Set the logrotate maxage parameter to purge_after_days
as well.
Rework additional retention rules of files in
/var/log/containers in the containerized logrotate
postrotate script. The rules are based on any of the
listed criteria met:
* time of last access of contents (atime) exceeds
purge_after_days,
* time of last modification of contents (mtime) exceeds
purge_after_days,
* time of last modification of the inode (metadata, ctime)
exceeds purge_after_days.
Forcibly purge expired files with each containerized
logrotate run triggered via cron. Note that the files creation
time (the Birth attribute) is not taken into account as it
cannot be accessed normally by system operators (depends on FS
type). Retention policies based on the creation time must
be managed elsewhere.
Related-Bug: #1771543
Change-Id: I9afa22f7dd344a29747206b286520a76d70d704b
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
After purge_after_days, defaults to a 14, forcibly remove
any rotated and compressed logs of containerized services
in /var/log/containers. This overrides any related
containerized logrotate configuration used for
containerized services.
Allow to alter rotation interval for log files managed
via containerized logrotate. Defaults to 'daily'
and rotate 14 (days).
Use sharedscripts to clean up files in the postrotate
script only once.
Additionally, to enforce GDPR compliance of log files
in /var/log/containers, put them under logrotate management
(minsize 1) and always compress. Prohibit the size option
as it does not honor time-based contstraints required by
GDPR. Forcibly remove all files but those rotated and
compressed logs, via the postscript section.
Partial-bug: #1771543
Change-Id: Id8e4717a5ecda53bc9cd39f1c2efaa80b56bd45e
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>