LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 05-07-2014, 01:03 PM   #1
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Rep: Reputation: Disabled
Can these services be killed?


I am using a server owned by another company. I am getting close to my server's MB allocation. I asked them these questions, but I am suspicious of their non-answer because I know that they would rather sell me up to something larger.

I am wondering if one or more od these service ram hogs could be killed. One seems to have to do with multiple user logins. I have 3 users, all my own.

The service: console-kit-dae

The other one supposedly has something to do with enhanced logging.

The service: rsyslogd

Anyone know if either or both of these are completely necessary?

Thanks.
 
Old 05-07-2014, 01:19 PM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Raleigh, NC
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,861
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
rsyslog is the system logging utility. You generally don't want to disable logging on a server. Otherwise you'll be flying blind and could be hacked or attacked but not even know it because you have logging disabled.
 
Old 05-07-2014, 01:32 PM   #3
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sag47 View Post
rsyslog is the system logging utility. You generally don't want to disable logging on a server. Otherwise you'll be flying blind and could be hacked or attacked but not even know it because you have logging disabled.
Thanks. I started looking at system logs and found a huge amount of data in three of them. I am going to set up a cron to empty them at least daily. This grabbed back about 10MB. The logs I looked at are (the ones indented were the worst):

> cat /dev/null > /var/log/auth.log
cat /dev/null > /var/log/syslog
cat /dev/null > /var/log/daemon.log
cat /dev/null > /var/log/kern.log
cat /dev/null > /var/log/lpr.log
> cat /dev/null > /var/log/mail.log
cat /dev/null > /var/log/user.log
> cat /dev/null > /var/log/mail.info
> cat /dev/null > /var/log/mail.warn
cat /dev/null > /var/log/mail.err
cat /dev/null > /var/log/news/news.crit
cat /dev/null > /var/log/news/news.err
cat /dev/null > /var/log/news/news.notice
 
Old 05-07-2014, 02:34 PM   #4
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182Reputation: 3182

Achtung! Alles turisten und nonteknischen lookenpeepers!

Das komputermaschine ist nicht für der gefingerpoken und mittengraben! Oderwise ist easy to schnappen der springenwerk, blowenfusen und poppencorken mit spitzensparken.

Ist nicht für gewerken bei dummkopfen. Der rubbernecken sightseeren keepen das cottonpicken händer in das pockets muss.

Zo relaxen und watschen der blinkenlichten.


"If you don't know what the damm thing does, leave the damm thing alone!"

Also ... I wouldn't erase those logs, either. I wouldn't touch 'em. You never know when you might need 'em, and c'mon ... it's only 10 megabytes. If that's pushing you close to their (obviously too-small) allocation, then the right thing to do is to "suck-up and pay more."

Sure, use logrotate to compress them. But, do not delete them.

Someday soon, someone's gonna need those logs, and they're gonna say, "hey, what fool set-up this cron job to erase them?!" When they in due time figure out "what fool" it actually was, you'll be packing your cube and turning-in your badge. So to speak. Don't go there.

Last edited by sundialsvcs; 05-07-2014 at 02:40 PM.
 
Old 05-07-2014, 03:53 PM   #5
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
Well, this server is mine only and is running only one service program, so I don't have to answer to anyone. My pocketbook doesn't currently allow for the increased cost of upgrading. The public service will simply have to be discontinued if it will not run with what it has now. These log are going to be toasted by me daily, period!

Last edited by battles; 05-07-2014 at 03:54 PM.
 
Old 05-07-2014, 04:05 PM   #6
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,148
Blog Entries: 2

Rep: Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870Reputation: 4870
Which is a very bad idea, especially in the case of auth.log, since this is the central file in which all authentication attempts (read: anyone that connects to your machine or tries to do so) are logged. If by all means you really need the space, compress those logs and/or move them to a different machine.
 
Old 05-07-2014, 04:14 PM   #7
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
I'll compress and attach the auth.log to an email and ship them to my local machine then before deleting. Thanks for your info.
 
Old 05-08-2014, 11:07 AM   #8
sag47
Senior Member
 
Registered: Sep 2009
Location: Raleigh, NC
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,861
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
Take a look at logrotate.

Code:
man logrotate
#see lots of examples in the logrotate.d directory
ls /etc/logrotate.d/
Logrotate is the way to go even if only you wish to keep the logs for a few days and have them compressed, rotate, and eventually discarded. Generally you do want to keep them around and look at them every once in a while. See my recent post in what is security for the average joe. In my post I provide you with specific scenarios where I used those logs.
 
Old 05-08-2014, 01:21 PM   #9
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
Thanks, I'll give a look.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
find history of a job killed by "kernel: Out of Memory: Killed process" poulacou Linux - Server 3 09-20-2007 05:24 PM
LXer: Linux automatically monitor and restart services when daemon is killed LXer Syndicated Linux News 0 11-25-2006 11:21 PM
Media Services on Linux platform similar to Windows Media Services happyok Linux - Software 3 05-27-2006 05:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration