On 09.08.2017 17:36, Dridi Boukelmoune wrote:
On Wed, Aug 9, 2017 at 4:46 PM, Admin Beckspaced <ad...@beckspaced.com> wrote:
Hello Varnish Community,
I'm running an openSUSE 42.2 server with varnish 5.1.2
Update to 5.1.3, your Varnish instance can be DoS'd remotely!
For me it looks like that varnishlog.service is waiting for varnish.service
to start and the varnish.service seems to take a bit long to start up?
Is there a systemd service option to wait for a few seconds before starting
something like a delayed start of the service?
Not a systemd option, but you can use the `-t` option in varnishncsa
or varnishlog to increase the timeout (defaults to 5s).
VARNISHLOG_PARAMS="-f /etc/varnish/varnishncsa-log-format-string -a -w
This is where you want to add a timeout option. See man varnishncsa.
Just to report back on the startup issue ...
added the timeout option to the startup via '-t 30'
and after a system reboot systemctl status reports
cx40:~ # systemctl status varnishlog.service
● varnishlog.service - Varnish log generator
Loaded: loaded (/etc/systemd/system/varnishlog.service; enabled;
vendor preset: disabled)
Active: active (running) since Thu 2017-08-10 08:35:19 CEST; 1min
Main PID: 1145 (varnishncsa)
Tasks: 1 (limit: 512)
└─1145 /usr/sbin/varnishncsa -t 30 -f
/etc/varnish/varnishncsa-log-format-string -a -w
/var/log/varnish/varnish.log -P /var/run/varnishlog.pid
Aug 10 08:35:19 cx40 systemd: Started Varnish log generator.
Aug 10 08:35:19 cx40 varnishncsa: Cannot open log - retrying for
Aug 10 08:35:28 cx40 varnishncsa: Log opened
so ... all has worked out fine ;)
Thanks & greetings
varnish-misc mailing list