I have an up-to-date CentOS 6 with reasonable amount of ftp activity (a dozen of network cameras uploading images every second 24x7).
The first issue was that the whole /var filesystem was about to get full, because of huge ftp daemon log.
vsftpd.conf says:
# You may override where the log file goes if you like. The default is shown # below. xferlog_file=/var/log/vsftpd.log
Ok, the above works now. But while the setting was (by default) commented out, the default wasn't /var/log/vsftpd.log but /var/log/xferlog which was growing without limits (it was over 6 GB when I first time noticed the problem) since logrotate tried to rotate vsftpd.log
-rw------- 1 root root 0 Dec 31 03:07 vsftpd.log -rw------- 1 root root 39134459 Dec 31 12:19 vsftpd.log.1 -rw------- 1 root root 433305200 Dec 30 22:03 xferlog
Now, after uncommenting the log file setting line in the conf the next issue is, that logrotate does rotate the log files (the old one gets .1 postfix added to its name and a new file is created), but it still keeps writing to the original file (which is renamed now)
In the ls -l listing above: - vsftpd started to write log vsftpd.log around 10pm last night (when I uncommented the log setting from the conf and restarted the daemon, until that it was logging to xferlog) - during the night logrotate has changed the name of the existing log file to ...log.1 but now, several hours later, this renamed old file is still used for logging, and the new ...log file remains empty!
Is there some simple option in logrotate's conf that could change this behaviour? Or how to fix this. There must be many others who already have run into this issue.
Regards, Timo
On 12/31/2011 02:48 AM, Timo Neuvonen wrote:
I have an up-to-date CentOS 6 with reasonable amount of ftp activity (a dozen of network cameras uploading images every second 24x7).
The first issue was that the whole /var filesystem was about to get full, because of huge ftp daemon log.
vsftpd.conf says:
# You may override where the log file goes if you like. The default is shown # below. xferlog_file=/var/log/vsftpd.log
Ok, the above works now. But while the setting was (by default) commented out, the default wasn't /var/log/vsftpd.log but /var/log/xferlog which was growing without limits (it was over 6 GB when I first time noticed the problem) since logrotate tried to rotate vsftpd.log
-rw------- 1 root root 0 Dec 31 03:07 vsftpd.log -rw------- 1 root root 39134459 Dec 31 12:19 vsftpd.log.1 -rw------- 1 root root 433305200 Dec 30 22:03 xferlog
Now, after uncommenting the log file setting line in the conf the next issue is, that logrotate does rotate the log files (the old one gets .1 postfix added to its name and a new file is created), but it still keeps writing to the original file (which is renamed now)
In the ls -l listing above:
- vsftpd started to write log vsftpd.log around 10pm last night (when I
uncommented the log setting from the conf and restarted the daemon, until that it was logging to xferlog)
- during the night logrotate has changed the name of the existing log file
to ...log.1 but now, several hours later, this renamed old file is still used for logging, and the new ...log file remains empty!
Is there some simple option in logrotate's conf that could change this behaviour? Or how to fix this. There must be many others who already have run into this issue.
Regards, Timo
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Check out the man page for vsftpd.conf. vsftpd supports 2 log file formats. The xferlog_file parameter is for the wu-ftpd style log and the vsftpd_log_file is the native format log file. The description of xferlog_file is:
xferlog_file This option is the name of the file to which we write the wu- ftpd style transfer log. The transfer log is only written if the option xferlog_enable is set, along with xferlog_std_format. Alternatively, it is written if you have set the option dual_log_enable.
So if you enable the wu-ftpd style logging then it goes to to xferlog_file.
Nataraj
Il 03/01/2012 04:14, Nataraj ha scritto:
Ok, the above works now. But while the setting was (by default) commented out, the default wasn't /var/log/vsftpd.log but /var/log/xferlog which was growing without limits (it was over 6 GB when I first time noticed the problem) since logrotate tried to rotate vsftpd.log
-rw------- 1 root root 0 Dec 31 03:07 vsftpd.log -rw------- 1 root root 39134459 Dec 31 12:19 vsftpd.log.1 -rw------- 1 root root 433305200 Dec 30 22:03 xferlog
Nataraj replied to this
Now, after uncommenting the log file setting line in the conf the next issue is, that logrotate does rotate the log files (the old one gets .1 postfix added to its name and a new file is created), but it still keeps writing to the original file (which is renamed now)
As noted in /etc/logrotate.d/vsftpd.log ftpd does'nt handle SIGHUP properly, so the daemon keeps writing on the original file
In the ls -l listing above:
- vsftpd started to write log vsftpd.log around 10pm last night (when I
uncommented the log setting from the conf and restarted the daemon, until that it was logging to xferlog)
- during the night logrotate has changed the name of the existing log file
to ...log.1 but now, several hours later, this renamed old file is still used for logging, and the new ...log file remains empty!
Is there some simple option in logrotate's conf that could change this behaviour? Or how to fix this. There must be many others who already have run into this issue.
Try skeduling a service stop/start instead the SIGHUP the logrotate daemon does.
Regards, Timo
Check out the man page for vsftpd.conf. vsftpd supports 2 log file formats. The xferlog_file parameter is for the wu-ftpd style log and the vsftpd_log_file is the native format log file. The description of xferlog_file is:
xferlog_file This option is the name of the file to which we write the wu- ftpd style transfer log. The transfer log is only written if the option xferlog_enable is set, along with xferlog_std_format. Alternatively, it is written if you have set the option dual_log_enable.
So if you enable the wu-ftpd style logging then it goes to to xferlog_file.
Nataraj
Regards Lorenzo
-
Lorenzo Quatrini -
Nataraj -
Timo Neuvonen