rodjek / puppet-logrotate Goto Github PK
View Code? Open in Web Editor NEWPuppet logrotate module
License: MIT License
Puppet logrotate module
License: MIT License
We just moved to using this module and an unintended consequence was that our default logrotate.conf was overwritten, which changes the expected behavior of existing systems. The default provided is dated and does not match the standard behavior on some newer systems.
I completely understand that some people might want to update the configuration, but it should not be done by default. Or at least it should be done in a configurable manner similar to the .d files.
There is too much e-mail noise from cron.
For example, here is the logrotate installed in cron.daily on RHEL/CentOS where it creates output and sends e-mail only on failure.
#!/bin/sh
/usr/sbin/logrotate /etc/logrotate.conf >/dev/null 2>&1
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0
Sometimes one gets a warning from logrotate cron jobs about the file changing while being gzipped on Debian Wheezy. I believe this is because cron is authenticating at the same time that /var/log/btmp or /var/log/wtmp is being rotated.
On Debian with Puppet 3.3.2 or 3.4.2, I have the following manifest:
logrotate::rule { 'apache':
path => '/var/log/httpd/*.log',
rotate => 5,
mail => '[email protected]',
size => '100k',
sharedscripts => true,
postrotate => '/etc/init.d/httpd restart',
# olddir => '/old/dir',
}
and everything is fine. However, when setting olddir, the following is happening:
--- /etc/logrotate.d/wtmp 2014-01-08 22:12:34.259633823 +0100
+++ /tmp/puppet-file20140108-7872-11bdii4 2014-01-08 22:17:02.663631091 +0100
@@ -2,6 +2,7 @@
create 0664 root utmp
mail [email protected]
missingok
+ olddir /old/dir
sharedscripts
monthly
rotate 1
--- /etc/logrotate.d/btmp 2014-01-08 22:12:34.339633822 +0100
+++ /tmp/puppet-file20140108-7872-on4ph8 2014-01-08 22:17:02.867631089 +0100
@@ -2,6 +2,7 @@
create 0660 root utmp
mail [email protected]
missingok
+ olddir /old/dir
sharedscripts
monthly
rotate 1
--- /etc/logrotate.d/apache 2014-01-08 22:12:34.387633822 +0100
+++ /tmp/puppet-file20140108-7872-1skeajg 2014-01-08 22:17:02.959631088 +0100
@@ -1,5 +1,6 @@
/var/log/httpd/*.log {
mail [email protected]
+ olddir /old/dir
sharedscripts
rotate 5
size 100k
What is olddir doing in wtmp/btmp?
Despite being included in logrotate::rule
it doesn't work. Not sure if this is because of a new Puppet version or a change in this module.
https://github.com/rodjek/puppet-logrotate/blob/master/manifests/rule.pp#L404
The parsing of rotate
appears to differ from the official documentation. In the examples, rotate
is presented as a Ruby Fixnum
. In the code, the match criteria appears to only work for numeric characters from a Ruby String
.
This is working for me:
logrotate::rule { 'redis_6384':
path => '/var/log/redis_6384.log',
rotate => '4',
mail => '',
rotate_every => 'week'
}
This block returns an error:
logrotate::rule { 'redis_6384':
path => '/var/log/redis_6384.log',
rotate => 4,
mail => '',
rotate_every => 'week'
}
==> data: Error: Logrotate::Rule[redis_6384]: rotate must be an integer on node db01.hostname.dev
Am I misunderstanding something? Is the documentation wrong? Is the parser incorrect?
Thanks!
Error: Illegal name. The given name _compress does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:181:13
Error: Illegal name. The given name _compress does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:182:14
Error: Illegal name. The given name _copy does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:190:13
Error: Illegal name. The given name _copy does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:191:14
Error: Illegal name. The given name _copytruncate does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:199:13
Error: Illegal name. The given name _copytruncate does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:200:14
Error: Illegal name. The given name _create does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:208:13
Error: Illegal name. The given name _create does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:209:14
Error: Illegal name. The given name _delaycompress does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:217:13
Error: Illegal name. The given name _delaycompress does not conform to the naming rule \A((::)?[a-z0-9]w*)(::[a-z0-9]w*)*\z at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:218:14
Error: Found 32 errors. Giving up at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:90 on node vagrant-tools01.local
Error: Found 32 errors. Giving up at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:90 on node vagrant-tools01.local
Error: Found 32 errors. Giving up at /etc/puppet/components/vendors/logrotate/manifests/rule.pp:90 on node vagrant-tools01.local
[#] puppet module install rodjek/logrotate
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from http://forge.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
Error: No such file or directory - /etc/puppet/modules/logrotate/spec/fixtures/modules/logrotate/templates
Error: Try 'puppet help module install' for usage
Puppet v3.2.1
Currently the package's state is not a class parameter in logrotate::base and its default value of 'latest' doesn't seem to be justified.
