The Apache RPM installs its logrotate piece into /etc/logrotate.d/apache The postrotate command in this file is ... /bin/kill -HUP `cat /var/run/httpd.pid 2> /dev/null` 2> /dev/null || true The problem is that Apache sometimes writes its Process ID into /var/run/httpd.pid and sometimes into /var/run/httpsd.pid. In the latter case, the server does NOT get restarted by logrotate and thus, the Apache keeps writing logs into the newly renamed and rotated access_log.1, etc. First, this effectively disables the logrotate function as all data still goes into the same file (based on the inode number that Apache originally opened) and secondly, after 4 weeks, when the active file gets deleted by logrotate, bad things happen, the best case scenario is that logging gets lost and the worst case is file corruption or server crash. When Apache is used in SSL mode with a valid key, it stores its Process ID in httpsd.pid. However, on servers that do not run with a secure key or in secure mode, Apache sometimes writes to httpd.pid and sometimes httpsd.pid. I have not been able to figure out what the determining factor is. I have to start Apache, look in /var/run and see what file Apache is using and manually change the logrotate config file for apache. Once done, it seems to work forever However, this is something that should be automatic. The easiest fix is to change the postrotate part of the /etc/logrotate.d/apache file to check which "pid" file exists and then restart based on that, but the correct fix is to make Apache consistent. This bug seems to affect all versions of RedHat Linux, up through the current release.
Thanks for the report. This bug is no longer present in the Apache httpd 2.0 packages in Red Hat Enterprise Linux and Fedora Core.