If you need to figure out what happened during the installation of a package, the information is there.
This file is unlikely to contain any information that would affect your privacy. Maybe some edge cases such as which mirror you downloaded a few files from, which could reveal your broad geographical location. But other system logs have far more detailed information, so this is irrelevant unless you've done a lot of scrubbing already (in which case, just include this file in your scrubbing).
The size of the file is insignificant by today's standards (and even by yesterday's).
The location of the file is determined by the APT settings Dir::Log
(default: /var/log/apt
) and Dir::Log::Terminal
(default: term.log
). If you set this option to an empty string in /etc/apt/apt.conf
(Dir::Log::Terminal ""
), the log file won't be created. But again, that's pointless.
Creating the file manually won't do anything: if the logging system wants to use the file, it will create it.
Perhaps as part of the package installation or perhaps as part of some other configuration, you've somehow changed the configuration of your logging system. By default, Debian uses sysklogd, configured via /etc/syslog.conf
, and auth.log
comes from a line
auth,authpriv.* /var/log/auth.log
Maybe you modified /etc/syslog.conf
, or maybe you switched to rsyslog (which is a lot more powerful than sysklogd, but also bigger and more complex.
Best Answer
I’ll start by saying I don’t think doing away with logs is a good idea, but it’s your system and you’re free to do what you want on it.
Logs aren’t supposed to be relied upon by programs, and in fact they might not even be accessible — it is possible to configure logging such that logs go to a remote system. So it’s safe to delete log files, you won’t lose functionality as a result (beyond no longer being able to see what happens on your system after the fact, of course).
There are however a couple of files in
/var/log
which are read by certain programs, and aren’t quite log files: on Debian,/var/log/btmp
and/var/log/wtmp
, which log user logins and logouts. If you don’t care about thelast
program, and its relatives, then you can delete those files too.Ideally you should configure your programs to not log to disk at all; in most cases, that involves configuring your system logger (
syslog
,rsyslog
, systemd, etc.). Note too that deleting logs won’t recover the underlying disk space if the log files are open elsewhere (e.g. being written to by a long-running process); if you disablelogrotate
the logs will never be restarted and they are liable to grow indefinitely, despite there being no corresponding file visible on disk.