电脑技术学习

Solaris安全手册

dn001

  55 23 * * 6 /secure/rotate_log -L /var/log -c -m 600 -M 400 -c -s -n 40 locallog

  55 23 * * 6 /secure/rotate_log -L /var/log -c -m 600 -M 400 -c -s -n 20 newslog

  55 23 * * 6 /secure/rotate_log -L /var/log -c -m 600 -M 400 -c -s -n 40 userlog

  55 23 * * 6 /secure/rotate_log -L /var/log -c -m 600 -M 400 -c -s -n 10 lprlog

  55 23 * * 6 /secure/rotate_log -L /var/log -c -m 600 -M 400 -c -s -n 20 maillog

  # Reset syslog daemon

  0,15,30 0 * * 0 kill -HUP `cat /etc/syslog.pid`

  为了你自己使用上面的条目请在root cron中使其他的log修剪(pruning)无效:

  #10 3 * * 0,4 /etc/cron.d/logchecker

  #10 3 * * 0 /usr/lib/newsyslog

  #15 3 * * 0 /usr/lib/fs/nfs/nfsfind

  #1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1

  #30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean

  Pruning of login & other logs:

  ## Empty login/logout records at year end

  0 0 31 12 * /secure/wtrim.pl wtmp

  0 0 31 12 * /secure/wtrim.pl wtmpx 20

  # Solaris 2.x logs:

  0 4 * * 6 /secure/rotate_log -L /var/adm -c -m 640 -M 440 -c -s -n 30 loginlog

  0 4 * * 6 /secure/rotate_log -L /var/adm -c -m 640 -M 440 -c -s -n 30 sulog

  0 4 * * 6 /secure/rotate_log -L /var/adm -c -m 640 -M 440 -c -s -n 2 vold.log

  0 4 * * 6 /secure/rotate_cron

  crons

  删除不需要的crons:rm /var/spool/cron/crontabs/{lp,sys,adm}

标签: