Server hangs when syslog-ng attempts a logrotate
This document (7012741) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9
Situation
When a syslog-ng logrotate occurs the system appears to hang and logging stops
Resolution
LDAP users are not supported in syslog-ng.
Fix the syslog setup by changing all users specified in syslog-ng.conf to /etc/passwd users.
Cause
An ldap user works in the config when starting syslog-ng because the ldap lookup is triggered before /dev/log is open and the ldap server does not get blocked trying to write to a socket; It has not been created yet. glibc syslog() makes blocking calls once it actually writes to the socket.
The deadlock occurs during logrotate because an ldap lookup is triggered to get a userid for the user specified in the syslog-ng.conf file.
The ldap server blocks because there is a valid socket, but nobody "reads" it; Nobody reads it because syslog-ng waits for the getpwnam call to return.
Additional Information
Possible "work-arounds": (Untested)
- Use owner(-1)/group(-1) to not change the log file ownership at all.
- Modify/create the logrotate script to stop & restart rather than reload after the existing file is saved.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7012741
- Creation Date: 28-Jun-2013
- Modified Date:04-Oct-2022
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
