From owner-freebsd-isp@FreeBSD.ORG Thu Apr 5 21:28:38 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7C2E616A403 for ; Thu, 5 Apr 2007 21:28:38 +0000 (UTC) (envelope-from ccowart@hal.rescomp.berkeley.edu) Received: from rescomp.berkeley.edu (keyserver.Rescomp.Berkeley.EDU [169.229.70.167]) by mx1.freebsd.org (Postfix) with ESMTP id 6A26613C465 for ; Thu, 5 Apr 2007 21:28:38 +0000 (UTC) (envelope-from ccowart@hal.rescomp.berkeley.edu) Received: by rescomp.berkeley.edu (Postfix, from userid 1225) id 41DDA5B764; Thu, 5 Apr 2007 14:03:57 -0700 (PDT) Date: Thu, 5 Apr 2007 14:03:57 -0700 From: Christopher Cowart To: freebsd-isp@freebsd.org Message-ID: <20070405210357.GB18109@rescomp.berkeley.edu> Mail-Followup-To: freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="f2QGlHpHGjS2mn6Y" Content-Disposition: inline Organization: RSSP-IT, UC Berkeley User-Agent: Mutt/1.5.9i Subject: isc-dhcpd logging breaks when syslog-ng HUP'd X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2007 21:28:38 -0000 --f2QGlHpHGjS2mn6Y Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I posted this to questions last month, but have not received any responses. I'm hoping somebody on this list may be able to help. I have 2 servers running isc-dhcp3-server and syslog-ng. I have configured dhcpd to run in a chroot. The following (reproducible) sequence of events cause dhcpd logging to break: 1) Start syslog-ng 2) Start isc-dhcpd (At this point, logging is working fine) 3) `pkill -HUP syslog-ng` (This happens on the hour whenever logfiles need rotating, but can also be effected manually) 4) dhcpd logging is now broken 5) Restart isc-dhcpd (logging works again) My theory (and it's only a theory) is that when isc-dhcpd starts, it=20 gets an fd to the syslog socket. When syslog-ng receives a HUP, that=20 socket is reopened and isc-dhcpd's fd is now broken. Relevant options from rc.conf: | syslogd_enable=3D"NO" | newsyslog_enable=3D"NO" | syslog_ng_enable=3D"YES" | dhcpd_enable=3D"YES" | dhcpd_flags=3D"-q" | dhcpd_conf=3D"/usr/local/etc/dhcpd.conf" | dhcpd_includedir=3D"/usr/local/etc/dhcpd.d" | dhcpd_withumask=3D"022" | dhcpd_chuser_enable=3D"YES" | dhcpd_withuser=3D"dhcpd" | dhcpd_withgroup=3D"dhcpd" | dhcpd_devfs_enable=3D"YES" | dhcpd_rootdir=3D"/var/jails/dhcpd" | dhcpd_chroot_enable=3D"YES" | dhcpd_ifaces=3D"bge0" Note that if I enable the dhcpd_jail options (to use a FreeBSD jail in addition to the chroot and unprivileged user), I still experience the same symptoms. My workaround: For the hosts in question, I've added to the logrotate postrotate script: `/usr/local/etc/rc.d/isc-dhcpd restart > /dev/null` This workaround makes me a little uncomfortable, because these instances of dhcpd are critical for thousands of end users. Is this a bug? Is there a better workaround? Logging from all other applications on the system is unaffected by the HUP to syslog-ng, including two jailed instances of bind9 (syslog-ng on the host opens up the socket /var/run/log inside those jails).=20 Any insight would be greatly appreciated. Thanks, --=20 Chris Cowart Lead Systems Administrator Network Infrastructure, RSSP-IT UC Berkeley --f2QGlHpHGjS2mn6Y Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFGFWQ9V3SOqjnqPh0RAuguAKCdzaOhKGdqGdY+qYumlpcKaNqVuACgiQim DfBacbr22kvTiZfhQE94jac= =I6W6 -----END PGP SIGNATURE----- --f2QGlHpHGjS2mn6Y--