Bug 787111

Summary: freeradius logrotate script does not reload running daemon, causing log files not written after logrotate
Product: Red Hat Enterprise Linux 5 Reporter: Karel Srot <ksrot>
Component: freeradius2Assignee: John Dennis <jdennis>
Status: CLOSED ERRATA QA Contact: Patrik Kis <pkis>
Severity: high Docs Contact:
Priority: high    
Version: 5.0CC: dpal, jdennis, j.s.peatfield, pkis, scheunemann
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 705723 Environment:
Last Closed: 2013-01-08 05:10:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 807971    

Description Karel Srot 2012-02-03 07:51:24 UTC 
also present in rebased freeradius2-2.1.12-3.el5

+++ This bug was initially created as a clone of Bug #705723 +++

Description of problem:

RHEL6's freeradius comes with logrotate config file on /etc/logrotate.d/radiusd. A part of it:

/var/log/radius/radius.log {
        monthly
        rotate 4
        create
        missingok
        compress
}

It does not reload running daemon on logrotate, which worked fine for freeradius < 2.1.9. However the behavior changed on 2.1.9. Now it needs to reload (kill -HUP) the running daemon for it to reopen the log file.


Version-Release number of selected component (if applicable):
freeradius-2.1.9-3.el6.x86_64 (latest official non-beta version)
same thing happens when using latest test version from https://bugzilla.redhat.com/show_bug.cgi?id=689045


How reproducible:
Always

Steps to Reproduce:
1. Enable auth logging on radiusd.conf
2. Start freeradius
3. Test auth with radtest
4. Look at /var/log/radius/radius.log -> auth attempt recorded
5. Force logrotate with "logrotate -v -f /etc/logrotate.d/radiusd
6. Re-test auth with readtest
7. Look at /var/log/radius/radius.log
  
Actual results:
Second auth attempt not logged


Expected results:
Second auth attempt logged


Additional info:
Relevant debian bug entry:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602815
Comment 2 Thomas Scheunemann 2012-03-05 10:03:52 UTC 
I have to second that bug report. After installing "freeradius2-2.1.12-3.el5" on a
x86_64 RHEL 5 system the radiusd logrotate stopped working.

But it is even worse. Sending a HUP to the "radiusd" will not switch to the newly created logfile. I had to switch to "copytruncate" in "/etc/logrotate.d/radiusd" to get something "working".
Comment 8 Dmitri Pal 2012-06-13 15:01:51 UTC 
*** Bug 821567 has been marked as a duplicate of this bug. ***
Comment 9 Jonathan Peatfield 2012-06-13 17:31:41 UTC 
Re comment #2 For me just adding a "/sbin/service radiusd reload" in a postrotate section seems to case radiusd to re-open the log file.  This is with freeradius2-2.1.12-3.el5 though my logrotate.d/radiusd entry has a few other tweaks in it as well so maybe those are what is saving us from whatever was causing it not to re-open the log file for you...

 -- Jon
Comment 14 errata-xmlrpc 2013-01-08 05:10:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0134.html