Where should an /opt package write logs

fhslogs

I am installing a custom package to /opt/package_name, storing configuration files in /etc/opt/package_name and static files in /var/opt/package_name/static/ – all following the conventions suggested by FHS. [1] [2] [3]

I also need to store some logfiles. I want them to be discoverable by analysis tools, so they should also be in a conventional location. Should these go in:

/var/log/package_name (like a system package, even though this is a custom package)
/var/opt/package_name/log (following the /var/opt convention – but is this discoverable?)
something else?

Best Answer

I would place them in /var/log/package_name; it satisfies the principle of least surprise better than /var/opt/package_name/log. I don't have a citation for this; it simply matches where I'd look for logs.

I might also forego writing my own log files, and instead log to syslog with an appropriate tag and facility; if I'm looking for clean integration with established analysis tools, I don't believe I can do better for a communications channel:

Every generic tool with "log analysis" as a listed feature already watches syslog.
Log file release and rotation semantics are handled for me; I don't have to set up a mechanism for logrotate to tell me to let go of the file and open a new one. I don't even have to tell logrotate about new files to rotate!
Offloading logs to central logging servers is handled for me, if the site demands it; Existing established tools like rsyslog will be in use if needed, so I don't have to contemplate implementing that feature myself.
Access controls (POSIX and, e.g. SELinux) around the log files are already handled, so I don't need to pay as much attention to distribution-specific security semantics.

Unless I'm doing some custom binary format for my log and even then, I prefer syslog-friendly machine-parseable text formats like JSON. I have a hard time justifying my own separate log files; analysis tools already watch syslog like a hawk.

System rotation

To setup a logrotation within the system's pre-existing ones simply add a new file to the directory /etc/logrotate.d. Call it railsapp.conf. I'd use the other examples there to construct it. Also confrere with the logrotate man page.

User rotation

If you want to run your own instance of logrotate you only have to provide it with command line switches to do so.

First make a copy of /etc/logrotate.conf /root/rails_logrotate.conf
Edit the file so that it has the log rotation configured the way you want (i.e. keep all logs, rotate weekly, etc.)
Run it
```
# 1st time
$ logrotate -d -f -s $HOME/my_logrotate.state logrotate.conf

# afterwards
$ logrotate -d -s $HOME/my_logrotate.state logrotate.conf
```
If things look OK you can re-run these commands without the -d switch. This is for debugging purposes only and won't actually do any of the tasks, merely show you what it WOULD do.
```
$ logrotate -s $HOME/my_logrotate.state logrotate.conf     
```
You could also use the -v switch to make it verbose, similar to the output seen when using the -d switch.

Example

Start with this log file.

$ dd if=/dev/zero of=afile bs=1k count=10k
10240+0 records in
10240+0 records out
10485760 bytes (10 MB) copied, 0.0702393 s, 149 MB/s

$ ll afile
-rw-rw-r-- 1 saml saml 10485760 Aug  6 14:37 afile

$ touch -t 201307010101 afile
$ ll afile
-rw-rw-r-- 1 saml saml 10485760 Jul  1 01:01 afile

Now run logrotate

$ logrotate -v -f -s $HOME/my_logrotate.state logrotate.conf
reading config file logrotate.conf
reading config info for /home/saml/afile 

Handling 1 logs

rotating pattern: /home/saml/afile  forced from command line (1 rotations)
empty log files are rotated, old logs are removed
considering log /home/saml/afile
  log needs rotating
rotating log /home/saml/afile, log->rotateCount is 1
dateext suffix '-20130806'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
glob finding old rotated logs failed
renaming /home/saml/afile to /home/saml/afile-20130806
creating new /home/saml/afile mode = 0664 uid = 500 gid = 501

Check the results

$ ll afile*
-rw-rw-r-- 1 saml saml        0 Aug  6 14:40 afile
-rw-rw-r-- 1 saml saml 10485760 Jul  1 01:01 afile-20130806

Weekly Cron

To make this run every Sunday you could create the following crontab entry for the root user.

$ crontab -e

Add the following lines:

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed
0 0 * * sun logrotate -v -f -s $HOME/my_logrotate.state $HOME/logrotate.conf

Then save the above.

You can also use these types of shortcuts instead of specifying the actual days, mins, secs, etc.

string         meaning
------         -------
@reboot        Run once, at startup.
@yearly        Run once a year, "0 0 1 1 *".
@annually      (same as @yearly)
@monthly       Run once a month, "0 0 1 * *".
@weekly        Run once a week, "0 0 * * 0".
@daily         Run once a day, "0 0 * * *".
@midnight      (same as @daily)
@hourly        Run once an hour, "0 * * * *".

Best Answer

Related Solutions

Debian – Why did the package get installed to /opt

Rails App Logs – How to Rotate Log Files Automatically or Manually

System rotation

User rotation

Example

Weekly Cron

References

Related Question