chingyenccy 02-27-2005 08:54 AM

Deleted /var/log/messages, can't log any files-iptables
I have deleted the /var/log/messages file where all the log messages go into, and now when I do
#iptables -A INPUT -j LOG
the log file is empty. I have recreated an empty file'messages' at the same location, but none of my log files seems to go into it. Or do I have to changemode of the file?


Hangdog42 02-27-2005 09:03 AM

Delete the file you created and tehn try running logrotate -f as root and that should re-create the missing messages file.

chingyenccy 02-27-2005 09:14 AM

I have tried that, but the file is still missing.. I got this when I did logrotate -f

logrotate 3.6.8 - Copyright (C) 1995-2001 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License

Usage: logrotate [-d|--debug] [-f|--force] [-m|--mail command]
[-s|--state statefile] [-v|--verbose] [-?|--help] [--usage]
[OPTION...] <configfile>

please help!

Hangdog42 02-27-2005 09:51 AM


When you see that word, it means that you haven't entered the command correctly. In this case, I should have been more complete in my answer. My apologies. In the future, when you see that Usage word, it us usually worth a quick look at the man page for that command to see what is missing.

What is missing is the path to the logrotate config file (logrotate.conf) which logrotate needs in order to do its thing. So the actualy complete command is

logrotate -f /path/to/logrotate.conf

On my system, logrotate.conf is in /etc so I would use logrotate -f /etc/logrotate.conf. However, your distro may put it somwhere else so have a look for it.

chingyenccy 02-27-2005 10:05 AM

Thank you so much for your kind reply, it has worked, the file was recovered. Thanks a LOT!

acid_kewpie 02-27-2005 11:54 AM

i don't understand this thread at all....

/var/log/messages will be created on demand if it doesn't exist.... logrotate may well create it, but you don't need to do anything at all. there was no problem in the first place.

Hangdog42 02-27-2005 02:03 PM


there was no problem in the first place.
Well, if you take his first post at face value, there was a problem in that iptables was no longer logging entries into the messages file he created and didn't appear to be creating a functional one. I don't know about you, but I have a tough time reading minds around here so I just told him a way to create a functional messages file. If the system would have made one on its own, well then bully for the system, but chingyenccy seems to be please with the answer I gave him.

LasseW 02-27-2005 05:03 PM

I think the problem was that message was removed while being kept open by the syslog daemon. To recover from that you can restart the daemon, which is probably what running logrotate did. To empty the file without removing it, use


