why is web traffic being written to the rotated log file?

Wed Mar 29 08:56:05 UTC 2006

Hi Chris,

On Tue, Mar 28, 2006 at 03:23:20PM -0800, Chris W. Parker wrote:
> Thanks Alfred and Tom for the advice. I have two websites logging to
> different locations and therefore also have two different httpd
> logrotate files. Here is the output of both files:
> 
> 1| /var/log/httpd/sites/website.com/*log {
> 2|     missingok
> 3|     notifempty
> 4|     sharedscripts
> 5|     postrotate
> 6|         /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2>
> /dev/null || true
> 7|     endscript
> 8| }
> 
> They are identical files except for line #1 which differs only in which
> website's logs the file is pointed at.
> 
> Looks like I've already got the "graceful restart" in there so hopefully
> this sheds some more light on the situation.
> 

My guess is that you're having the same problem I'm seeing: /tmp is mounted "noexec" and logrotate wants to execute a script from there. I created a patch to directly use execlp() instead (which should do the right thing). It works for me, so you might want to give it a try.

Jim

--- logrotate-3.7.1/logrotate.c 2006-03-29 09:47:17.000000000 +0100
+++ logrotate-3.7.1.no-tmp-scripts/logrotate.c  2006-03-29 09:48:35.000000000 +0100
@@ -76,10 +76,7 @@
 }
 
 static int runScript(char * logfn, char * script) {
-    int fd;
-    char *filespec;
     int rc;
-    char buf[256];
 
     if (debug) {
        message(MESS_DEBUG, "running script with arg %s: \"%s\"\n", 
@@ -87,38 +84,17 @@
        return 0;
     }
 
-    filespec = buf;
-    snprintf(buf, sizeof(buf), "%s/logrotate.XXXXXX", getenv("TMPDIR") ?: "/tmp");
-    fd = -1;
-    if (!filespec || (fd = mkstemp(filespec)) < 0 || fchmod(fd, 0700)) {
-       message(MESS_DEBUG, "error creating %s: %s\n", filespec,
-               strerror(errno));
-       if (fd >= 0) {
-           close(fd);
-           unlink(filespec);
-       }
-       return -1;
-    }
-
-    if (write(fd, "#!/bin/sh\n\n", 11) != 11 ||
-       write(fd, script, strlen(script)) != strlen(script)) {
-       message(MESS_DEBUG, "error writing %s\n", filespec);
-       close(fd);
-       unlink(filespec);
-       return -1;
-    }
-
-    close(fd);
-
+    /*
+     * Calling execlp() this way should be much like writing a script file
+     * ie, $1 will be the log file name.
+     */
     if (!fork()) {
-       execlp(filespec, filespec, logfn, NULL);
+       execlp("/bin/sh", "/bin/sh", "-c", script, "-", logfn, NULL);
        exit(1);
     }
 
     wait(&rc);
 
-    unlink(filespec);
-
     return rc;
 }
 