If ever YUM is used by another user/process at the same time as a Puppet run or if the repositories are too slow to answer, that shows up as a failure in the run.
Why the file permissions for the file /etc/logrotate.conf is changed to "0444" in https://github.com/rodjek/puppet-logrotate/blob/master/manifests/rule.pp#L389 ?
I would suggest to not touch the default permissions.
Logrotate has an option to change user/group before rotating a logfile. For example "su portage portage" rotates the logfile as user portage and group portage.
Without this option it is not possible (or I don't know how) to rotate files like the elog logfiles under Gentoo.
error: skipping "/var/log/portage/elog/summary.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root")
Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Could you add the "su" option to the puppet module? :-)
When rotate_every
is changed from 'day'
to 'hour'
the old version of the configuration file is left in the /etc/logrotate.d/
directory.
When rotate_every
is changed from 'hour'
to 'day'
the old version of the configuration file is left in the /etc/logrotate.d/hourly/
directory.
RedHat 6.4
logrotate 3.7.8
The latest one is 9 months old and is missing some of the newer features of the module with commits from 3 months ago and before not being included.
the default logrotate.conf on ubuntu needs the line
su root syslog
We're using librarian-puppet (thank you) but this module is causing librarian to blow up. See below. I believe the cause is /etc/puppet/modules/logrotate/spec/fixtures/modules/logrotate/files is a symlink and copy_metadata uses File.utime rather then File.lutime (which is only available as a patch). Is there some workaround we can apply to this module to fix this? Maybe releasing special versions that don't include the spec directory? The alternative is applying a patch to File and FileUtils and although this is probably the more appropriate sol'n it kind of sucks.
[Librarian] Copying .tmp/librarian/cache/source/git/032c8ffb4832f285 to modules/logrotate
/usr/lib/ruby/1.8/fileutils.rb:1278:in `utime': No such file or directory - /etc/puppet/modules/logrotate/spec/fixtures/modules/logrotate/files (Errno::ENOENT)
from /usr/lib/ruby/1.8/fileutils.rb:1278:in `copy_metadata'
from /usr/lib/ruby/1.8/fileutils.rb:453:in `copy_entry'
from /usr/lib/ruby/1.8/fileutils.rb:1332:in `traverse'
from /usr/lib/ruby/1.8/fileutils.rb:449:in `copy_entry'
from /usr/lib/ruby/1.8/fileutils.rb:424:in `cp_r'
from /usr/lib/ruby/1.8/fileutils.rb:1403:in `fu_each_src_dest'
from /usr/lib/ruby/1.8/fileutils.rb:1419:in `fu_each_src_dest0'
from /usr/lib/ruby/1.8/fileutils.rb:1401:in `fu_each_src_dest'
from /usr/lib/ruby/1.8/fileutils.rb:423:in `cp_r'
from /usr/lib/ruby/gems/1.8/gems/librarian-puppet-0.9.10/lib/librarian/puppet/source/local.rb:44:in `install_perform_step_copy!'
from /usr/lib/ruby/gems/1.8/gems/librarian-puppet-0.9.10/lib/librarian/puppet/source/local.rb:27:in `install!'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/manifest.rb:97:in `install!'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/action/install.rb:49:in `install_manifests'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/action/install.rb:48:in `each'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/action/install.rb:48:in `install_manifests'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/action/install.rb:39:in `perform_installation'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/action/install.rb:12:in `run'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:165:in `install!'
from /usr/lib/ruby/gems/1.8/gems/librarian-puppet-0.9.10/lib/librarian/puppet/cli.rb:70:in `install'
from /usr/lib/ruby/gems/1.8/gems/thor-0.18.1/lib/thor/command.rb:27:in `__send__'
from /usr/lib/ruby/gems/1.8/gems/thor-0.18.1/lib/thor/command.rb:27:in `run'
from /usr/lib/ruby/gems/1.8/gems/thor-0.18.1/lib/thor/invocation.rb:120:in `invoke_command'
from /usr/lib/ruby/gems/1.8/gems/thor-0.18.1/lib/thor.rb:363:in `dispatch'
from /usr/lib/ruby/gems/1.8/gems/thor-0.18.1/lib/thor/base.rb:439:in `start'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:26:in `bin!'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:31:in `returning_status'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:26:in `bin!'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:47:in `with_environment'
from /usr/lib/ruby/gems/1.8/gems/librarian-0.1.1/lib/librarian/cli.rb:26:in `bin!'
