[mod-security-users] mlogc semaphore issue
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] mlogc semaphore issue
|
From: <chr...@go...> - 2015-11-12 08:27:41
|
Hi all, we have a RHEL 6.6 with apache httpd + modsecurity + mlogc. In our environment the number of semaphores is increasing as well. I made the following observation. Extract from modsecurity main.conf: SecAuditLog "|/opt/modsecurity/bin/mlogc /opt/modsecurity/etc/mlogc.conf" On graceful restarts of the httpd the number of semaphores usually doesn't increase. Extract from mlogc-error.log when a graceful restart of the httpd is done: [Wed Nov 11 10:55:42 2015] [3] [32634/0] Configuring ModSecurity Audit Log Collector 2.9.0. [Wed Nov 11 10:55:42 2015] [3] [32634/0] Delaying execution for 5000ms. [Wed Nov 11 10:55:42 2015] [3] [24270/0] Caught SIGTERM, shutting down. [Wed Nov 11 10:55:42 2015] [3] [24270/2605340] Running final transaction checkpoint. [Wed Nov 11 10:55:42 2015] [3] [24270/0] ModSecurity Audit Log Collector 2.9.0 terminating normally. [Wed Nov 11 10:55:42 2015] [3] [32635/0] Configuring ModSecurity Audit Log Collector 2.9.0. [Wed Nov 11 10:55:42 2015] [3] [32635/0] Delaying execution for 5000ms. [Wed Nov 11 10:55:47 2015] [3] [32634/0] Caught SIGTERM, shutting down. [Wed Nov 11 10:55:47 2015] [3] [32634/0] ModSecurity Audit Log Collector 2.9.0 terminating normally. The mlogc process receives a SIGTERM and enters a "delay modus", a new mlogc process is created and after 5 seconds the old mlogc process disappears. This can be seen with the ps command very well. But, if you do a seconds graceful restart while the old mlogc process is still in the "delay modus", then a left over semaphore will be the result. It seams like mlogc doens't handle a second SIGTERM very well. On SLES 10 (glibc-2.4-31.119.2, 32bit) mlogc is running without any problems. It seams to be a problem in the combination of RHEL 6.6 (glibc 2.12) + mlogc. Best, Christian ____________________________________________________________________________________________________ Gesellschaft: Gothaer Systems GmbH Sitz: Gothaer Allee 1, 50969 Köln (Hausanschrift) Aufsichtsrat: Dr. Mathias Bühring-Uhle (Vorsitzender) Geschäftsführung: Dr. Hans Volkmar Weckesser (Vorsitzender), Hans Berg Rechtsform: Gesellschaft mit beschränkter Haftung Registergericht: Amtsgericht Köln, HRB 25642 USt.-IdNr. DE811850000 |
