From 50d480bd78df4070b82c647c6dfa94f3edd93cf5 Mon Sep 17 00:00:00 2001 From: Stefan Kangas Date: Sun, 27 Feb 2011 06:23:56 +0100 Subject: Add logging configuration. --- fripost-docs.org | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/fripost-docs.org b/fripost-docs.org index f61e51b..9d0f33e 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -714,6 +714,37 @@ TODO: add the necessary configuration files - sudo apt-get install apache2 +** Logging +*** Overview +We want to limit how much we log for privacy reasons. At the same time we want +to be able to debug technical problems and detect intrusions. + +For the webmail, we only log messages of priority warn or higher. +*** Configuration + + :: /etc/rsyslog.conf + + *.*;auth,authpriv.none;mail.err -/var/log/syslog + +# NOTE: /var/log/mail.{err,warn} can be kept at the default +# values since they do not contain any sensitive information. + :: /etc/logrotate.d/rsyslog + + /var/log/mail.log + /var/log/mail.info + { + rotate 3 + daily + missingok + ifempty + compress + delaycompress + sharedscripts + postrotate + invoke-rc.d rsyslog reload > /dev/null + endscript + } + ** Necessary stuff to fix for security *** Bacula for backups Also has tripwire-like capabilities. -- cgit v1.2.3