Cannot write to openvpn.log file

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
geharvey
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 04, 2012 11:08 pm

Cannot write to openvpn.log file

Post by geharvey » Mon May 14, 2018 10:45 am

I have an openvpn server installed and working on a Centos 6 server. I have installed logrotate to keep the log files under control. When I look at the files, openvpn.log is zero bytes. It is owned by root and has 600 permissions. If I change the ownership of the file to nobody:nobody, still with 600 permissions and restart ovenvpn, then it starts to fill up with data.

When logrotate moves the logfile to openvpn.log.1 a new openvpn.log file is created, but it is owned by root and has 600 permissions. The file then remains at zero bytes. I have configured openvpn to run as used 'nobody' and group 'nobody' and to append to the openvpn.log file.

There seems to be a permission problem with doing this, although the pevious server on Centos 5 workd fine with the same arrangement.

Has anyone seen this problem before?

Graham.

geharvey
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 04, 2012 11:08 pm

Re: Cannot write to openvpn.log file

Post by geharvey » Tue May 15, 2018 11:30 am

Further to my post, I think that the owner of the file is a red herring, restarting the server allows it to start loging data. After further Googling, I have discovered that it is a problem with logrotate and I need to use a postrotate script to restart openvpn, after the logs have rotated, to ensure that the current logs are written to openvpn.log.

I hope someone finds this information useful.

Graham.

Post Reply