Re: Rsyslog stdout and stderr

[Abdelkader Chelouah]

Le 10/03/2019 à 00:58, Howard Chu a écrit :
Abdelkader Chelouah wrote:
Hi,
slapd 2.4.44

OpenLDAP instance configure as a proxy (back-ldap)


 From time to time, bind operations can take more than 5 sec. These latencies 
do not seem to come from a CPU or memory problem. I'm trying to see if the 
network
can be the root cause of the issue. To debug the fonction ldap_sasl_bind 
(libraries/libldap/sasl.c), I activated trace loglevel (logs are manage by 
rsyslog). In
the definition of ldap_sasl_bind, there is

Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 );

A least the message "ldap_sasl_bind" should appear in logs, which is not the 
case. Actually, Debug (which is first defined in include/ldap_log.h) is redefined
in libraries/libldap/ldap-int.h

...

#include "ldap_log.h"

#undef Debug

#ifdef LDAP_DEBUG

#define DebugTest( level ) \
         ( ldap_debug & level )

#define Debug( level, fmt, arg1, arg2, arg3 ) \
         do { if ( ldap_debug & level ) \
         ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \
         } while ( 0 )

#define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\
         ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) )
configure
#else

#define DebugTest( level )                                    (0 == 1)
#define Debug( level, fmt, arg1, arg2, arg3 )                 ((void)0)
#define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0)

#endif /* LDAP_DEBUG */

...

A a result, the message is send to standard output. By using rsyslog, it is not 
possible to catch any message inside ldap_sasl_bind.


How to get stdout and stderr messages and still use rsyslog to manage openldap 
logs ?
syslog is not fast enough to handle the debug traffic.

You could use ber_set_option() to override the log output functions, and have 
them write
messages both to rsyslog and stderr. But using syslog on every debug message 
will slow
things down more than 10x.

Hello Howard,


Thanks to your help, I'm now able to send slapd messages both to rsyslog 
and stderr when I use the '*-d*' option of slapd. For information, the 
latencies were due to a DNS resolution problem. In detached mode, ie, 
without the '*-d*' option, messages are redirected to /dev/null.

*$ grep -B 1 dup2 libraries/liblutil/detach.c*
                        /* redirect stdin, stdout, stderr to /dev/null */
                        dup2( sd, STDIN_FILENO );
                        dup2( sd, STDOUT_FILENO );
                        dup2( sd, STDERR_FILENO );


For debugging purpose, I want to be able to switch back and forth from 
"stats" to "stats trace" log levels, which is not possible when slapd 
starts in background. Is there any way to to this ?


Thanks in advance.