dnsmasq + logrotate config, Debian 9 (stretch)
It's been a while since I got really into the weeds with my network setup. After not thinking about it for a while, I got an alert for disk usage.
So I come back to this:
Whoops. Oh yeah – this was when I was tinkering with dnsmasq to do some overly complex stuff to see if I can do it. I turned on super verbose logging for this gateway and then apparently didn't turn it off. Then forgot to rotate those logs.
This was not what I planned to deal with today, but since this is surprisingly the only service I have to manually configure logrotate for, I'm putting the config here for reference – mostly my own.
Running Debian right now and using a default installation of logrotate, I have the following in dnsmasq.conf
:
# /etc/dnsmasq.conf
...
log-facility=/var/log/dnsmasq.log
...
Assuming global configs for logrotate are in /etc/logrotate.conf
, and has directives to include
files in /etc/logrotate.d/
, here's the config that I'm using now:
# /etc/logrotate.d/dnsmasq:
/var/log/dnsmasq.log {
monthly
missingok
notifempty
maxsize 5M
rotate 14
delaycompress
create 0640 dnsmasq root
sharedscripts
postrotate
[ ! -f /var/run/dnsmasq.pid ] || kill -USR2 `cat /var/run/dnsmasq.pid`
endscript
}
💡 To debug a specific configuration (e.g. dnsmasq) in dry-run mode:
Note: Doing this will bypass any global configs in logrotate.conf
logrotate --debug /etc/logrotate.d/dnsmasq
💡 To debug your general/default logrotate configuration in dry-run mode:
logrotate --debug /etc/logrotate.conf
💡 To force logrotate to run, ignoring all configurations' criteria for rotation:
logrotate --verbose --force /etc/logrotate.conf
S'all for now!
Bonus update after 6 hours:
So I didn't actually delete that giant logfile because I love data and have a hard time letting go. Instead, I compressed the hell out of it and will probabaly never actually look at it. It took six hours, but tada... 🎉 a 95% reduction! Compression (xz) + one-off logs = ❤
root@px01:/var/log# xz --verbose dnsmasq.log.1
dnsmasq.log.1 (1/1)
100 % 2,636.8 MiB / 53.0 GiB = 0.049 2.5 MiB/s 5:56:53
xz: dnsmasq.log.1: File seems to have been moved, not removing
root@px01:/var/log# ls -lAth | grep dns
-rw-r-x--- 1 dnsmasq root 2.6G Sep 28 17:33 dnsmasq.log.1.xz
-rw-r-x--- 1 dnsmasq root 53G Sep 28 17:33 dnsmasq.log.2
💡Tip: The -h
and -t
in ls -lAth
means "h
uman readable, sort by modified t
ime".