[Openvpn-users] logrotate

[Bonno B. <b.b...@ti...>]

Hi,

I am using Debian as my OpenVPN server and was wondering about rotating logs. Does openvpn keep the filehandle open or does it close a filehandle after writing to a log file?

The reason I am asking is that

1)     I found out that rsyslog does keep the logfile open and keeps writing lines to the same filehandle until the service gets restarted.

2)     I have some openvpn connections that get set up via lines in the /etc/network/interfaces file and if I do a restart of the openvpn service I lose those connections.

What I create with:
  pre-up openvpn --mktun --dev tap0
  up /usr/sbin/openvpn --writepid /var/run/openvpn.lan2lan.pid --daemon ovpn-lan2lan --cd /etc/openvpn --config /etc/openvpn/lan2lan.conf
  down kill `cat /var/run/openvpn.lan2lan.pid`
  post-down openvpn --rmtun --dev tap0
will not be recreated when I do a restart of the openvpn service, forcing me to do a complete restart of the server as a restart of only the network service provides other problems.

The other client / server connections have no problem as I simply set those up with the regular server config and have the clients connect. When a restart of the service kills all connections the client will simply reconnect.

So, how does openvpn handle the logfiles? I have two logfiles that I want to set up with a simple logrotate like:
/var/log/openvpn-lan.log {
  rotate 12
  monthly
  compress
  missingok
  notifempty
}

/var/log/openvpn-user.log {
  rotate 12
  monthly
  compress
  missingok
  notifempty
}

Will that work?

Bonno Bloksma