Set the logrotate maxage parameter to purge_after_days
as well.
Rework additional retention rules of files in
/var/log/containers in the containerized logrotate
postrotate script. The rules are based on any of the
listed criteria met:
* time of last access of contents (atime) exceeds
purge_after_days,
* time of last modification of contents (mtime) exceeds
purge_after_days,
* time of last modification of the inode (metadata, ctime)
exceeds purge_after_days.
Forcibly purge expired files with each containerized
logrotate run triggered via cron. Note that the files creation
time (the Birth attribute) is not taken into account as it
cannot be accessed normally by system operators (depends on FS
type). Retention policies based on the creation time must
be managed elsewhere.
Reviewed: https:/ /review. openstack. org/606907 /git.openstack. org/cgit/ openstack/ puppet- tripleo/ commit/ ?id=0cbcf8dfbef d957d623c3dff5c 5daca09fd96a27
Committed: https:/
Submitter: Zuul
Branch: stable/pike
commit 0cbcf8dfbefd957 d623c3dff5c5dac a09fd96a27
Author: Bogdan Dobrelya <email address hidden>
Date: Tue May 22 14:53:27 2018 +0200
Rework GDPR compliant logrotate config
Set the logrotate maxage parameter to purge_after_days
as well.
Rework additional retention rules of files in log/containers in the containerized logrotate
/var/
postrotate script. The rules are based on any of the
listed criteria met:
* time of last access of contents (atime) exceeds after_days, after_days,
purge_
* time of last modification of contents (mtime) exceeds
purge_
* time of last modification of the inode (metadata, ctime)
exceeds purge_after_days.
Forcibly purge expired files with each containerized
logrotate run triggered via cron. Note that the files creation
time (the Birth attribute) is not taken into account as it
cannot be accessed normally by system operators (depends on FS
type). Retention policies based on the creation time must
be managed elsewhere.
Related-Bug: #1771543
Change-Id: I9afa22f7dd344a 29747206b286520 a76d70d704b 865714909510e19 9d61e08fb0)
Signed-off-by: Bogdan Dobrelya <email address hidden>
(cherry picked from commit d032e6d5fc89246