HardenedBSD/etc/newsyslog.conf
Eitan Adler 0722b4b00e [etc] Update newsyslog.conf default comment
Remove line about allowed flags. It was missing 'pRTY' and is duplicative
of the man page. It didn't describe the flags in any detail to help
remind users of how to configure newsylog.
2018-05-03 00:57:19 +00:00

36 lines
1.6 KiB
Plaintext

# configuration file for newsyslog
# $FreeBSD$
#
# Entries which do not specify the '/pid_file' field will cause the
# syslogd process to be signalled when that log file is rotated. This
# action is only appropriate for log files which are written to by the
# syslogd process (ie, files listed in /etc/syslog.conf). If there
# is no process which needs to be signalled when a given log file is
# rotated, then the entry for that file should include the 'N' flag.
#
# Note: some sites will want to select more restrictive protections than the
# defaults. In particular, it may be desirable to switch many of the 644
# entries to 640 or 600. For example, some sites will consider the
# contents of maillog, messages, and lpd-errs to be confidential. In the
# future, these defaults may change to more conservative ones.
#
# logfilename [owner:group] mode count size when flags [/pid_file] [sig_num]
/var/log/all.log 600 7 * @T00 J
/var/log/auth.log 600 7 1000 @0101T JC
/var/log/console.log 600 5 1000 * J
/var/log/cron 600 3 1000 * JC
/var/log/daily.log 640 7 * @T00 JN
/var/log/debug.log 600 7 1000 * JC
/var/log/init.log 644 3 1000 * J
/var/log/kerberos.log 600 7 1000 * J
/var/log/maillog 640 7 * @T00 JC
/var/log/messages 644 5 1000 @0101T JC
/var/log/monthly.log 640 12 * $M1D0 JN
/var/log/devd.log 644 3 1000 * JC
/var/log/security 600 10 1000 * JC
/var/log/utx.log 644 3 * @01T05 B
/var/log/weekly.log 640 5 * $W6D0 JN
<include> /etc/newsyslog.conf.d/*
<include> /usr/local/etc/newsyslog.conf.d/*