After sending SIGABRT to the samhain daemon,
it will first finish its
current tast (this may take some time), then unlock the log file
(i.e. remove the PID file), wait three seconds, then proceed. Thus, to
rotate the log file, you should use something like the
following script:
#! /bin/sh
if test -f /usr/local/var/log/.samhain_lock; then \
PIN=`cat /usr/local/var/log/.samhain_lock`; \
/bin/kill -ABRT $PIN; \
sleep 1; \
AA=0; \
while test "x$AA" != "x120"; do \
let "AA = $AA + 1"; \
if test -f /usr/local/var/log/.samhain_lock; then \
sleep 1; \
else \
break; \
fi \
done; \
fi
mv /usr/local/var/log/.samhain_log /usr/local/var/log/oldlog |
If you use the 'logrotate' tool, you could use the following (untested):
/usr/local/var/log/.samhain_log {
size 100k
nocreate
compress
mail root@localhost
maillast
prerotate
if test -f /usr/local/var/log/.samhain_lock; then \
PIN=`cat /usr/local/var/log/.samhain_lock`; \
/bin/kill -ABRT $PIN; \
sleep 1; \
AA=0; \
while test "x$AA" != "x120"; do \
let "AA = $AA + 1"; \
if test -f /usr/local/var/log/.samhain_lock; then \
sleep 1; \
else \
break; \
fi \
done; \
fi
endscript
} |