Topic: Error in php-fpm logrotate configuration

- iRedMail version (check /etc/iredmail-release): 1.6.7
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: AlmaLinux 8.9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.

I'm getting the following error email from anacron every week:


logrotate_script: line 1: PH_SYSLOG_POSTROTATE_CMD: command not found
error: error running shared postrotate script for '/var/log/php-fpm/*.log '

The error is in the /etc/logrotate.d/php-fpm file. The string PH_SYSLOG_POSTROTATE_CMD should have been replaced with the correct command by the iRedMail installer, but was not.

I have another server where I originally installed iRedMail 1.6.4 and manually upgraded to 1.6.7 that doesn't have this problem. The /etc/logrotate.d/php-fpm contains the following command:

        /bin/kill -SIGUSR1 `cat /run/php-fpm/php-fpm.pid 2>/dev/null` 2>/dev/null || true

Running the command manually seems to work fine. I replaced the command in the configuration file, but will need to wait a week to see if it works correctly.

I looked at the installer code, and the PH_SYSLOG_POSTROTATE_CMD string is present in 5 logrotate configuration files, but the installer scripts only replace it in 4, and leave the php-fpm unchanged.
I also think that the SYSLOG_POSTROTATE_CMD used in the other 4 cases (which signals rsyslog) is probably not suitable for php-fpm, as it writes directly to the log file (instead of using the syslog service).


Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.


Re: Error in php-fpm logrotate configuration

Fixed. Thanks for the feedback.
https://github.com/iredmail/iRedMail/co … cdf327348f


Re: Error in php-fpm logrotate configuration

I don't think that fix is enough.
I tried putting the command

/usr/bin/systemctl -s HUP kill rsyslog.service >/dev/null 2>&1 || true

in /etc/logrotate.d/php-fpm,
but when running logrotate, php-fpm keeps logging into the old (now renamed) file.

From what I see, there is an inconsistency in the logging configuration of php-fpm
/etc/php-fpm.conf contains:

error_log = syslog
syslog.facility = local5
syslog.ident = php-fpm

while /etc/php-fpm.d/www .conf contains

access.log = /var/log/php-fpm/php-fpm.log
slowlog = /var/log/php-fpm/slow.log

This means that the php-fpm error log is written through syslog, while the access log is written directly to file by php-fpm. Both end up in /var/log/php-fpm/php-fpm.log.

When the log file is rotated, if only syslog is notified, syslog will log errors to the new file, while php-fpm will continue writing directly to the old file.

So either you notify both, or use the same logging mechanism for both. From what I can see, the php-fpm access log does not support syslog.


Re: Error in php-fpm logrotate configuration

Would you like to help work it out? Too busy. sad