[CentOS] xferlog not rotating.

Sat May 21 16:02:08 UTC 2011
Lamar Owen <lowen at pari.edu>

On Friday, May 20, 2011 10:43:10 AM Ray Van Dolson wrote:
> On Fri, May 20, 2011 at 10:44:49AM -0400, Steven Crothers wrote:
> > It's a bit funny that logrotate is difficult to fix for you...
> > considering you have "System Engineer Sr. Professional" in your
> > signature...
> This gave me a chuckle. :)  Ah, the advantage of being a consultant or
> working at a tiny company where you can assign your own titles!

The company in question is not small.

As logrotate under linux is somewhat niche, it is not surprising that an otherwise very experienced person may not be familiar with it.  That and the fact the the logrotate script to rotate the vsftpd.log is.... 

Wait a cotton-picking minute.  Why is vsftpd writing to /var/log/xferlog in the first place, and not /var/log/vsftpd.log?

I have one machine on CentOS 4.9, and it exhibits a similar symptom.  In /etc/vsftpd/vsftpd.conf, the following lines appear:
# You may override where the log file goes if you like. The default is shown
# below.

But I see the logging in /var/log/xferlog, and in fact on this system (which is taking 35-40 ftp transfers per minute from weather station software for five weather stations, along with a seismometer and some other instruments) there is no /var/log/vsftpd.log file.

So there is an error in the configuration of the vsftpd package on CentOS 4.9 (and I presume on upstream EL4.9) that sends the log to the wrong file, and doesn't set up to rotate xferlog.

Now, one of my C5.6 boxen is set up with /etc/vsftpd/vsftpd.conf:
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
which matches observed behavior.

But why didn't the packager change the name of the logrotate script?  Furthermore, the packager even went as far as leaving the lines for vsftpd.log in place, and adding the xferlog stanza.  Perhaps the packager should have made a symlink  /etc/logrotate.d/xferlog pointing the the correct file as well?

Pati, to check to see if it's rotating the files at all, if you do an 
ls -l /var/log/xferlog*
do you see something like:
# ls -l /var/log/xferlog*
-rw------- 1 root root 0 May 15 04:02 /var/log/xferlog
-rw------- 1 root root 0 May  8 04:02 /var/log/xferlog.1
-rw------- 1 root root 0 May  1 04:02 /var/log/xferlog.2
-rw------- 1 root root 0 Apr 24 04:02 /var/log/xferlog.3
-rw------- 1 root root 0 Apr 17 04:02 /var/log/xferlog.4
?  (yeah, this machine isn't heavily used for ftp; its the C4.9 box that gets loaded.  And this is a good reminder for me to fix my own logrotate scripts on that box.... :-) ).

But to deride a person for not following the arcana of a confusingly named log file and with the package in a somewhat confusing state when it comes to the logrotate script's naming, among other things.... well, it's just not professional.