[stunnel-users] stunnel log rolling

• Previous message (by thread): [stunnel-users] stunnel log rolling
• Next message (by thread): [stunnel-users] stunnel log rolling
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Dan,

I was referring to this text in the stunnel man page
<https://www.stunnel.org/static/stunnel.html>:

> SIGUSR1
>
> Close and reopen the *stunnel* log file. This function can be used for
> log rotation.
>
-- Tom




On Wed, Sep 12, 2018 at 11:15 AM Daniel Trickett <
daniel.trickett at emdmillipore.com> wrote:

> Hi Tom,
>
>
>
> Is what you refer to? I think the open and re-open only happen when the
> service is stopped and restarted. It hasn’t rolled over like Apache in my
> short experience.
>
>
>
> *log* = append | overwrite
>
> log file handling
>
> This option allows you to choose whether the log file (specified with the
> *output* option) is appended or overwritten when opened or re-opened.
>
> default: append
>
>
>
>
>
> Best regards,
>
>
>
> Dan
>
>
>
> Daniel Trickett
>
> Head of Database Services | MBS Business Technology
>
> BX-TCS-O Oracle ERP
>
> Business Services of Merck KGaA, Darmstadt, Germany
>
>
>
> *Planned Absence –*
>
>
>
>
>
> *MilliporeSigma*
>
> A business of Merck KGaA, Darmstadt, Germany
>
>
>
> EMD Millipore Corporation | 80 Ashby Road | Bedford, MA 01730 | USA
>
> office 781-533-3017 |cell 978-761-3506 |email *daniel.trickett at emdmillipore.com
> <daniel.trickett at emdmillipore.com>*
>
>
>
>
>
> *From:* Tom Hood <tom.w.hood at gmail.com>
> *Sent:* Wednesday, September 12, 2018 1:10 PM
> *To:* Daniel Trickett <daniel.trickett at emdmillipore.com>
> *Cc:* stunnel-users at stunnel.org
> *Subject:* Re: [stunnel-users] stunnel log rolling
>
>
>
> Hi Daniel,
>
>
>
> The trick is how to roll the logs without an interruption of service (i.e.
> without a stunnel restart).  I believe stunnel claims to support this, but
> I think the feature might be broken in 5.49
>
>
>
> Thanks,
>
> -- Tom
>
>
>
>
>
> On Wed, Sep 12, 2018 at 5:43 AM Daniel Trickett <
> daniel.trickett at emdmillipore.com> wrote:
>
> Tom,
>
>
>
> Kill the stunnel process. Then mv the log. This will allow stunnel to
> right to a new log file.
>
>
>
> Best regards,
>
>
>
> Dan
>
>
>
> Daniel Trickett
>
> Head of Database Services | MBS Business Technology
>
> BX-TCS-O Oracle ERP
>
> Business Services of Merck KGaA, Darmstadt, Germany
>
>
>
> *Planned Absence –*
>
>
>
>
>
> *MilliporeSigma*
>
> A business of Merck KGaA, Darmstadt, Germany
>
>
>
> EMD Millipore Corporation | 80 Ashby Road | Bedford, MA 01730 | USA
>
> office 781-533-3017 |cell 978-761-3506 |email *daniel.trickett at emdmillipore.com
> <daniel.trickett at emdmillipore.com>*
>
>
>
>
>
> *From:* stunnel-users <stunnel-users-bounces at stunnel.org> *On Behalf Of *Tom
> Hood
> *Sent:* Tuesday, September 11, 2018 5:02 PM
> *To:* stunnel-users at stunnel.org
> *Subject:* [stunnel-users] stunnel log rolling
>
>
>
> Hi,
>
>
>
> I'm new to stunnel and it isn't clear to me how the log rolling feature
> works.
>
>
>
> I built stunnel 5.49 with gcc 4.2.0 on Solaris 10.  I'm running it on
> Solaris 11.3 SPARC.  Using openssl 1.0.2p
>
>
>
> The config file has disabled syslog and is logging to stunnel.log.
>
>
>
> Command line is:  stunnel stunnel.conf
>
> where stunnel.conf contains the following:
>
> syslog = no
>
> output = stunnel.log
>
> debug = 7
>
>
>
> [service-exterior]
>
> client = no
>
> options = NO_SSLv2
>
> options = NO_SSLv3
>
> options = NO_TLSv1
>
> options = NO_TLSv1.1
>
