Red Hat Bugzilla – Bug 705723
freeradius logrotate script does not reload running daemon, causing log files not written after logrotate
Last modified: 2012-06-20 10:05:43 EDT
Description of problem: RHEL6's freeradius comes with logrotate config file on /etc/logrotate.d/radiusd. A part of it: /var/log/radius/radius.log { monthly rotate 4 create missingok compress } It does not reload running daemon on logrotate, which worked fine for freeradius < 2.1.9. However the behavior changed on 2.1.9. Now it needs to reload (kill -HUP) the running daemon for it to reopen the log file. Version-Release number of selected component (if applicable): freeradius-2.1.9-3.el6.x86_64 (latest official non-beta version) same thing happens when using latest test version from https://bugzilla.redhat.com/show_bug.cgi?id=689045 How reproducible: Always Steps to Reproduce: 1. Enable auth logging on radiusd.conf 2. Start freeradius 3. Test auth with radtest 4. Look at /var/log/radius/radius.log -> auth attempt recorded 5. Force logrotate with "logrotate -v -f /etc/logrotate.d/radiusd 6. Re-test auth with readtest 7. Look at /var/log/radius/radius.log Actual results: Second auth attempt not logged Expected results: Second auth attempt logged Additional info: Relevant debian bug entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602815
bug present also in freeradius-2.1.10-5.el6
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: freeradius logrotate script fails to reload the radiusd daemon after a log rotation. Consequence: freeradius log messages are lost after a log rotation. Fix: Add command to freeradius logrotate script to reload radiusd daemon. Result: After a log rotate the radiusd daemon reinitializes and reopens it's log files, log messages are captured.
Obviously the same fix is needed for the RHEL5 version of freeradius2, ie freeradius2-2.1.12-3.el5 as in el5.8 Luckily we noticed pretty quickly and so only lost a couple of day's logs (over the weekend).
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0881.html