# Recent rc.d/accounting change causes unwanted log messages



## Terry_Kennedy (May 2, 2011)

On 8-STABLE, revision 1.11.2.2 of /usr/src/etc/rc.d/accounting introduced a change which is causing the kernel to log a pair of accounting disabled/enabled messages each night (and includes the ones from the previous day in the nightly security output):


```
Accounting disabled
Accounting enabled
Accounting disabled
Accounting enabled
Accounting disabled
Accounting enabled
Accounting disabled
Accounting enabled
```

Normally, when I see an "Accounting disabled" message in the log buffer, my Pavlovian response is to go look for stuff to delete from /var to make more room.

The culprit is:

```
+accounting_rotate_log()
+{
+	local _dir _file
+
+	_dir="${accounting_file%/*}"
+	cd $_dir
+
+	if checkyesno accounting_enable; then
+		_file=`mktemp newacct-XXXXX`
+		chmod 644 $_file
+		${accounting_command} ${_dir}/${_file}
+	fi
+
+	mv ${accounting_file} ${accounting_file}.0
+
+	if checkyesno accounting_enable; then
+		ln $_file ${accounting_file##*/}
+		${accounting_command} ${accounting_file}
+		unlink $_file
+	fi
+}
```

Oddly, the same file version isn't causing the messages to appear on amd64, only i386. Thought that may be due to the much faster CPUs I'm running on amd64 (minimum Xeon E5520) compared to i386 (PIII 1400).

Is anyone else seeing this? Should I file a bug on it, or has anyone already done so?


----------



## fbsd1 (May 5, 2011)

File a bug report.


----------

