Find the answer to your Linux question:
Results 1 to 9 of 9
Hi all, I'm trying to write a script to manage log files (a program that we use generates a copious amount of log data and so we only want to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2011
    Posts
    6

    Execute a script as a superuser without using a password


    Hi all, I'm trying to write a script to manage log files (a program that we use generates a copious amount of log data and so we only want to keep 3 days worth of files) so I tried to set up a script that will copy off the log and then remake the log file. My problem is that the directory of the log files requires sudo to make modifications to. I'm trying to get the script to run nightly though using cron and I want it to be able to do its thing without the need for user input.

    So my question is this, how can I get the script to run with the admin ability to modify directories without the need for a password.

    This script will be buried deep within a server architecture so even if there's a way to hardcode a username and password is fine, as there will be lots of other securities on the outside.

    Any help or clues will be greatly appreciated,
    Thanks

  2. #2
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,440
    The standard logrotate comes to mind.
    And for copying logs to another machine, rsyslog offers quite sophisticated features.

    The combination of logrotate and rsyslog should be enough to fulfill your requirements.
    Plus you dont have to develop, maintain and deploy something, but just take care of some config files.
    You must always face the curtain with a bow.

  3. #3
    Just Joined!
    Join Date
    Jul 2011
    Posts
    6
    Thanks for the reply, I looked at logrotate already but there was some reason I put that aside, I may not know enough about setting that up but I'll check it again.

    Thanks

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Jul 2011
    Posts
    6
    So if I understand this right I set up the logrotate configuration file and then have my crontab execute the command to run the logrotate nightly?

  6. #5
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,440
    The rpm of logrotate will already establish an appropiate daily cronjob, so that you can concentrate on which files you want to rotate, by which criteria and you can also define additional actions.
    You must always face the curtain with a bow.

  7. #6
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,440
    Apart from the obvious -man pages - this looks nice as an introduction:
    Slicehost Articles: Understanding logrotate on RHEL - part 1
    You must always face the curtain with a bow.

  8. #7
    Just Joined!
    Join Date
    Jul 2011
    Posts
    6
    Something that I'm seeing with logrotate is something that I saw as well, after the logrotation I need to restart my application for it to start logging again. Right now the application requires sudo authentication to start is the proper method of overcoming this to allow all users to restart the application or how would I get this application to restart automatically after the logs swap.

  9. #8
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,440
    Thatīs what the "postrotate.. endscript" section is for.
    logrotate usually runs as root, so sudo is not neccessary.
    Maybe su, if that daemon completely runs as a regular user and doesnt need root resources such as ports <1024

    Also, it may be sufficient to send a SIGHUP.
    It is not uncommon, that daemons will reopen their logfiles after that.
    This is preferred to a stop/start, as there is no break and it takes less ressoures.
    You must always face the curtain with a bow.

  10. #9
    Just Joined!
    Join Date
    Jul 2011
    Posts
    6
    Thanks again for all your insight.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •