[Bug 894636] New: squid's logrotate snippet runs init script
https://bugzilla.novell.com/show_bug.cgi?id=894636 https://bugzilla.novell.com/show_bug.cgi?id=894636#c0 Summary: squid's logrotate snippet runs init script Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: x86-64 OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: marcosfrm@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0 # cat /etc/logrotate.d/squid /var/log/squid/cache.log { <snip> postrotate /etc/init.d/squid reload endscript } /var/log/squid/access.log { <snip> postrotate /etc/init.d/squid reload endscript } /var/log/squid/store.log { <snip> postrotate /etc/init.d/squid reload endscript } The /etc/init.d/squid calls are replaced every time they run: /etc/init.d/squid reload redirecting to systemctl reload squid.service /usr/lib/systemd/system/squid.service reloads it with: ExecReload=/usr/sbin/squid -F $SQUID_START_OPTIONS -f /etc/squid/squid.conf -k reconfigure Previously, init script executed *both* rotate and reconfigure. squid -k reconfigure also does rotate's job -- a little bit overkill for logrotate's needs, since it reloads the config file. I suggest: /usr/sbin/squid -k rotate 2>/dev/null || : (error suppression in case squid is not running) I am running squid-3.3.8-2.4.2.x86_64. Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c
Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c1
Christian Wittmer
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c2
Christian Wittmer
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c3
--- Comment #3 from Marcos Mello
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c4
--- Comment #4 from Marcos Mello
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c5
Bruno Friedmann
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c6
--- Comment #6 from Marcos Mello
https://bugzilla.novell.com/show_bug.cgi?id=894636
https://bugzilla.novell.com/show_bug.cgi?id=894636#c7
--- Comment #7 from Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=894636
Marcos Mello
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #9 from Marcos Mello
http://bugzilla.novell.com/show_bug.cgi?id=894636
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #10 from Bruno Friedmann
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #11 from Marcos Mello
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #12 from Marcos Mello
The service file is fine. I do not know if there is a guideline that define preference between systemctl, kill (or systemctl kill...), or even directly daemon binary invocation where applicable in logrotate snippets.
"-k rotate" will find squid's main process via its pid file and send SIGUSR1.
"-k reconfigure" (SIGHUP) will also reload the configuration file.
Getting rid of those init script calls is enough to me. ;)
Well, after reading http://article.gmane.org/gmane.comp.web.squid.general/93737 I will change my recommendation. SIGUSR1 (aka rotate) is better. Previously, I suggested /usr/sbin/squid -k rotate 2>/dev/null || : but for a "pure" systemd setup, we can also use systemctl --kill-who=main --signal=SIGUSR1 kill squid.service 2>/dev/null || : -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #13 from Marcos Mello
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #15 from Marcos Mello
(In reply to Marcos Mello from comment #6)
The service file is fine. I do not know if there is a guideline that define preference between systemctl, kill (or systemctl kill...), or even directly daemon binary invocation where applicable in logrotate snippets.
"-k rotate" will find squid's main process via its pid file and send SIGUSR1.
"-k reconfigure" (SIGHUP) will also reload the configuration file.
Getting rid of those init script calls is enough to me. ;)
Well, after reading
http://article.gmane.org/gmane.comp.web.squid.general/93737
I will change my recommendation. SIGUSR1 (aka rotate) is better.
Previously, I suggested
/usr/sbin/squid -k rotate 2>/dev/null || :
but for a "pure" systemd setup, we can also use
systemctl --kill-who=main --signal=SIGUSR1 kill squid.service 2>/dev/null || :
What process is suposed to be the main one is controversial. https://bugzilla.redhat.com/show_bug.cgi?id=913262 http://bugs.squid-cache.org/show_bug.cgi?id=3826 Therefore, until non-daemon mode is compatible with SMP-mode (that would allow switch to Type=simple ou maybe Type=notify, having one "agreed" main process), I go back to /usr/sbin/squid -k rotate 2>/dev/null || : in /etc/logrotate.d/squid. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=894636
--- Comment #16 from Marcos Mello
Yes, probably we can join all logs in one definition. Today, the only difference is that cache.log has size=+1024k while access.log and store.log have size=+4096k.
I suggested doing that for access.log and store.log in bug 894840 (and wiping out 'sharedscripts' when not needed).
Looking into it again, I can not see a reason for 'create 640 squid root' and think it should be dropped. Squid creates its logs with owner squid:nogroup and permission 640. logrotate by default, when no 'create <foo>' is specified, creates new logs with owner/permission from the original files.
Even simpler, use 'nocreate' and let squid create it.
Assuming size=+4096k is OK for cache.log, we can simplify:
/var/log/squid/*.log { compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok sharedscripts postrotate /usr/bin/systemctl reload squid.service endscript }
Updated suggested config for systemd builds, now using systemctl to detect daemon state. /var/log/squid/*.log { compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok nocreate sharedscripts postrotate /usr/bin/systemctl -q is-active squid.service && /usr/sbin/squid -k rotate endscript } For SysV builds, I think test -e /var/run/squid.pid && /usr/sbin/squid -k rotate is OK. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=894636
Christian Wittmer
participants (1)
-
bugzilla_noreply@novell.com