Once I installed FreeRadius from the source code, so I needed to make a log rotation script, since the log file sometimes grew to large sizes, for example, during technical work or development, a lot of debugging information could be written, during standard work, almost no logs were written.
The installation files contain an example of log rotation configuration:
cp /opt/freeradius-server-3.0.23/scripts/logrotate/freeradius /etc/logrotate.d/
/var/log/radius/radius.log {
# common options
daily
rotate 14
missingok
compress
delaycompress
notifempty
copytruncate
su radiusd radiusd
}
However, in my case the radius.log file is in a different location and with different permissions, so I created my own file /etc/logrotate.d/freeradius:
/usr/local/freeradius/var/log/radius/radius.log {
monthly
rotate 3
missingok
compress
delaycompress
notifempty
copytruncate
su freerad freerad
}
With the “copytruncate” parameter, the radius.log file is copied to radius.log.1, and then radius.log is cleared to zero size, instead of being renamed to radius.log.1 and creating radius.log, so that the FreeRadius server does not have to be restarted.
Let’s test the script to make sure that there is no “Permission denied” error, for example, as in my case, only the root user had rights to the directory with logs:
logrotate -d /etc/logrotate.d/freeradius
chmod 777 /usr/local/freeradius/var/log/radius/
If everything is ok, then we will force the rotation:
logrotate -f /etc/logrotate.d/freeradius
The status can be viewed in the file /var/lib/logrotate/status
See also my articles:
ABillS. Installing Freeradius
Configuring logrotate to rotate logs