My Favorites


Please to see your favorites.

Server hangs when syslog-ng attempts a logrotate

This document (7012741) is provided subject to the disclaimer at the end of this document.


SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9


When a syslog-ng logrotate occurs the system appears to hang and logging stops


LDAP users are not supported in syslog-ng.

Fix the syslog setup by changing all users specified in syslog-ng.conf to /etc/passwd users.


An ldap user works in the config when starting syslog-ng because the ldap lookup is triggered before /dev/log is open and the ldap server does not get
blocked trying to write to a socket;  It has not been created yet. glibc syslog() makes blocking calls once it actually writes to the socket. 

The deadlock occurs during logrotate because an ldap lookup is triggered to get a userid for the user specified in the syslog-ng.conf file.
The ldap server blocks because there is a valid socket, but nobody "reads" it; Nobody reads it because syslog-ng waits for the getpwnam call to return.

Additional Information

Possible "work-arounds":   (Untested)

-  Use owner(-1)/group(-1) to not change the log file ownership at all.
- Modify/create the logrotate script to stop & restart rather than reload after the existing file is saved.


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7012741
  • Creation Date:28-JUN-13
  • Modified Date:28-JUN-13
    • SUSESUSE Linux Enterprise Server

Did this document solve your problem? Provide Feedback