763495 – net-dns/dnscrypt-proxy log rotation should have a hard restart

Bug 763495 - net-dns/dnscrypt-proxy log rotation should have a hard restart

Summary: net-dns/dnscrypt-proxy log rotation should have a hard restart

Status:	UNCONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Sam James

URL:
Whiteboard:
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2021-01-04 04:48 UTC by Frank Tobin
Modified:	2021-01-04 04:59 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Frank Tobin 2021-01-04 04:48:57 UTC

There is a race condition where logrotate's copytruncate directive causes dnscrypt-proxy to end up with a logfile it is writing to that is not truncated, since it could be in the middle of a write (dnscrypt-proxy's file descriptor is still to the middle of the logfile, I believe). The logfile ends up having a bunch of null data at the beginning as it continues to write to it. This has happened multiples times on different machines for me. It's much safer to do a hard restart after a normal rotation.

There was an expressed concern that a hard restart invalidates the cache; I suggest that DNS TTLs are fairly short relative to the frequency of logfile rotations.  Half of TTLs are one minute or less. https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/

Pull request that updates the logrotate configuration: https://github.com/gentoo/gentoo/pull/18383