Menu
▾
▴
Re: [Openvpn-users] logrotate
|
From: Jan J. K. <ja...@ni...> - 2013-02-25 09:23:41
|
Hi Bonno,
Bonno Bloksma wrote:
>
> Hi Guys/Gals,
>
> I do NOT want my openvpn log line to be in the syslog, that is why I
> set up the separate log files. As a matter of fact, I want separate
> logfiles for the separate configs I have.
>
> But even IF I want the openvpn log in the syslog, my question is still
> valid…. DOES OPENVPN CLOSE THE FILEHANDLE TO THE LOGFILE AFTER WRITING
> THE LINES or…. Does it keep the filehandle open and is a restart of
> the service needed to force openvpn to use the new logfile after a
> logrotate?
>
> I am not a programmer, at least not anymore, and C was never my
> favorite language. I could probably find this in the source code if I
> have a few hours but…. Does anyone just know the answer to my question
> or should I invest those few hours?
>
cool your jets :)
openvpn logging is done by redirecting stdout/stderr to the logfile (I
had to dive into the sources myself to find this one, and no it was not
trivial). This can be done only when openvpn starts; however, logrotate
has a nice 'copytruncate' feature where it will not move the existing
log file but it will copy it and then trucate it. I've just tested this
using the following logrotate.d/openvpn file on my box:
# cat /etc/logrotate.d/openvpn
/var/log/openvpn.log {
missingok
notifempty
copytruncate
and it works as expected.
HTH,
JJK
> *Van:* Bonno Bloksma [mailto:b.b...@ti...]
> *Verzonden:* vrijdag 22 februari 2013 16:51
> *Aan:* ope...@li...
> *Onderwerp:* [Openvpn-users] logrotate
>
> Hi,
>
> I am using Debian as my OpenVPN server and was wondering about
> rotating logs. Does openvpn keep the filehandle open or does it close
> a filehandle after writing to a log file?
>
> The reason I am asking is that
>
> 1) I found out that rsyslog does keep the logfile open and keeps
> writing lines to the same filehandle until the service gets restarted.
>
> 2) I have some openvpn connections that get set up via lines in the
> /etc/network/interfaces file and if I do a restart of the openvpn
> service I lose those connections.
>
> What I create with:
>
> pre-up openvpn --mktun --dev tap0
>
> up /usr/sbin/openvpn --writepid /var/run/openvpn.lan2lan.pid --daemon
> ovpn-lan2lan --cd /etc/openvpn --config /etc/openvpn/lan2lan.conf
>
> down kill `cat /var/run/openvpn.lan2lan.pid`
>
> post-down openvpn --rmtun --dev tap0
>
> will not be recreated when I do a restart of the openvpn service,
> forcing me to do a complete restart of the server as a restart of only
> the network service provides other problems.
>
> The other client / server connections have no problem as I simply set
> those up with the regular server config and have the clients connect.
> When a restart of the service kills all connections the client will
> simply reconnect.
>
> So, how does openvpn handle the logfiles? I have two logfiles that I
> want to set up with a simple logrotate like:
>
> /var/log/openvpn-lan.log {
>
> rotate 12
>
> monthly
>
> compress
>
> missingok
>
> notifempty
>
> }
>
> /var/log/openvpn-user.log {
>
> rotate 12
>
> monthly
>
> compress
>
> missingok
>
> notifempty
>
> }
>
> Will that work?
>
> Bonno Bloksma
>
> ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_feb
> ------------------------------------------------------------------------
>
> _______________________________________________
> Openvpn-users mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
|