[nsd-users] Log file rotation
Matthijs Mekking
matthijs at NLnetLabs.nl
Fri Nov 7 13:40:59 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ok, I failed to spot that moving the current logfile in a rotated file
system was an external process. I now understand how the patch could
facilitate in rotating nsd.log.
However, there are some side effects:
1. When starting NSD, the logfile is opened before dropping the
privileges. This means that NSD might have the wrong permissions to
reopen the file on a reload. Currently if so, this leads to an assertion
failure.
2. When using chroot, the logfile is opened before chrooting. So, in the
example where you log to /var/log/nsd.log and chroot to /etc/nsd, the
logfile cannot be found when reopening. Logfile should be relative to
chroot.
3. The main and child processes has rotated the file, but the xfrd
process does not know about this yet.
- - Matthijs
Shane Kerr wrote:
> Matthijs,
>
> When NSD starts and you have a "logfile:" line in your nsd.conf, like
> this:
>
> server:
> logfile: /var/my/special/logfile
>
> This file is opened when NSD starts, and whenever log_msg() is invoked
> then the log message is written to the end from log_file().
>
> It would be nice if there was a way to tell NSD, "please re-open this
> file". That way one can do:
>
> * Move current log file to a new name, like "mv nsd.log nsd.log.0"
> * Tell NSD to re-open the log file, like "rndc reload"
> * Compress the old log file, or delete it, or whatever
>
> This is basic log file rotation.
>
> We can do this by restarting NSD, but we would prefer not to stop
> service, even for a brief period of time.
>
> --
> Shane
>
> On Fri, 2008-11-07 at 11:08 +0100, Matthijs Mekking wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi Shane,
>>
>> I'm not sure if I understand what you mean by a rotated log file. Could
>> you give me some more pointers of what you are trying to do?
>>
>> Shane Kerr wrote:
>>> Hello,
>>>
>>> As far as I can tell, if you specify a log file for NSD it is never
>>> rotated.
>>>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJFEVrIXqNzxRs6egRArmBAJ9M+BbJpQHGAgNrTyHeJNXu5i8WtwCdFoW8
Lr2fi48xggNCScxNR8OmfI0=
=E2Tx
-----END PGP SIGNATURE-----
More information about the nsd-users
mailing list