[Bug 1406105] Re: Broken logrotate script in freeradius-2.1.12+dfsg-1.2ubuntu8 on Ubuntu 14.04 LTS
Robert C Jennings
1406105 at bugs.launchpad.net
Wed Aug 5 19:09:36 UTC 2015
** Description changed:
+ [Impact]
+
+ * freeradius can not be reloaded, upstart will lose track of the
+ process and leave the original process running (blocking future service
+ starts)
+
+ * log rotation will not function as intended. The service is not
+ reloaded and the file handles for the rotated logs will not be dropped.
+ Logging after rotation occurs will consume storage but be inaccessible
+ to the user for review.
+
+
+ [Test Case]
+
+ * 'service freeradius start'
+ * 'service freeradius reload'
+ * 'service freeradius status' Result stop/waiting
+ * 'ps -ef|grep freeradius' Result: prior freeradius process still running, new process can not be started. Existing process can not be stopped
+ * 'service freeradius stop' Result: process does not stop, not tracked up upstart
+
+ OR
+ * 'service freeradius start' Result: PID displayed is for 'sh' not 'freeradius'
+ * logrotate --verbose --force /etc/logrotate.d/freeradius
+ * 'service freeradius status' Result: stop/waiting
+ * 'ps -ef | grep freeradius' Result: freeradius still running (never received HUP)
+
+
+ [Regression Potential]
+
+ * Upgrade testing needs to ensure that upgrade does not make a system
+ which still could stop/restart freeradius no longer able to stop/restart
+ without manually killing the freeradius process. Mitigated because the
+ postinst for freeradius will restart the service. The postinst for
+ freeradius-* will reload but will be run after the freeradius postinst
+ has restarted to use our fixed upstart configuration.
+
+ * If the user has attempted to reload the service prior to upgrade,
+ which results in freeradius running but no longer managed by upstart,
+ the upgrade will not regress nor fix this environment. In that case the
+ workaround, below, will need to be run (or server restarted) so that
+ upstart can manage freeradius.
+
+ [Other Info]
+
+ * None
+
+ ORIGINAL DESCRIPTION:
+
The freeradius-2.1.12+dfsg-1.2ubuntu8 on Ubuntu 14.04 LTS (Trusty Tahr)
has a bug in the logrotate script (/etc/logrotate.d/freeradius):
The command /etc/init.d/freeradius reload is used for reloading
freeradius after its logfile(s) have been rotated. However, in Ubuntu
14.04 LTS freeradius is managed by Upstart, so that the script cannot
work (the PID file does not exist).
Therefore, the logrotate script should use initctl reload freeradius
instead. Please note that this might not work either at the moment, due
to bug #1282683. However, when this bug is finally fixed, the command
mentioned earlier should work.
+ In this case, freeradius is not reloaded so the file handles for the
+ rotated logs will remain open. Logging will cause the disk utilization
+ to increase (log rotation is ineffective) and due to rotation the user
+ can not view the logs from that point forward.
+
+ Additionally, if 'service freeradius reload' is run, the service will
+ not be HUP'ed and upstart will lose track of the service, leaving the
+ process running.
+
WORKAROUND:
Add an 'exec' in /etc/init/freeradius.conf per the patch in comment #8
and change /etc/logrotate.d/freeradius to use 'service freeradius
reload' rather then '/etc/init.d/freeradius reload' as per the same
patch in comment #8. Attempt a 'service freeradius stop' and check that
the freeradius process is not running (or manually kill it). From there
the service can now be started with 'service freeradius start'
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1406105
Title:
Broken logrotate script in freeradius-2.1.12+dfsg-1.2ubuntu8 on Ubuntu
14.04 LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeradius/+bug/1406105/+subscriptions
More information about the Ubuntu-server-bugs
mailing list