#!/bin/sh
# -----------------------------------------------------------------------------------
# Currently LDAP Server does not monitor or manage the size of the activity
# log file in any way.
# The purpose of this shell script is to prune the LDAP activity log. It 
# will first save the current log file to a backup and then delete old copies
# of the backup files, keeping only a designated number of files.
# The activity log will then be zeroed out, basically deleting all existing entries.
# To enable this script in your environment, the following variables need to 
# be set to your environment specifications.
# prune_file=<your activity log filename> 
# files_to_save=<the number of backup files to save>
# A cron job can then be created to run this shell script. cron will allow 
# the shell script to be run on designated days at designated times.
# For details on cron refer to the following publication: 
# Unix System Services Command Reference, SA22-7802.
# Also be aware that the cron job must be associated to a user ID with the 
# proper authority to edit the activity log. The activity log is created 
# by the LDAP server's owning ID. More than likely the cron job should be 
# associated to a super user ID. Here is an example of enabling cron via 
# crontab to execute this shell script.
# First cd to /usr/spool/cron/crontabs
# Second issue the crontab command to edit the file
# crontab -e     (this will create or edit a filename of the ID you are logged in to)
# add the following line
# 55 23 * * 1-5 /etc/ldap/ldap_activity_log_prune.sh    
# The above line will execute the shell script at 5 minutes before midnight Monday through Friday
# NOTE!!!!!!
# This script is written based upon it being placed in the /etc/ldap directory. If the 
# script is placed in a different directory then make the appropriate changes to the script 
# and the crontab entry.
# -----------------------------------------------------------------------------------
#
# prune_file=<filename specified in the logfile directive in the LDAP Servers configuration file>
# default is 
prune_file=/etc/ldap/gldlog.output
#
# number of backup files to save
files_to_save=2
#
# backup the activity log
i=1
date_append=`date | awk '{print $2 $3 $6}'`
cp $prune_file $prune_file.$date_append 
#
# clear out all activity log records
:>$prune_file
#
# capture all of the backup files in new to old sequence
file_list=`ls -lat $prune_file.* | awk '{print $9}'`
#
# delete files greater than the designated number to save
for n in $file_list
do
 file_name=$n
 if [ "$i" -gt "$files_to_save" ] ; then
  rm $file_name
 fi
 i=`expr "$i" + 1`
done