It's perfectly possible to use logrotate on RedHat with syslog-ng... here's my logrotate.conf stripped of irrelevant detail: $ cat /etc/logrotate.d/syslog-ng /var/log/secure { } /var/log/maillog { } /var/log/spooler { } ........ /var/log/messages { ....... postrotate /etc/rc.d/init.d/syslog-ng reconfig ....... endscript } $ And the corresponding tweaks to init script to allow for a reconfig option, plus some extra features relating preventing syslog-ng restart when the config is broken, emulating klogd, and handling syslog-ng startup prior to named an ipchains only central logging server with dns hostname lookup enabled.. $ cat /etc/rc.d/init.d/syslog-ng #!/bin/sh # # syslog-ng Starts syslog-ng # # chkconfig: 2345 30 99 # description: Syslog-ng is the facility by which many daemons use to log \ # messages to various system log files. It is a good idea to always \ # run syslog-ng. ################################################################################ # Source function library. if [ -d /etc/init.d ]; then . /etc/init.d/functions else . /etc/rc.d/init.d/functions fi . /etc/sysconfig/network if [ ${NETWORKING} = "no" ] then exit 0 fi # General security measures.. umask 077 ulimit -c 0 INIT_PROG="/usr/local/sbin/syslog-ng" # Full path to daemon INIT_CONF="/etc/syslog-ng/syslog-ng.conf" # Full path to config INIT_OPTS="" PRINTKLEVEL=2 # Get per-service config overrides if [ -f /etc/sysconfig/syslog-ng ]; then . /etc/sysconfig/syslog-ng fi [ -x $INIT_PROG ] || exit 1 [ -s $INIT_CONF ] || exit 1 INIT_NAME=`basename "$INIT_PROG"` # Correct the setting of raw printk kernel logging to mimic klogd behaviour printkset() { currentprintk=`awk '{print $1}' /proc/sys/kernel/printk` if [ ${PRINTKLEVEL} -ne ${currentprintk} ]; then action "Setting kernel console default printk to ${PRINTKLEVEL}" dmesg -n ${PRINTKLEVEL} fi } validconfig() { $INIT_PROG -s -f $INIT_CONF RETVAL=$? echo -n "Syslog-ng configuration check" [ $RETVAL -ne 0 ] && failure "Syslog-ng configuration check" && echo && exit 1 [ $RETVAL -eq 0 ] && success "Syslog-ng configuration check" && echo } findsyslogchain () { rulenum=`ipchains -L input --line-numbers | awk '{print $1,$2,$3,$5,$9}' | grep "DENY udp anywhere syslog" | awk '{print $1}' | sort -rn` if [ "$rulenum" = "" ]; then rulenum=0 fi #Chain input (policy ACCEPT): #num target prot opt source destination ports #1 DENY udp ------ anywhere anywhere any -> syslog } isdnsrunning () { if [ -n "`/sbin/pidof named`" ]; then dnsrunning=1 else dnsrunning=0 fi } RETVAL=0 # See how we were called. case "$1" in start) validconfig printkset isdnsrunning [ $dnsrunning -ne 1 ] && $0 local echo -n "Starting $INIT_NAME: " daemon --check $INIT_PROG "$INIT_PROG -f $INIT_CONF $INIT_OPTS" RETVAL=$? echo [ $dnsrunning -eq 1 ] && $0 remote [ $RETVAL -eq 0 ] && touch "/var/lock/subsys/${INIT_NAME}" # Warn sendmail that syslog has restarted /etc/rc.d/init.d/sendmail reconfig ;; stop) echo -n "Shutting down $INIT_NAME: " killproc $INIT_PROG RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f "/var/lock/subsys/${INIT_NAME}" ;; status) status $INIT_PROG #status klogd RETVAL=$? ;; reconfig) validconfig printkset isdnsrunning [ $dnsrunning -ne 1 ] && $0 local echo -n "Re-HUPing $INIT_NAME daemon" killproc $INIT_PROG -HUP RETVAL=$? echo [ $dnsrunning -eq 1 ] && $0 remote ;; restart|reload) $0 stop $0 start RETVAL=$? ;; local) findsyslogchain if [ "$rulenum" = "0" ]; then action "Disabling remote syslogging" ipchains -I input 1 -i eth+ --proto udp --dport syslog -j DENY RETVAL=$? fi ;; remote) findsyslogchain if [ "$rulenum" != "0" ]; then for rule in `echo $rulenum` do action "Enabling remote syslogging - remove ipchains rule $rule" ipchains -D input ${rule} RETVAL=$? done fi ;; validate) validconfig ;; printkset) printkset RETVAL=$? ;; *) echo "Usage: syslog {start|stop|status|reconfig|restartlocal|remote|validate|printkset}" exit 1 esac exit $RETVAL $ ************************************************************************************************ This E-mail message, including any attachments, is intended only for the person or entity to which it is addressed, and may contain confidential information. If you are not the intended recipient, any review, retransmission, disclosure, copying, modification or other use of this E-mail message or attachments is strictly forbidden. If you have received this E-mail message in error, please contact the author and delete the message and any attachments from your computer. You are also advised that the views and opinions expressed in this E-mail message and any attachments are the author's own, and may not reflect the views and opinions of FLEXTECH Television Limited. ************************************************************************************************