[CentOS] vsftpd log issues

Wed Jan 4 09:33:37 UTC 2012
Lorenzo Quatrini <lorenzo.quatrini at gmail.com>

Il 03/01/2012 04:14, Nataraj ha scritto:
>>
>> Ok, the above works now. But while the setting was (by default) commented
>> out, the default wasn't  /var/log/vsftpd.log  but  /var/log/xferlog  which
>> was growing without limits (it was over 6 GB when I first time noticed the
>> problem) since logrotate tried to rotate vsftpd.log
>>
>> -rw-------  1 root root         0 Dec 31 03:07 vsftpd.log
>> -rw-------  1 root root  39134459 Dec 31 12:19 vsftpd.log.1
>> -rw-------  1 root root 433305200 Dec 30 22:03 xferlog
>>

Nataraj replied to this

>> Now, after uncommenting the log file setting line in the conf the next issue
>> is, that logrotate does rotate the log files (the old one gets .1 postfix 
>> added to its name and a new file is created), but it still keeps writing to 
>> the original file (which is renamed now)
>>

As noted in /etc/logrotate.d/vsftpd.log ftpd does'nt handle SIGHUP properly, so
the daemon keeps writing on the original file

>> In the ls -l listing above:
>> - vsftpd started to write log vsftpd.log around 10pm last night (when I
>> uncommented the log setting from the conf and restarted the daemon, until
>> that it was logging to xferlog)
>> - during the night logrotate has changed the name of the existing log file
>> to ...log.1 but now, several hours later, this renamed old file is still
>> used for logging, and the new ...log file remains empty!
>>
>> Is there some simple option in logrotate's conf that could change this
>> behaviour? Or how to fix this. There must be many others who already have
>> run into this issue.

Try skeduling a service stop/start instead the SIGHUP the logrotate daemon does.

>> Regards,
>> Timo
>>

> Check out the man page for vsftpd.conf.  vsftpd supports 2 log file
> formats.  The xferlog_file parameter is for the wu-ftpd style log and
> the vsftpd_log_file is the native format log file.  The description of
> xferlog_file is:
> 
> xferlog_file
>               This option is the name of the file to which we  write 
> the  wu-
>               ftpd style transfer log. The transfer log is only written
> if the
>               option xferlog_enable is  set,  along  with 
> xferlog_std_format.
>               Alternatively,  it  is  written  if  you  have  set  the 
> option
>               dual_log_enable.
> 
> 
> So if you enable the wu-ftpd style logging then it goes to to xferlog_file.
> 
> Nataraj
> 

Regards
Lorenzo