hushuitian / rfc5766-turn-server

Automatically exported from code.google.com/p/rfc5766-turn-server
0 stars 0 forks source link

Limit lifetime of logs in AWS image #142

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Deploy server, let it run for several months
2. See that server logs under /var/log are several months old
3. Realize this may be suboptimal from a privacy perspective

What is the expected output? What do you see instead?
Logs more than some amount of time, e.g. 30 days, are discarded

What version of the product are you using? On what operating system?
rfc5766-turn-server AWS image

Please provide any additional information below.
One simple option could be to provide a built-in cron job in the AWS image.

Original issue reported on code.google.com by juberti@webrtc.org on 19 Feb 2015 at 5:02

GoogleCodeExporter commented 9 years ago
There are some log options that allow dealing with that problem. You can 
redirect all logging into syslog, for example. I can change the default 
settings.

Original comment by mom040...@gmail.com on 19 Feb 2015 at 5:19

GoogleCodeExporter commented 9 years ago
Can you explain more about what you mean regarding syslog?

Original comment by juberti@webrtc.org on 19 Feb 2015 at 6:00

GoogleCodeExporter commented 9 years ago
Check the option --syslog. ALl looging messages can be redirected to syslog. 
Then you can use whatever your favorite tool is to handle the syslog.

Original comment by mom040...@gmail.com on 19 Feb 2015 at 7:11

GoogleCodeExporter commented 9 years ago
I can update the AWS image to pre-set some log handling procedures.

Original comment by mom040...@gmail.com on 19 Feb 2015 at 7:12

GoogleCodeExporter commented 9 years ago

Original comment by mom040...@gmail.com on 19 Feb 2015 at 7:12

GoogleCodeExporter commented 9 years ago
The most straightforward solution is:

1) Uncomment the option 'syslog' in the /etc/turnserver.conf.
2) Check the settings in the /etc/logrotate.conf. The default settings are just 
OK for usual applications.

I'll apply this solution to the next AWS image.

More complex solution:

Write a cron job that sends SIGHUP signal to the turnserver process. Each 
SIGHUP will cause the log file rollover.

Original comment by mom040...@gmail.com on 20 Feb 2015 at 6:05

GoogleCodeExporter commented 9 years ago
I produced new 3.2.5.5-1 and 4.4.2.1-1 Amazon AWS images that address this 
problem. Download them from the download sites. 

Here is the log-related excerpt from the README.txt file:

=================================================

The initial configuration in /etc/turnserver.conf
redirects the log into syslog. For syslog, rsyslogd is used. Its configuration
is located in /etc/rsyslog.conf. The syslog for TURN is configured as simply
/var/log/messages, but you can reconfigure it. The file /var/log/messages is
rotated according to the rules defined in /etc/logrotate.conf and in
/etc/logrotate.d/syslog. You are free to change those rules according to your
requirements.

=============================================

Original comment by mom040...@gmail.com on 21 Feb 2015 at 9:41