Univention Bugzilla – Bug 55597
univention-samba logrotate doesn't rotate logfiles properly
Last modified: 2023-02-16 11:58:03 CET
Unfortunately, errata 553 doesn't fully fix the issue. On one of our memberservers the following files exist: [0 root@kyushu /var/log/samba] date 2023-01-25 17:40:38 +0100 [0 root@kyushu /var/log/samba] ls -l log.samba-dcerpcd log.rpcd_* -rw-r--r-- 1 root root 1922498 2023-01-25 17:14 log.rpcd_classic -rw-r--r-- 1 root root 0 2022-07-03 07:13 log.rpcd_epmapper -rw-r--r-- 1 root root 0 2022-07-03 07:13 log.rpcd_fsrvp -rw-r--r-- 1 root root 70300 2023-01-25 16:05 log.rpcd_lsad -rw-r--r-- 1 root root 54828 2023-01-24 09:01 log.rpcd_mdssvc -rw-r--r-- 1 root root 0 2022-07-03 07:13 log.rpcd_rpcecho -rw-r--r-- 1 root root 831706 2022-12-21 15:29 log.rpcd_spoolss -rw-r--r-- 1 root root 2359104 2023-01-25 17:14 log.rpcd_winreg -rw-r--r-- 1 root root 82368 2023-01-25 17:14 log.samba-dcerpcd As you can see several of those files exists & have been written to recently. Therefore logrotate will try to rotate them. According to /etc/logrotate.d/samba the following is the postrotate snippet: { pidof samba-dcerpcd && pkill --signal HUP samba-dcerpcd; } > /dev/null Executing this manually followed by "echo $?" shows that this exits with 1. Therefore logrotate will exit with a failure as well, complaining about the postrotate script failing. The snippet fails because there's no "samba-dcerpcd" process running. Therefore the whole snippet fails as well. At Bug 55591 Comment 8 this has been reported: This is different from gating the pkill with "if … then … fi" as "if"s will not pass the exit code of the failing condition: [0 root@kyushu /var/log/samba] bash root@kyushu:/var/log/samba# if false ; then echo no ; fi ; echo $? 0 root@kyushu:/var/log/samba# Changing the postrotate snippet to the following should therefore work: if pidof samba-dcerpcd > /dev/null; then pkill --signal HUP samba-dcerpcd > /dev/null fi [0 root@kyushu ~] ucr search --brief \^version/ version/erratalevel: 556 version/patchlevel: 2 version/releasename: Blumenthal version/version: 5.0 That being said, there's still the question of why something writes to those files on memberservers even though there's no process called samba-dcerpcd running. Maybe some other process should be HUP'ed as well. +++ This bug was initially created as a clone of Bug #55591 +++
Thanks for your analysis! samba-dcerpcd and samba-bgqd are two new daemons that are started on demand by samba, but not as child processes but as stand alone processes. The former has a timeout and dies after a configurable period of inactivity.
Thanks for the explanation. That explains what I've observed, including: • no samba-dcerpcd process right after restarting Samba • messages in log.samba-dcerpcd about it having started, but no process running anymore
Another customer we needed to put hands on regarding this issue today. Please fix it, the solution is already shown.
b93b5a4bda | logrotate samba-dcerpcd samba-bgqd e8b412bc56 | yaml 2ae63b956e | Issue #1431: move old samba logs during update dc5d9d7f7c | Advisory update 0906e0dbb5 | fixup! Issue #1431: move old samba logs during update Verified: * Package update * Directory /var/log/samba/archive/ is created during update * Existing log.rpcd_*.* and log.samba-dcerpcd.* are moved there (so that logrotate finds them) * logrotate -f /etc/logrotate.d/samba # works * Advisory
<https://errata.software-univention.de/#/?erratum=5.0x575> <https://errata.software-univention.de/#/?erratum=5.0x576>