I would use rsync as it means that if it is interrupted for any reason, then you can restart it easily with very little cost. And being rsync, it can even restart part way through a large file. As others mention, it can exclude files easily. The simplest way to preserve most things is to use the -a
flag – ‘archive.’ So:
rsync -a source dest
Although UID/GID and symlinks are preserved by -a
(see -lpgo
), your question implies you might want a full copy of the filesystem information; and -a
doesn't include hard-links, extended attributes, or ACLs (on Linux) or the above nor resource forks (on OS X.) Thus, for a robust copy of a filesystem, you'll need to include those flags:
rsync -aHAX source dest # Linux
rsync -aHE source dest # OS X
The default cp will start again, though the -u
flag will "copy only when the SOURCE file is newer than the destination file or when the destination file is missing". And the -a
(archive) flag will be recursive, not recopy files if you have to restart and preserve permissions. So:
cp -au source dest
Short answer: you can't. Ports below 1024 can be opened only by root. As per comment - well, you can, using CAP_NET_BIND_SERVICE, but that approach, applied to java bin will make any java program to be run with this setting, which is undesirable, if not a security risk.
The long answer: you can redirect connections on port 80 to some other port you can open as normal user.
Run as root:
# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
As loopback devices (like localhost) do not use the prerouting rules, if you need to use localhost, etc., add this rule as well (thanks @Francesco):
# iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080
NOTE: The above solution is not well suited for multi-user systems, as any user can open port 8080 (or any other high port you decide to use), thus intercepting the traffic. (Credits to CesarB).
EDIT: as per comment question - to delete the above rule:
# iptables -t nat --line-numbers -n -L
This will output something like:
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 redir ports 8088
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
The rule you are interested in is nr. 2, so to delete it:
# iptables -t nat -D PREROUTING 2
Best Answer
Log the application name in your messages. Filter on the application name instead of facility. If your applications aren't generating syslog messages directly, you can apply an output filter (e.g.,
sed
) to massage things to look the way you want.Take a look at the Rsyslog documentation on filter conditions to see how you might configure this behavior. Based on the information in that page, here's an example of how you could put messages starting with the string "application1" into
/var/log/application1
:You can also filter explicitly on the program name, if your application sets this correctly:
You can perform all sorts of complex filtering in your
rsyslog.conf
; read through the documentation for more information and examples.EDIT:
rsyslog
can use templates to create separate files for each server. Something like the following should put all log messages into separate files for each hostname. (This is lifted from the manpage.)The following is similar but does not log debug messages. It also uses the connection hostname rather than the message hostname. (This is based on what I developed to log output from an Obi100.)
Read the manpage and documentation if you have more complex needs, or want to understand what the above do.