How to permanantly disable /var/log/secure?
12,653
/var/log/secure is written to by syslogd (or rsyslogd, depending on the OS version) -- this is controlled by /etc/syslog.conf (or /etc/rsyslog.conf). As shipped, the log class "authpriv.*" is set to log to this file. If you don't wan't logging, your can comment out this selector from the .conf file.
Also, check the logrotate configuration (/etc/logrotate.conf, /etc/logrotated.d/) for the rotation script for syslog. This will typically re-create the file (although the file won't be growing if you comment it out of /etc/rsyslog.conf).
Related videos on Youtube
Author by
ZeroxZerox
Updated on September 18, 2022Comments
-
ZeroxZerox almost 2 years
When I delete /var/log/secure this file will be recreated. How do I disable the recreation of this file?
-
Timo over 10 yearsDo you know which program creates that file?
-
Gilles 'SO- stop being evil' over 10 yearsWhere do you want the information that normally gets logged in this file to end up?
-
-
ZeroxZerox over 10 years/var/log/secure always gets renamed to something like secure-20140902, because of logrotation. This is default behavior! So it is a fact that "the creating program renames the old /var/log/secure"
-
ZeroxZerox over 10 yearsIs this everything that needs to be done?
-
ZeroxZerox over 10 yearsShould you simply delete the logrotate.conf and lograted.d?
-
Derek Pressnall over 10 yearsYou do not want to delete logrotate configuration files -- there are several ones in there, if you delete them then your log files will continue to grow. First, I should have probably asked you, why you don't want /var/log/secure? Is it because it is getting too large before it gets rotated out? If so, you can adjust the rotate scripts so that it rotates sooner, and compresses when it rotates.