My Favorites

Close

Please to see your favorites.


Server hangs when syslog-ng attempts a logrotate

This document (7012741) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9

Situation

When a syslog-ng logrotate occurs the system appears to hang and logging stops

Resolution

LDAP users are not supported in syslog-ng.

Fix the syslog setup by changing all users specified in syslog-ng.conf to /etc/passwd users.

Cause

An ldap user works in the config when starting syslog-ng because the ldap lookup is triggered before /dev/log is open and the ldap server does not get
blocked trying to write to a socket;  It has not been created yet. glibc syslog() makes blocking calls once it actually writes to the socket. 

The deadlock occurs during logrotate because an ldap lookup is triggered to get a userid for the user specified in the syslog-ng.conf file.
The ldap server blocks because there is a valid socket, but nobody "reads" it; Nobody reads it because syslog-ng waits for the getpwnam call to return.

Additional Information

Possible "work-arounds":   (Untested)

-  Use owner(-1)/group(-1) to not change the log file ownership at all.
- Modify/create the logrotate script to stop & restart rather than reload after the existing file is saved.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7012741
  • Creation Date:28-JUN-13
  • Modified Date:28-JUN-13
    • SUSESUSE Linux Enterprise Server

Did this document solve your problem? Provide Feedback