Squid3 not rotating logs

chiwalfrm

Running pfSense 2.1.5 (installed to hard drive using pfSense-LiveCD-2.1.5-RELEASE-amd64.iso)
Everything at defaults.

Installed squid3-dev (beta 3.3.10 pkg 2.2.8 platform: 2.0) package.
Only changed Enable logging to yes.    Log rotate from blank to 7.

It rotated first 2 days, then no more rotation.  The last rotation was a week ago.

This is in my /var/squid/logs/ directory.

[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(62): ls -altr
total 180402
drwxr-xr-x  7 proxy  proxy        512 Jan 11 22:34 ..
-rw-r–---  1 proxy  proxy      3221 Jan 11 22:34 cache.log.1
-rw-r-----  1 proxy  proxy      7278 Jan 11 23:16 access.log.1
-rw-r-----  1 proxy  proxy        58 Jan 12 00:00 cache.log.0
-rw-r-----  1 proxy  proxy    3380317 Jan 12 23:59 access.log.0
-rw-r-----  1 proxy  proxy      8131 Jan 19 11:54 netdb.state
drwxr-xr-x  2 proxy  proxy        512 Jan 19 11:54 .
-rw-r-----  1 proxy  proxy      6348 Jan 19 12:24 cache.log
-rw-r-----  1 proxy  proxy  181164755 Jan 19 12:24 access.log

I looked for a crontab for the 'root' user and got nothing.

[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(63): crontab -l
crontab: no crontab for root

How is the logs rotated if there is no crontab for root?  They rotated twice so wondering what happened.  Doing a manual rotation works fine in the shell "squid -k rotate" but I was hoping for the automated way.

marcelloc

Install cron package to see system cron.

chiwalfrm

I see cron is already installed and running (it came with the default installation).

[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(5): ps aux | grep -i cron
root   37323  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 240 /var/run/ping_hosts.pid /usr/local/bin/ping_hosts.sh
root   37899  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.02 minicron: helper /usr/local/bin/ping_hosts.sh  (minicron)
root   38642  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 3600 /var/run/expire_accounts.pid /etc/rc.expireaccounts
root   38808  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.00 minicron: helper /etc/rc.expireaccounts  (minicron)
root   39104  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 86400 /var/run/update_alias_url_data.pid /etc/rc.update_alias_url_data
root   39471  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.00 minicron: helper /etc/rc.update_alias_url_data  (minicron)
root   84722  0.0  0.0  7928  1620  ??  Ss    3:28PM   0:00.04 /usr/sbin/cron -s
root   54230  0.0  0.0  9068  1468   0  S+    6:26AM   0:00.00 grep -i cron
[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(6):

I also found the crontab.  It turns out that it is in /etc/crontab:

[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(12): more /etc/crontab
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#minute hour    mday    month   wday    who      command
#
#
# pfSense specific crontab entries
# Created: January 19, 2015, 3:28 pm
#

1,31    0-5     *       *       *       root    /usr/bin/nice -n20 adjkerntz -a
1       3       1       *       *       root    /usr/bin/nice -n20 /etc/rc.update_bogons.sh
*/60    *       *       *       *       root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
1       1       *       *       *       root    /usr/bin/nice -n20 /etc/rc.dyndns.update
*/60    *       *       *       *       root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
30      12      *       *       *       root    /usr/bin/nice -n20 /etc/rc.update_urltables
0       0       *       *       *       root    /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
*/15    *       *       *       *       root    /usr/local/pkg/swapstate_check.php
#
# If possible do not add items to this file manually.
# If you do so, this file must be terminated with a blank line (e.g. new line)
#

The squid line shows it is supposed to run at midnight every day.  But it is not running or maybe it is running but it is not rotating.

chiwalfrm

I ran the command as shown in the crontab:/usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf

…and the logs did not rotate.  No changes in /var/squid/logs/

Then I shut down and restarted the squid service.  And ran the exact same command, and got a rotation.  So somehow it stopped responding to rotate command even though the proxy was running fine (access.log kept updating).

marcelloc

Seems to be related to pbi, try to run from bin dir instead of sbin.

/usr/pbi/squid-amd64/bin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf

EDIT

I've tested with both bin and sbin dir and it's rotating fine here.

check what rotate options are saved on config file.

grep -i rotate /usr/pbi/squid-amd64/local/etc/squid/squid.conf

chiwalfrm

There is no /usr/pbi/squid-amd64/bin/squid.

[2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(10): ls /usr/pbi/squid-amd64/bin/squid*
ls: No match.

Since I restarted squid on 1/20, it rotated once at midnight on 1/21, then no more rotations.  The access.log is still growing and the proxy server works fine.

With the root user, running:
/usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
does not do anything.  No errors or anything.

# /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
# 

Notice no output above.

# grep -i rotate /usr/pbi/squid-amd64/local/etc/squid/squid.conf
grep: /usr/pbi/squid-amd64/local/etc/squid/squid.conf: No such file or directory
# find / -name squid.conf -print
/root/squid.conf
/usr/pbi/squid-amd64/etc/squid/squid.conf
# grep -i rotate /usr/pbi/squid-amd64/etc/squid/squid.conf
logfile_rotate 7
debug_options rotate=7