Bug #3433

Missing logrotate for OpenVPN log file

Added by Davide Marini over 4 years ago. Updated over 4 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-openvpn
Target version:v6.8
Security class: Resolution:
Affected version:v6.8 NEEDINFO:No

Description

The log file of OpenPVN (/var/log/openvpn/openvpn.log) is never rotated, so as time goes by it becomes bigger and bigger and after few months it could be impossible to see in the log viewer from the admin web interface.
It would be better if the openvpn.log file was rotated as the majority of the log files in Nethserver.

Associated revisions

Revision 80d0ffe8
Added by Giacomo Sanchietti over 4 years ago

Add logrotate configuration. Refs #3433

Revision 8a7ec3af
Added by Giacomo Sanchietti over 4 years ago

Add logrotate configuration. Refs #3433

History

#1 Updated by Filippo Carletti over 4 years ago

  • Category set to nethserver-openvpn
  • Status changed from NEW to TRIAGED
  • Target version set to v6.8
  • % Done changed from 0 to 20
  • Affected version set to v6.8

AFAIK, openvpn doesn't offer a signal for log rotation. To avoid useless restarts, I'd use copytruncate.

#2 Updated by Filippo Carletti over 4 years ago

Another option could be instructing openvpn to log through syslog, configuring rsyslogd to extract logs to /var/log/openvpn/openvpn.log.

#3 Updated by Filippo Carletti over 4 years ago

Untested logrotate fragment:

/var/log/openvpn/openvpn.log {
 missingok
 notifempty
 copytruncate
 create 0600 root root
}

#4 Updated by Giacomo Sanchietti over 4 years ago

  • Status changed from TRIAGED to MODIFIED
  • % Done changed from 20 to 60

Implemented and tested suggested logrotate configuration.

#5 Updated by Giacomo Sanchietti over 4 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-openvpn-1.3.1-1.2.g80d0ffe.ns6.noarch.rpm

Test case
- Check the bug is not reproducible

#6 Updated by Davide Marini over 4 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

The log file was rotated as expected.

[root@localhost ~]# ls -ltr /var/log/openvpn/
total 404
-rw------- 1 root root 205327 Dec 18 03:40 openvpn.log-20161218
-rw------- 1 root root 193655 Dec 19 12:03 openvpn.log
-rw------- 1 root root    232 Dec 19 12:06 host-to-net-status.log

#7 Updated by Giacomo Sanchietti over 4 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

Released:
- nethserver-openvpn-1.3.2-1.ns6.noarch.rpm

Also available in: Atom PDF