approach , it could impact offsets state maintained in zookeeper.
Thanks very much!

Is it better for php-fpm Unix Socket in ephemeral storage or EBS?

I'm trying to tune my EC2 performance. One of it is to utilize the ephemeral storage for all I/O. For php-fpm, I'm utilizing unix socket instead of tcp/ip since everything is local. Considering EBS storage only has 24 IOPS (for 8GB), I'm wondering if it's better to move the php-fpm socket to ephemeral storage. Is there any I/O activity inside the unix socket file since the file size is always 0
[root# php-fpm]# ls -al
total 12
drwxr-xr-x 2 root root 4096 Aug 5 19:37 .
drwxr-xr-x 16 root root 4096 Aug 7 03:27 ..
-rw-r--r-- 1 root root 4 Aug 5 19:37 php-fpm.pid
srw-rw-rw- 1 nginx nginx 0 Aug 5 19:37 php-fpm.sock
EBS is a network based service, so every single operation depends on Network. The docs say:
An Amazon EBS volume is off-instance storage that can persist independently from the life of an instance.
Consider Ephemeral storage for your socket. If you use EBS, don't forget to allocate all disk with disk dupe before first use:
dd if=/dev/zero of=/dev/xvdf bs=1M
But don't do it on the root / disk, just on extra EBS disk if you prefer to use that.
P.S. How to warm up EBS, please read all details in the official docs.

Apache umask setting not working properly

I want files created by Apache to have 660 permissions, so I added the line "umask 007" to the file "/etc/sysconfig/httpd" and it works MOST of the time (as weird as that sounds).
For example, these files were created by Apache and the first one has the correct permissions, but the others don't.
-rw-rw---- 1 apache psacln 0 Aug 4 17:20 timthumb_cacheLastCleanTime.touch
-rw------- 1 apache psacln 124670 Aug 4 17:46 timthumb_int_00d3cbe9ad96f30121f17bbe1a92b42e.timthumb.txt
-rw------- 1 apache psacln 290077 Aug 4 18:27 timthumb_int_02d34e93c41599570c5302d6a08c8ba6.timthumb.txt
I'm not sure what to look for in order to fix this as it seems the UMASK setting is being ignored for some files. The problem here is that the FTP user (member of the psacln group) can't read the files that don't have group read permissions (because for security reasons I don't want to give permissions to "others").
Let me know if you have any idea why this may be happening.
umask controls which file permissions are set for files and directories when they are created. Most probably there is a code that is changing the permissions after the creation.

Database backups not writing to disc, not enough space?

I just inherited an AIX project which I know very little about. I have a cronjob that has been failing for a few days now that does a full backup of my database(db2). Looking at the logs, I'm seeing this:
SQL2419N The target disk "/home/dbtmp/backups" has become full.
When checking out this directory:
(/var/spool/cron)> df -g /home/dbtmp
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/dbtmplv 10.00 0.96 91% 85 1% /home/dbtmp
The size of the previous backups:
(/var/spool/cron)> ll /home/dbtmp/backups
total 18365248
-rw------- 1 hsprd cics 4411498496 Feb 12 18:01 HSPRD.0.hsprd.NODE0000.CATN0000.20130212180036.001
-rw------- 1 hstrn cics 874287104 Feb 12 18:08 HSTRN.0.hstrn.NODE0000.CATN0000.20130212180747.001
-rw------- 1 hstst cics 3242835968 Feb 12 18:05 HSTST.0.hstst.NODE0000.CATN0000.20130212180443.001
What options to I have to fix this? Thank you.
As you can see, the size of your backup files exceeds the free space on the device. You need a larger device.

Resources