Package: logrotate Version: 3.7.8-6 Severity: critical Tags: upstream Justification: causes serious data loss
Bug occurred with 3.7.8-6ubuntu3.1, but is present in Debian and all upstream versions up to and including 3.8.4. When writing the state file, logrotate essentially does fopen(); fprinf(); fclose();. If anything fails between fopen() and fclose(), Bad Stuff happens. Failures include -ENOSPC, which ought to be fairly common. On -ENOSPC the state file is truncated, usually with a partial line at the end. Future logrotate runs will use the state file, but fail to write it with "error: could not read state file, will not attempt to write into it" Therefore the state file gets both truncated and stale. Afaics log rotation still happens, but only for files present in the truncated stale state file. So one set of logs is rotated regularly and another is not. While trying to debug the partial rotation issue I ran logrotate manually with -v, causing a second logrotate run for the day. Because logrotate hadn't happend in a long time - if you believe the state file - this destroyed a day's worth of logs for the files that were rotated. Afaics the data loss depends on using dateext, which I do. Obvious fix is to do fopen(); fprintf(); fclose(); rename(); instead. If the write fails for any reason, you still have the old state file. However, the obvious fix still falls short, as the state file would not be untruncated, but still stale. So future logrotate runs will still happily destroy data. I suspect the only sane real fix is to get rid of the state file for the dateext case. Glob for "logfile-20130430*", or maybe "logfile-20130430" and "logfile-20130430.gz" and use that to decide whether to rotate or not. The only point of the state file is to get this information for the "logfile.0" case. And arguably even then it should be sufficient to trust the file dates. -- Package-specific info: Contents of /etc/logrotate.d total 36 -rw-r--r-- 1 root root 194 Jan 1 2011 apache2 -rw-r--r-- 1 root root 173 Jan 25 2011 apt -rw-r--r-- 1 root root 79 Oct 16 2010 aptitude -rw-r--r-- 1 root root 232 Jan 30 2011 dpkg -rw-r--r-- 1 root root 146 Jan 31 2011 exim4-base -rw-r--r-- 1 root root 126 Jan 31 2011 exim4-paniclog -rw-r--r-- 1 root root 153 Dec 4 2010 postgresql-common -rw-r--r-- 1 root root 515 Nov 30 2010 rsyslog -rw-r--r-- 1 root root 322 Dec 7 2010 samba -- System Information: Debian Release: 6.0.6 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages logrotate depends on: ii base-passwd 3.5.22 Debian base system master password ii cron 3.0pl1-116 process scheduling daemon ii libc6 2.11.3-4 Embedded GNU C Library: Shared lib ii libpopt0 1.16-1 lib for parsing cmdline parameters ii libselinux1 2.0.96-1 SELinux runtime shared libraries Versions of packages logrotate recommends: ii bsd-mailx [mailx] 8.1.2-0.20100314cvs-1 simple mail user agent logrotate suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
