On 11 Oct 2011, at 3:16 AM, crocket wrote:
When some softwares(including stunnel) receive SIGUSR1, they reopen a log file without re-reading configuration files or restarting. Since httpd uses SIGUSR1 for graceful restart, it could use SIGUSR2 purely for reopening log files. Why do people need this signal? A graceful restart doesn't kill active children processes, and those processes still write on an old log file. logrotate can be configured to compress old log files, in which case httpd would try to write onto a compressed log file. Since httpd can't log to a file, it would show abnormal behaviors or even abort downloads from httpd.
A signal is unlikely to be enough.Logfiles are opened using the permissions of the parent process, by the time a child runs the child no longer has access to the file, and does not have permission to close and reopen it.
If the parent received the signal, it would have no option but to replace the children (which is what gets done now), but because we want to do this gracefully, we allow the current set of children to run to completion. The alternative is to abort the request, and generally that's bad.
In our environments we work around this problem by using the fuser command to tell us whether anybody (ie httpd) has a logfile open before we attempt to compress it. If no, we go ahead. If yes, we wait till the top of the next hour, and try and compress it then.
Regards, Graham --
smime.p7s
Description: S/MIME cryptographic signature
