From: [email protected] [mailto:[email protected]] On Behalf Of Nigel Kukard Sent: 31 October 2011 06:06 To: [email protected] Subject: Re: [policyd-users] Policyd Failed
On 10/25/11 08:19, Ian Mordey wrote: Yes I use logrotate for cbpolicyd.log and syslog.. It looks like this caused the problem due to policyd restarting while syslog was restarting and being unable to talk to syslog. Is there any option to retry after this type of failure? Cheers From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Nigel Kukard Sent: 24 October 2011 17:22 To: [email protected]<mailto:[email protected]> Subject: Re: [policyd-users] Policyd Failed On 10/24/11 08:30, Ian Mordey wrote: Hi there We’ve been running policyd for a few months with no problems however it looks like we had a failure last night. I’ve seen this in the logs: [2011/10/24-03:48:02 - 28715] [CORE] NOTICE: 2011/10/24-03:48:02 Server closing! [2011/10/24-03:48:02 - 28715] [CORE] ERROR: 2011/10/24-03:48:02 HUP'ing server Then the log rotated and this in the next log: [2011/10/24-03:48:03 - 28715] [CBPOLICYD] NOTICE: Policyd v2 / Cluebringer - v2.0.11RC1 [2011/10/24-03:48:03 - 28715] [CBPOLICYD] NOTICE: Initializing system modules. [2011/10/24-03:48:03 - 28715] [CBPOLICYD] NOTICE: System modules initialized. [2011/10/24-03:48:03 - 28715] [CBPOLICYD] NOTICE: Module load started... [2011/10/24-03:48:03 - 28715] [CORE] NOTICE: => AccessControl: enabled [2011/10/24-03:48:03 - 28715] [CORE] NOTICE: => Quotas: enabled [2011/10/24-03:48:03 - 28715] [CORE] NOTICE: => Protocol(Postfix): enabled [2011/10/24-03:48:03 - 28715] [CBPOLICYD] NOTICE: Module load done. no connection to syslog available - /dev/log is not a socket at /usr/sbin/cbpolicyd line 274 My config for syslogging has: log_mail=mail@syslog:unix Any ideas what caused this? We have two servers running policyd and only one failed. Just out of curiosity, do you have any log rotation going for cbpolicyd logfiles? -N From what it looks like above the server got a kill -HUP , but seeing as most of policyd config is in the DB it doesn't support being killed by HUP to reload config. -N So my logrotate config for cbpolicyd looks like this: /var/log/cbpolicyd.log { missingok daily rotate 7 create compress start 0 postrotate /bin/kill -HUP `cat /var/run/cbpolicyd.pid 2> /dev/null` 2> /dev/null || true endscript } Are you saying I don’t need the kill –HUP? Would it be advisable to remove this? Cheers Ian
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
