Periodically send commands executed by ** cron ** (that is, commands set with ** crontab -e **) to ** /var/log/cron.log ** using the ** rsyslog ** service. After setting to write to, this log file will be written forever, and I wondered if the capacity would grow, so the process of regularly clearing the ** / var / log / cron.log ** file I decided to set it with ** cron **.
Ubuntu 16.04.5 LTS
I just want to delete the log file and let cron schedule the following command. Sure, it deleted the log file, but it turns out that the log file will never be created unless the rsyslog service is restarted. Moreover, it cannot be deleted without root privileges. Therefore, this method is dead.
rm /var/log/cron.log
** / var / log / cron.log ** Even if I clear the contents and make it a 0KB empty file while leaving the file, it turns out that writing is not possible without root privileges.
cp /dev/null /var/log/cron.log
By editing ** visudo **, it turned out that the command with sudo specified can be executed by cron, so I will try it.
sudo visudo
On Ubuntu, when you view visudo, ** nano ** will start by default, so change it to ** vim **.
sudo update-alternatives --config editor
Reference article https://qiita.com/koara-local/items/35b999631b6ab41fdc9f
In my environment, there are two vims, ** vim.nox ** and ** vim.tiny **, but since vim.nox is displayed by the following command, select vim.nox. I will do it. (Select 3 on the screen)
ls -l /etc/alternatives/vi
/etc/alternatives/vi -> /usr/bin/vim.nox
After changing to vim.nox, check again that it has changed.
sudo update-alternatives --config editor
It is now displayed in vim instead of nano.
sudo visudo
There are two ways to edit visudo, one is to edit visudo directly, and the other is to create a ** drop-in ** without touching visudo. The following command will search for one file and one directory. When you edit visudo, the ** / etc / sudoers ** file is edited, but if you set the file with only the lines you want to edit under the directory ** / etc / sudoers.d **, the sudoers file will be edited. It seems that the drop-in mechanism allows you to customize without touching it. Some people recommend drop-in, but I decided to edit visudo directly.
ls /etc | grep sudo
Reference article https://www.teradas.net/archives/13222/
Reference article https://www.bloguchi.info/1846 https://www.crossl.net/blog/crontab/
When I googled, ** Defaults: user requiretty ** is described by default, so please describe ** Defaults: user! requiretty ** and disable ** Defaults: user requiretty **. However, in RedHat distributions, ** Defaults: user requiretty ** is described by default, but in Debian distributions, this is not described by default. Certainly, it wasn't in my environment.
sudo visudo
So, add only this one line. Find the path to the ** cp ** command with ** which cp **.
user ALL=(root) NOPASSWD: /bin/cp
Reference article https://orebibou.com/2017/06/sudo%E3%81%A7%E8%A6%9A%E3%81%88%E3%81%A6%E3%81%8A%E3%81%8F%E3%81%A8%E4%BE%BF%E5%88%A9%E3%81%AA%E8%A8%AD%E5%AE%9A%E3%83%BB%E4%BD%BF%E3%81%84%E6%96%B9/#Defaults
** crontab -e **, testly add this one line with sudo.
*/1 * * * * sudo cp /dev/null /var/log/cron.log
Certainly, I was able to confirm that the file size was small. (It was confirmed that the command with sudo was executed)
ls -l /var/log/cron.log
C'est fini :sweat_smile:
Recommended Posts