If you ever get in a bind and a log file has gone out of control and your disk space is full, you may be tempted to delete the log file. There may be a couple of problems with that. One, the application is still using the file so that delete may not actually take place until the application is restarted or in the worst case scenario restart the Linux box. The other reason, is that if the application wasn't setup correctly where the permissions were properly applied to the directory or the file itself, it may not get recreated once the application is restarted (if the application starts). As part of the second reason, the SELinux context may be incorrect if the file is recreated by the application. So, there are at least three things that could go wrong. What about this truncate command?
I prefer to truncate the file to zero bytes. This leaves the application running, the file in place with its already existing SELinux contexts and permissions. Here is how to do it.
truncate -s0 filename
Yes, it is that easy.