Bug 787111 - freeradius logrotate script does not reload running daemon, causing log files not written after logrotate
Summary: freeradius logrotate script does not reload running daemon, causing log files...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: freeradius2
Version: 5.0
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: John Dennis
QA Contact: Patrik Kis
URL:
Whiteboard:
: 821567 (view as bug list)
Depends On:
Blocks: 807971
TreeView+ depends on / blocked
 
Reported: 2012-02-03 07:51 UTC by Karel Srot
Modified: 2013-01-08 05:10 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 705723
Environment:
Last Closed: 2013-01-08 05:10:36 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0134 0 normal SHIPPED_LIVE Low: freeradius2 security and bug fix update 2013-01-08 09:44:45 UTC

Description Karel Srot 2012-02-03 07:51:24 UTC 
also present in rebased freeradius2-2.1.12-3.el5

+++ This bug was initially created as a clone of Bug #705723 +++

Description of problem:

RHEL6's freeradius comes with logrotate config file on /etc/logrotate.d/radiusd. A part of it:

/var/log/radius/radius.log {
        monthly
        rotate 4
        create
        missingok
        compress
}

It does not reload running daemon on logrotate, which worked fine for freeradius < 2.1.9. However the behavior changed on 2.1.9. Now it needs to reload (kill -HUP) the running daemon for it to reopen the log file.


Version-Release number of selected component (if applicable):
freeradius-2.1.9-3.el6.x86_64 (latest official non-beta version)
same thing happens when using latest test version from https://bugzilla.redhat.com/show_bug.cgi?id=689045


How reproducible:
Always

Steps to Reproduce:
1. Enable auth logging on radiusd.conf
2. Start freeradius
3. Test auth with radtest
4. Look at /var/log/radius/radius.log -> auth attempt recorded
5. Force logrotate with "logrotate -v -f /etc/logrotate.d/radiusd
6. Re-test auth with readtest
7. Look at /var/log/radius/radius.log
  
Actual results:
Second auth attempt not logged


Expected results:
Second auth attempt logged


Additional info:
Relevant debian bug entry:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602815
Comment 2 Thomas Scheunemann 2012-03-05 10:03:52 UTC 
I have to second that bug report. After installing "freeradius2-2.1.12-3.el5" on a
x86_64 RHEL 5 system the radiusd logrotate stopped working.

But it is even worse. Sending a HUP to the "radiusd" will not switch to the newly created logfile. I had to switch to "copytruncate" in "/etc/logrotate.d/radiusd" to get something "working".
Comment 8 Dmitri Pal 2012-06-13 15:01:51 UTC 
*** Bug 821567 has been marked as a duplicate of this bug. ***
Comment 9 Jonathan Peatfield 2012-06-13 17:31:41 UTC 
Re comment #2 For me just adding a "/sbin/service radiusd reload" in a postrotate section seems to case radiusd to re-open the log file.  This is with freeradius2-2.1.12-3.el5 though my logrotate.d/radiusd entry has a few other tweaks in it as well so maybe those are what is saving us from whatever was causing it not to re-open the log file for you...

 -- Jon
Comment 14 errata-xmlrpc 2013-01-08 05:10:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0134.html
Note You need to log in before you can comment on or make changes to this bug.