isc-dhcpd logging breaks when syslog-ng HUP'd

Hello,

I posted this to questions last month, but have not received any
responses. I'm hoping somebody on this list may be able to help.

I have 2 servers running isc-dhcp3-server and syslog-ng. I have
configured dhcpd to run in a chroot. The following (reproducible)
sequence of events cause dhcpd logging to break:
1) Start syslog-ng
2) Start isc-dhcpd (At this point, logging is working fine)
3) `pkill -HUP syslog-ng` (This happens on the hour whenever logfiles
need rotating, but can also be effected manually)
4) dhcpd logging is now broken
5) Restart isc-dhcpd (logging works again)

My theory (and it's only a theory) is that when isc-dhcpd starts, it
gets an fd to the syslog socket. When syslog-ng receives a HUP, that
socket is reopened and isc-dhcpd's fd is now broken.

Relevant options from rc.conf:
| syslogd_enable="NO"
| newsyslog_enable="NO"
| syslog_ng_enable="YES"
| dhcpd_enable="YES"
| dhcpd_flags="-q"
| dhcpd_conf="/usr/local/etc/dhcpd.conf"
| dhcpd_includedir="/usr/local/etc/dhcpd.d"
| dhcpd_withumask="022"
| dhcpd_chuser_enable="YES"
| dhcpd_withuser="dhcpd"
| dhcpd_withgroup="dhcpd"
| dhcpd_devfs_enable="YES"
| dhcpd_rootdir="/var/jails/dhcpd"
| dhcpd_chroot_enable="YES"
| dhcpd_ifaces="bge0"

Note that if I enable the dhcpd_jail options (to use a FreeBSD jail in
addition to the chroot and unprivileged user), I still experience the
same symptoms.

My workaround:
For the hosts in question, I've added to the logrotate postrotate
script: `/usr/local/etc/rc.d/isc-dhcpd restart > /dev/null`
This workaround makes me a little uncomfortable, because these instances
of dhcpd are critical for thousands of end users.

Is this a bug? Is there a better workaround? Logging from all other
applications on the system is unaffected by the HUP to syslog-ng,
including two jailed instances of bind9 (syslog-ng on the host opens up
the socket /var/run/log inside those jails).

Any insight would be greatly appreciated.

Thanks,

--
Chris Cowart
Lead Systems Administrator
Network Infrastructure, RSSP-IT
UC Berkeley

Attachment: signature.asc
Description: Digital signature

Relevant Pages

  • isc-dhcpd logging breaks when syslog-ng HUPd
    ... I have 2 servers running isc-dhcp3-server and syslog-ng. ... sequence of events cause dhcpd logging to break: ... Start isc-dhcpd (At this point, logging is working fine) ...
    (freebsd-questions)
  • Re: Syslog setup server on FC5?[Scanned]
    ... I am trying to figure our how to setup syslog-ng on FC5 and not having much luck. ... The logging facility on these switches is 'user' but this can be changed. ... On the server that will be doing the logging, edit syslog.conf and add an entry that maps logging data received on the above numeric facility to a log file. ...
    (Fedora)
  • Re: How to enable logging to the sshd.log file in Windows? (Using SSH in Cygwin)
    ... I wanted to be able to log all incoming and outgoing SSH ... logging to Windows and the log can be view from Windows Event Viewer. ... First install syslog-ng. ...
    (comp.security.ssh)