- tags: Linux,Systemd,Supervisor,Logrotate
Background
I usually use supervisor1 to deploy my services, and capture the stdout/stderr to the log files, and then use logrotate to rotate the logs, which the configuration likes:
/data/log/app/*/*.log {
daily
missingok
rotate 180
dateext
compress
delaycompress
notifempty
create 640 nobody adm
sharedscripts
postrotate
/usr/local/bin/supervisorctl -c /etc/supervisord.conf pid && kill -USR2 `/usr/local/bin/supervisorctl -c /etc/supervisord.conf pid` > /tmp/kill.log 2>&1
endscript
}
As you can see, I make the logrotate to send a signal to supervisord after the logs have been rotated, to let the supervisord reopen the logs.
But when I deployed my services onto a Ubuntu 20.04, it just don’t work.
Show The Verbose
Then I change the logrotate.service
to show the verbose outputs of logrorate, I changed the ExecStart
in the logrotate.service
to:
ExecStart=/usr/sbin/logrotate -f -v /etc/logrotate.conf
-f
to force logrotate run.
Then I noticed a line in the outputs of command journalctl -xe
:
Nov 01 15:49:51 vm logrotate[3952467]: unix:///tmp/supervisor.sock no such file
Solve the Problem
I identify that this is the output of supervisorctl
, but the file is existed, then I noticed a line in the logrotate.service
:
PrivateTmp=true
According to its documentation:
PrivateTmp= Takes a boolean argument. If true, sets up a new file system namespace for the executed processes and mounts private /tmp and /var/tmp directories inside it that is not shared by processes outside of the namespace. This is useful to secure access to temporary files of the process, but makes sharing between processes via /tmp or /var/tmp impossible.
So I changed it to false
, then the problem solved. If the security is more important to you, you can change the unix socket path.