from /usr/lib/ruby/gems/1.8/gems/librarian-puppet-0.9.10/bin/librarian-puppet:7
from /usr/bin/librarian-puppet:19:in `load'
from /usr/bin/librarian-puppet:19
Currently, logrotate::defaults::* manage rotation of wtmp / btmp. Because the parameters aren't exposed, I can't change the configuration for them.
This could be remedied (fairly simply) either by:
I believe I've found a duplication definition issue when doing hourly log rotation:
/etc/cron.hourly/logrotate is defined in both base.pp and hourly.pp, so if you include logrotate::base and logrotate::hourly, then the manifest compile dies. The fix I believe is to remove the definition from one of them, for proof of concept I took it out of base. Is this correct?
Hey can you release a new version of the module on puppet forge if it's ready? Thanks!
At https://github.com/rodjek/puppet-logrotate/blob/master/manifests/rule.pp#L315-L321 the $rotate
variable is checked if it is a number or the string 'undef' by using a regex (it happens again later for the $shredcycles
as well). Unfortunately, under the future parser numbers are actually numbers and cannot have a regex applied to them since there is no automatic conversion to string. An issue (PUP-3083) filed against puppet provides a small snippet that shows the problem:
$test = 1
case $test {
/^\d+$/: {
fail('MATCH')
}
default: {
fail("Not MATCH")
}
}
The example works (issues MATCH
) on puppet 3.6's current parser but not the future parser (--parser future
causes it to issue Not MATCH
).
The most straightforward fix for this is to just quote the case value: case "$test"
, which forces it to stringify the value and allows a regex to be used. This is backwards compatible with the current parser.
logrotate 3.8.7 crashes with Error in `logrotate': free(): invalid next size (fast): 0x00000000013f3450
config:
/var/www/log/*log {
su root root
copy
rotate 5
dateext
dateformat -%Y-%m-%d-%s-server01
daily
compress
lastaction
scp /var/www/log/*.log-* [email protected]:archives/
rm /var/www/log/*.log-*.gz
endscript
}
Running it through:
logrotate -d -f config
Output:
rotating log /var/www/log/random.log, log->rotateCount is 5
Converted ' -%Y-%m-%d-%s-server01' -> '-%Y-%m-%d-%s-server01'
dateext suffix '-2016-06-27-1467068778-server01'
glob pattern '-[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]-server01'
glob finding old rotated logs failed
copying /var/www/log/random.log to /var/www/log/random.log-2016-06-27-1467068778-web002
Not truncating /var/www/log/random.log
compressing log with: /bin/gzip
*** Error in `logrotate': free(): invalid next size (fast): 0x00000000013f3450 ***
The random.log file is opened by a ruby process in the following way:
logfile = File.open('./log/random.log', 'a')
logfile.sync = true
_logger = Logger.new(logfile)
_logger::info("\nAdding some junk")
Disabling the compress option in the config gives no errors in 3.8.7.
I built 3.9.2 from source and it seems that the problem is fixed. I'm posting this because Ubuntu 14.04 LTS has logrotate 3.8.7 in its repos by default.
Feel free to close this if the problem is known.
Mainly in that the original provides a log entry when there is something wrong with the logrotate run.. That is something that is very good to have.
notice: /Stage[main]/Logrotate::Base/File[/etc/cron.daily/logrotate]/content:
--- /etc/cron.daily/logrotate 2013-07-18 10:08:07.000000000 +0000
+++ /tmp/puppet-file20140421-26981-1m3pwq9-0 2014-04-21 14:39:58.000000000 +0000
@@ -1,8 +1,6 @@
#!/bin/sh
+# THIS FILE IS AUTOMATICALLY DISTRIBUTED BY PUPPET. ANY CHANGES WILL BE
+# OVERWRITTEN.
-/usr/sbin/logrotate /etc/logrotate.conf >/dev/null 2>&1
-EXITVALUE=$?
-if [ $EXITVALUE != 0 ]; then
- /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
-fi
-exit 0
+test -x /usr/sbin/logrotate || exit 0
+/usr/sbin/logrotate /etc/logrotate.conf
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.