Hi,
i configure apache for virtualhost with the following configuration:

<VirtualHost host.some_domain.com>
ServerAdmin webmaster@host.some_domain.com
DocumentRoot /www/docs/host.some_domain.com
ServerName host.some_domain.com
ErrorLog logs/host.some_domain.com-error_log
TransferLog logs/host.some_domain.com-access_log
</VirtualHost>

The problem is when user that own this domain log in via FTP, and remove the log file, the apache will be down :(

How to solve this problem? can apache check whether there's a log file or not, if not it will generate new log file not down.

thanks!

I'd suggest chowning the log files to root so that the user cannot delete them.

Or, you could create an apache wrapper that would do something like this:

#!/bin/sh

cd /path/to/domains

for domain in `ls -1`
do
if [ ! -f "$domain/logs/access_log" ]
then
touch $domain/logs/access_log
fi

if [ ! -f $domain/logs/error_log" ]
then
touch $domain/logs/error_log
fi
done

/path/to/apachectl start

Originally posted by ampunboss
Hi,
i configure apache for virtualhost with the following configuration:

<VirtualHost host.some_domain.com>
ServerAdmin webmaster@host.some_domain.com
DocumentRoot /www/docs/host.some_domain.com
ServerName host.some_domain.com
ErrorLog logs/host.some_domain.com-error_log
TransferLog logs/host.some_domain.com-access_log
</VirtualHost>

The problem is when user that own this domain log in via FTP, and remove the log file, the apache will be down :(

How to solve this problem? can apache check whether there's a log file or not, if not it will generate new log file not down.

thanks!

Either don't allow the file to be owned by them, or don't allow them write/delete/modify access to the logs directory, or set the file to append only and remove permission for them to be able to remove it.

Originally posted by lotuslnd
I'd suggest chowning the log files to root so that the user cannot delete them.

Or, you could create an apache wrapper that would do something like this:

#!/bin/sh

cd /path/to/domains

for domain in `ls -1`
do
if [ ! -f "$domain/logs/access_log" ]
then
touch $domain/logs/access_log
fi

if [ ! -f $domain/logs/error_log" ]
then
touch $domain/logs/error_log
fi
done

/path/to/apachectl start

That's a reasonable idea, but be SURE to check and make sure that the file it creates isn't vulnerable to any race conditions and make sure to check that it's not a symbolic or hard link to another file (or this could create a serious security hole).