Hello
Does any one know what are these files?
I got concern form security due to they have execute bit.
-rwxr----- /var/log/gitlab/redis/@400000006035cce809047e9c.s
-rwxr----- /var/log/gitlab/…/@XXXXXXXXXXXXXX.s
These are archived logs from the runit system: https://docs.gitlab.com/omnibus/settings/logs.html#runit-logs
runit logs
The runit-managed services in Omnibus GitLab generate log data using
svlogd.
- Logs are written to a file called
current.- Periodically, this log is compressed and renamed using the TAI64N format, for example:
@400000005f8eaf6f1a80ef5c.s.- The filesystem datestamp on the compressed logs will be consistent with the time GitLab last wrote to that file.
zmoreandzgrepallow viewing and searching through both compressed or uncompressed logs.Read the svlogd documentation for more information about the files it generates.
Thank you, but one more question
Why those files need execute permission?
Is it need for zmore zgrep to use for viewing or searching?
@basbad you can answer the question easy by trying yourself the commands zmore and zcat:
root@repo:/var/log/gitlab/redis# zmore @40000000602e0a9321b67094.s
2021-02-17_06:37:57.03939 17466:M 17 Feb 2021 07:37:57.039 * 10 changes in 300 seconds. Saving...
2021-02-17_06:37:57.04014 17466:M 17 Feb 2021 07:37:57.040 * Background saving started by pid 27403
2021-02-17_06:37:57.06341 27403:C 17 Feb 2021 07:37:57.063 * DB saved on disk
2021-02-17_06:37:57.06428 27403:C 17 Feb 2021 07:37:57.064 * RDB: 1 MB of memory used by copy-on-write
2021-02-17_06:37:57.14282 17466:M 17 Feb 2021 07:37:57.142 * Background saving terminated with success
2021-02-17_06:42:58.09207 17466:M 17 Feb 2021 07:42:58.091 * 10 changes in 300 seconds. Saving...
2021-02-17_06:42:58.09293 17466:M 17 Feb 2021 07:42:58.092 * Background saving started by pid 30740
2021-02-17_06:42:58.11502 30740:C 17 Feb 2021 07:42:58.114 * DB saved on disk
or with zcat and grep:
root@repo:/var/log/gitlab/redis# zcat @40000000602e0a9321b67094.s | grep -i background
2021-02-17_06:37:57.04014 17466:M 17 Feb 2021 07:37:57.040 * Background saving started by pid 27403
2021-02-17_06:37:57.14282 17466:M 17 Feb 2021 07:37:57.142 * Background saving terminated with success
2021-02-17_06:42:58.09293 17466:M 17 Feb 2021 07:42:58.092 * Background saving started by pid 30740
2021-02-17_06:42:58.19401 17466:M 17 Feb 2021 07:42:58.193 * Background saving terminated with success
2021-02-17_06:47:59.03475 17466:M 17 Feb 2021 07:47:59.034 * Background saving started by pid 1601
2021-02-17_06:47:59.13578 17466:M 17 Feb 2021 07:47:59.135 * Background saving terminated with success
2021-02-17_06:53:00.05007 17466:M 17 Feb 2021 07:53:00.050 * Background saving started by pid 4805
since they are text files you are worrying about nothing - technically they shouldn’t have the execute bit but that would need Gitlab to fix that when these files are being generated by svlogd - since /etc/gitlab.rb does have svlog configuration options, unfortunately it doesn’t have an option to force what permissions should be assigned. Also, since the permissions are 700, only root as a user has access to these files anyway.
1 Like
Many Thanks
According to this link: http://smarden.org/runit/svlogd.8.html
svlogd closes current , changes permission of current to 0755,
defaults to 0755 normally, which means gitlab’s permissions of 700 is even better.
Last question.
Is it safe to delete all these .s files?
I noticed that in my server they add up to over 500MB.
@frakman I think so, currently my /var/opt/gitlab/redis directory doesn’t have any of these files:
root@gitlab:~# ls /var/opt/gitlab/redis/
dump.rdb redis.conf redis.socket
I did have the files at some point from my previous posts on here, but either upgrading my system in the meantime has deleted them, or some other process has. Either way, since my system works fine, then I guess they can be deleted. You might want to move them somewhere else temporarily to make sure you don’t have any problems with your system, and if it is still working, then delete them permanently.