unexpected behaviour of rndc dnstap -roll

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

unexpected behaviour of rndc dnstap -roll

Jakob Dhondt
Hi everyone,

I am generating dnstap files using bind and regularly roll them using
'rndc dnstap -roll [number]'. The way I understand the documentation is
that there should be max [number] old dnstap files after executing this
command but what actually happens is that all files are being kept so
that I have to remove the old ones myself.

This is what the documentation says:

dnstap ( -reopen | -roll [number] )
... If number is specified, then the number of backup log files is
limited to that number.

Am I missing something here? Is the behaviour that I'm observing the
expected one? The logs don't tell me much and I couldn't find any hints
about this on the Internet. Thanks for any help!

Kind regards,

Jakob

--

SWITCH
Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
[hidden email], www.switch.ch
Security-News: securityblog.switch.ch

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour of rndc dnstap -roll

Tony Finch
Jakob Dhondt <[hidden email]> wrote:
>
> I am generating dnstap files using bind and regularly roll them using
> 'rndc dnstap -roll [number]'. The way I understand the documentation is
> that there should be max [number] old dnstap files after executing this
> command but what actually happens is that all files are being kept so
> that I have to remove the old ones myself.

Yes, this is a bug. I could reproduce the problem but I couldn't see it
by staring at the code, so I added some extra logging until I found
the mistake. I've submitted a merge request for this patch:

https://gitlab.isc.org/fanf/bind9/-/commit/29d275965c0cddc862eeccb28188b8fd124fb321

Tony.
--
f.anthony.n.finch  <[hidden email]>  http://dotat.at/
public services available on equal terms to all
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour of rndc dnstap -roll

Jakob Dhondt
Thanks for your help!

On 21.06.20 22:30, Tony Finch wrote:

> Jakob Dhondt <[hidden email]> wrote:
>> I am generating dnstap files using bind and regularly roll them using
>> 'rndc dnstap -roll [number]'. The way I understand the documentation is
>> that there should be max [number] old dnstap files after executing this
>> command but what actually happens is that all files are being kept so
>> that I have to remove the old ones myself.
> Yes, this is a bug. I could reproduce the problem but I couldn't see it
> by staring at the code, so I added some extra logging until I found
> the mistake. I've submitted a merge request for this patch:
>
> https://gitlab.isc.org/fanf/bind9/-/commit/29d275965c0cddc862eeccb28188b8fd124fb321
>
> Tony.

--

SWITCH
Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
[hidden email], www.switch.ch
Security-News: securityblog.switch.ch

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users