Log file rotation

Shane_Kerr · November 4, 2008, 3:25pm

Hello,

As far as I can tell, if you specify a log file for NSD it is never
rotated.

We could use syslog to give us this functionality, but we run a number
of different versions of NSD, and prefer to use the log file than
syslog.

I think a small change would be to have the server re-open the log file
when the server is reloaded would work for us. These two patches should
make that happen:

--- nsd.c Thu Sep 25 14:01:41 2008
+++ nsd.c.new Tue Nov 4 15:19:26 2008
@@ -588,8 +588,8 @@
   {
     if(nsd.options->identity) nsd.identity = nsd.options->identity;
   }
- if (nsd.options->logfile && !log_filename) {
- log_filename = nsd.options->logfile;
+ if (log_filename) {
+ nsd.options->logfile = log_filename;
   }
   if(nsd.child_count == 0) {
     nsd.child_count = nsd.options->server_count;
@@ -759,8 +759,8 @@
#endif /* TSIG */

   /* Set up the logging... */
- log_open(LOG_PID, FACILITY, log_filename);
- if (!log_filename) {
+ log_open(LOG_PID, FACILITY, nsd.options->logfile);
+ if (!nsd.options->logfile) {
     log_set_log_function(log_syslog);
   }

--- server.c Thu Oct 16 14:21:28 2008
+++ server.c.new Tue Nov 4 15:16:32 2008
@@ -1034,6 +1034,8 @@
}

log_msg(LOG_WARNING, "signal received, reloading...");
+ log_finalize();
+ log_open(LOG_PID, FACILITY, nsd->options->logfile);

if (socketpair(AF_UNIX, SOCK_STREAM, 0, reload_sockets) == -1) {
log_msg(LOG_ERR, "reload failed on socketpair: %s", strerror(errno));

Matthijs_Mekking · November 7, 2008, 10:08am

Hi Shane,

I'm not sure if I understand what you mean by a rotated log file. Could
you give me some more pointers of what you are trying to do?

Shane Kerr wrote:

Hello,

As far as I can tell, if you specify a log file for NSD it is never
rotated.

We could use syslog to give us this functionality, but we run a number
of different versions of NSD, and prefer to use the log file than
syslog.

I think a small change would be to have the server re-open the log file
when the server is reloaded would work for us. These two patches should
make that happen:

--- nsd.c Thu Sep 25 14:01:41 2008
+++ nsd.c.new Tue Nov 4 15:19:26 2008
@@ -588,8 +588,8 @@
   {
     if(nsd.options->identity) nsd.identity = nsd.options->identity;
   }
- if (nsd.options->logfile && !log_filename) {
- log_filename = nsd.options->logfile;
+ if (log_filename) {
+ nsd.options->logfile = log_filename;
   }
   if(nsd.child_count == 0) {
     nsd.child_count = nsd.options->server_count;
@@ -759,8 +759,8 @@
#endif /* TSIG */

   /* Set up the logging... */
- log_open(LOG_PID, FACILITY, log_filename);
- if (!log_filename) {
+ log_open(LOG_PID, FACILITY, nsd.options->logfile);
+ if (!nsd.options->logfile) {
     log_set_log_function(log_syslog);
   }
--- server.c Thu Oct 16 14:21:28 2008
+++ server.c.new Tue Nov 4 15:16:32 2008
@@ -1034,6 +1034,8 @@
       }

       log_msg(LOG_WARNING, "signal received, reloading...");
+ log_finalize();
+ log_open(LOG_PID, FACILITY, nsd->options->logfile);

       if (socketpair(AF_UNIX, SOCK_STREAM, 0, reload_sockets) == -1) {
         log_msg(LOG_ERR, "reload failed on socketpair: %s", strerror(errno));

I don't think this patch changes any behavior in nsd. Am I missing
something?

Regards,

Matthijs

Olaf_Kolkman · November 7, 2008, 10:23am

Matthijs Mekking wrote:

I'm not sure if I understand what you mean by a rotated log file. Could
you give me some more pointers of what you are trying to do?

*ouch*

I'll explain log file rotation off-list.

Shane wrote:

I think a small change would be to have the server re-open the log file
when the server is reloaded would work for us. These two patches should
make that happen:

Looks nice, and easy.

--Olaf

Shane_Kerr · November 7, 2008, 10:27am

Matthijs,

When NSD starts and you have a "logfile:" line in your nsd.conf, like
this:

server:
logfile: /var/my/special/logfile

This file is opened when NSD starts, and whenever log_msg() is invoked
then the log message is written to the end from log_file().

It would be nice if there was a way to tell NSD, "please re-open this
file". That way one can do:

      * Move current log file to a new name, like "mv nsd.log nsd.log.0"
      * Tell NSD to re-open the log file, like "rndc reload"
      * Compress the old log file, or delete it, or whatever

This is basic log file rotation.

We can do this by restarting NSD, but we would prefer not to stop
service, even for a brief period of time.

Matthijs_Mekking · November 7, 2008, 1:40pm

Ok, I failed to spot that moving the current logfile in a rotated file
system was an external process. I now understand how the patch could
facilitate in rotating nsd.log.

However, there are some side effects:

1. When starting NSD, the logfile is opened before dropping the
privileges. This means that NSD might have the wrong permissions to
reopen the file on a reload. Currently if so, this leads to an assertion
failure.

2. When using chroot, the logfile is opened before chrooting. So, in the
example where you log to /var/log/nsd.log and chroot to /etc/nsd, the
logfile cannot be found when reopening. Logfile should be relative to
chroot.

3. The main and child processes has rotated the file, but the xfrd
process does not know about this yet.

- - Matthijs

Shane Kerr wrote:

Wilson_Rogerio_Lopes · August 27, 2009, 7:04pm

Hi all,

I'm using a script on cron to rotate nsd.log file. This require a daemon hungup..

Changelog of 3.2.1 version show

"FEATURES:
- Allow file rotation on nsd.log."

How it work ? Is this configurable in nsd.conf ?

Thanks,

Wouter · August 28, 2009, 6:39am

Hi Wilson,

Wilson_Rogerio_Lopes · August 28, 2009, 4:41pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Wilson,

File rotation is automatically enabled if you don't use chroot, or the
nsd.log file is within the chroot. If enabled, it tries to reopen the
nsd.log file (and thus if another program or user moved it, a new
nsd.log is started).

Hum...

I changed the log file configuration to file in chroot dir and when renames nsd.log,
a new nsd.log is created by nsd program.

Thanks for tip.

Wilson.