The following warnings occurred:
Warning [2] count(): Parameter must be an array or an object that implements Countable - Line: 906 - File: showthread.php PHP 7.2.34 (Linux)
File Line Function
/showthread.php 906 errorHandler->error



Thank you for your donation!


Cloudsmith graciously provides open-source package management and distribution for our project.


Log Files
#1
Has something changed semi-recently with how moOde handles logging? As early as last year I distinctly remember /var/log filling up the log files as usual, but sometime in that last few months, maybe,  a large portion of the system logs have been routinely getting nulled. I have two up-to-date moOde systems running and they display virtually the exact same behavior.

Is this a feature or a bug ? Big Grin
-if it's deliberate, I get it it but specifically auth.log bothers me and it only ever contains a few hours worth of data with no archives.
Or is something dubious going on?


Nulled files always show the same modification time. Here's a ls -la output:
Code:
-rw-r-----  1 root     adm       35437 Apr 26 08:28 daemon.log
-rw-r-----  1 root     adm        1742 Apr 26 08:13 debug
-rw-r--r--  1 root     root          0 Apr 26 06:25 dpkg.log
-rw-r--r--  1 root     root          0 Apr 26 06:25 faillog
-rw-r--r--  1 root     root       1725 Nov 25 05:36 fontconfig.log
-rw-r-----  1 root     adm       31277 Apr 26 08:13 kern.log
-rw-rw-r--  1 root     utmp     292292 Apr 26 08:19 lastlog
-rw-r-----  1 root     adm       28452 Apr 26 08:13 messages
 Interestingly this also shows the weird behavior where sometimes kern.log is empty and sometimes it's not. usually it is though. 


Output from my other pi:

Code:
-rw-r-----  1 root     adm            0 Apr 26 06:14 kern.log
-rw-rw-r--  1 root     utmp      292292 Apr 26 08:40 lastlog
drwxr-x---  2 www-data www-data    4096 Apr 26 00:00 lighttpd
-rw-r-----  1 root     adm            0 Apr 26 06:14 messages
-rw-r--r--  1 minidlna minidlna       0 Apr 26 06:14 minidlna.log



I know heavy R/W's on SD card can reek havoc, but I have been using high endurance cards for over a year without any issues. 

Thoughts? Concerns?

Edit: Actually it looks like this is a cron job or something like that based on the first commands and the beginning of auth.log :

Code:
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session closed for user root
Apr 26 06:14:28 moOde sudo:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/sqlite3 /var/local/www/db/moode-sqlite3.db vacuum
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session closed for user root
Apr 26 06:14:28 moOde sudo:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/df
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session closed for user root
Apr 26 06:14:28 moOde sudo:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/find /var/www -type l -delete
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session closed for user root
Apr 26 06:14:28 moOde sudo:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/ln -s /var/lib/mpd/music/ /var/www/7052027
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 26 06:14:28 moOde sudo: pam_unix(sudo:session): session closed for user root
 
Same modification times.....anyway just curious because it caught me off guard.
Reply


Messages In This Thread
Log Files - by moodkim - 04-26-2020, 06:43 PM
RE: Log Files - by Tim Curtis - 04-26-2020, 07:25 PM
RE: Log Files - by moodkim - 04-26-2020, 07:41 PM

Forum Jump: