named cannot record a log via rsyslog after running logrotate
Environment
- Red Hat Enterprise Linux 6
- bind
- implement bind-chroot, and chroot is executed.
- configure writing a named log into a file /var/log/named/named.log via rsyslog.
- logrotate
- make the above named.log targeted for logrotation.
Issue
- I configure writing named message into the file /var/log/named/named.log via rsyslog.
- named.log output by rsyslog is targeted for roglation in /etc/logrotate/syslog.
- After conducting logrotation by crond, messages cannot be written into named.log.
Resolution
This is an unique symptom in the situation where named is chrooted, so it is difficult to execute named in the chroot environment and output to rsyslog, and logrotate at the same time.
It is recommended to stop chroot environment, or named, not syslog, output its log.
Root Cause
It is caused by reload for rsyslog service run by logrotate.
-- /etc/logrotate.d/syslog --
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
/var/log/named/named.log
{
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
reload in rsyslog service creates /dev/log again which is a message queue of rsyslog when re-loading the setting.
After booting a service, the opened /dev/log is continuously used unless it is chrooted, but when /dev/log is created again by reload in rsyslog, named loses /dev/log.
Since /dev/log does not exist under chroot environment, it cannot be opened again, and log cannot be sent via syslog.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments