I have an ubuntu 8.04 LTS server that runs openvpn. The openvpn server writes to a standard logfile under /var/log and prior to a month ago logrotate would automatically rotate the files and compress them.
The files are still being rotated however the new logfile (ovpn.log) is empty. Restarting the openvpn daemon fixes the issue (ie: openvpn writes status events to the file) but after about 10 days the file is rotated again openvpn can't write to the logfile again. This is also strange because logrotate is set to rotate every 6 months.
Openvpn runs as nobody and the logfiles are owned by root and admin which is strange because it should either work at all times or not work at all if the permissions are the cause, unless openvpn runs as root temporarily and then drops down to nobody after initializing ?
OpenVPN is probably still writing to the OLD log file (the file (inode) that it opened for writing back when it started up).
Logrotate needs to notify the OpenVPN daemon that its log file has been turned over so OpenVPN can open the new logfile (This is usually done via a signal, but stopping/restarting the whole daemon has the same effect. Check the OpenVPN man page & your "postrotate" script).
Alternatively you can configure OpenVPN to use syslog, since
logrotate
should be notifyingsyslogd
when it rolls your log files (or all your logfiles would be blank).Does your
/etc/logrotate.d/openvpn
(or similar file) have apostrotate
action that sendsSIGHUP
? That should tell the daemon that the log file has been rotated.That sounds like the logrotate configration is broken.
Have you upgraded logrotate and/or openvpn?
Try adding option "copytruncate" to your logrotate config for Openvpn. This option would probably fix this issue.