> options = -NO_TLSv1.2
>
> cert = /path/to/stunnel.pem
>
> curve = zzz
>
> accept = testhost:32100
>
> connect = 127.0.0.1:32200
>
>
>
> [service-interior]
>
> client = yes
>
> options = NO_SSLv2
>
> options = NO_SSLv3
>
> accept = 127.0.0.1:32200
>
> connect = 127.0.0.1:32100
>
> sslVersion = TLSv1
>
> ciphers = zzz
>
> TIMEOUTconnect = 60
>
>
>
> The log rollowing steps I tried that don't work are:
>
> mv stunnel.log stunnel.log.1
>
> kill -USR1 <stunnelpid>
>
>
>
> The log message "LOG7[main]: Processing SIGNAL_REOPEN_LOG" shows up in
> stunnel.log.1. However, new client connections to host:32100 do not trigger
> creation of a new stunnel.log file.  In fact, logging stops to
> stunnel.log.1 as soon as the USR1 is processed.  The new client connections
> work as before, but there isn't any logging.
>
>
>
> I restarted stunnel and tried the test again with these steps:
>
> mv stunnel.log stunnel.log.1
>
> touch stunnel.log
>
> kill -USR1 <stunnelpid>
>
> That also doesn't work.
>
>
>
> Please let me know the correct sequence of steps to roll the stunnel.log
>
>
>
> Thank you,
>
> -- Tom
>
>
>
>
>
> This message and any attachment are confidential and may be privileged or
> otherwise protected from disclosure. If you are not the intended recipient,
> you must not copy this message or attachment or disclose the contents to
> any other person. If you have received this transmission in error, please
> notify the sender immediately and delete the message and any attachment
> from your system. Merck KGaA, Darmstadt, Germany and any of its
> subsidiaries do not accept liability for any omissions or errors in this
> message which may arise as a result of E-Mail-transmission or for damages
> resulting from any unauthorized changes of the content of this message and
> any attachment thereto. Merck KGaA, Darmstadt, Germany and any of its
> subsidiaries do not guarantee that this message is free of viruses and does
> not accept liability for any damages caused by any virus transmitted
> therewith.
>
>
>
> Click http://www.emdgroup.com/emd/imprint/mail_disclaimer.html to access
> the German, French, Spanish and Portuguese versions of this disclaimer.
>
>
>
> This message and any attachment are confidential and may be privileged or
> otherwise protected from disclosure. If you are not the intended recipient,
> you must not copy this message or attachment or disclose the contents to
> any other person. If you have received this transmission in error, please
> notify the sender immediately and delete the message and any attachment
> from your system. Merck KGaA, Darmstadt, Germany and any of its
> subsidiaries do not accept liability for any omissions or errors in this
> message which may arise as a result of E-Mail-transmission or for damages
> resulting from any unauthorized changes of the content of this message and
> any attachment thereto. Merck KGaA, Darmstadt, Germany and any of its
> subsidiaries do not guarantee that this message is free of viruses and does
> not accept liability for any damages caused by any virus transmitted
> therewith.
>
>
>
> Click http://www.emdgroup.com/emd/imprint/mail_disclaimer.html to access
> the German, French, Spanish and Portuguese versions of this disclaimer.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180912/94a9786b/attachment.html>

• Previous message (by thread): [stunnel-users] stunnel log rolling
• Next message (by thread): [stunnel-users] stunnel log rolling
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]