[rbldnsd] rbldnsd and logrorate?
Michael Tokarev
mjt at tls.msk.ru
Wed Feb 21 14:32:58 MSK 2007
Per Jessen wrote:
> All,
>
> has anyone noticed the following behaviour:
>
> after restart, rbldsnd 0.996 will happily log messages when zones are
> reloaded etc., but this stops after a a while, usually around the time
> when logrotate does /var/log/messages.
>
> Does rbldnsd and logrotate have a problem with each other?
It's not logrotate&rbldnsd, it's syslogd&rbldnsd. The thing is like this:
rbldnsd opens the log socket (/dev/log) on startup before entering chroot jail.
Inside the jail, there's (usually) no /dev/log exists.
Some implementations of syslogd performs - for whatever reason - re-creating of
the log socket on reloads. So the socket opened by rbldnsd becomes invalid, and
rbldnsd (actually it's glibc implementation of syslog(3)) tries to re-open it on
next message, but fails because in the chroot jail there's no /dev/log. And hence
it just stops logging.
The fix is to find out why syslogd re-creates /dev/log socket, and stop it from
doing that. The same issue affects other services that are chrooted, but most of
the time not as problematic as rbldnsd. For example, certain Postfix daemons
(notable qmgr) stops logging at the exactly same time, if running chrooted.
Another (less good but still acceptable) fix is to tell syslogd to keep another
log socket inside rbldnsd chroot directory. For example, on Debian with stock
sysklogd package, one has to add something akin `-a /var/lib/rbldns/dev/log' to
SYSLOGD variable in /etc/init.d/sysklogd (and create that directory).
This problem doesn't occur on Debian with stock sysklogd - rbldnsd is running
for months and continues logging just fine. Unless one restarts syslogd.
/mjt
More information about the rbldnsd
mailing list