Hello,
I am observing strange newsyslog behavior inside a jail on FreeBSD 14.3.
It looks as if log rotation happens twice at midnight, resulting in an additional rotated file that contains only two log lines.
Current log files:
Contents of the smallest rotated file:
Cron shows a single newsyslog execution per hour, with no duplicates:
The jail was created according to the FreeBSD Handbook (17.5.1. Creating a Thin Jail Using OpenZFS Snapshotsм and 17.5.3. Creating a VNET Jail).
Important notes:
- newsyslog is started only via cron
- there are no manual runs
- the host does not rotate or manipulate jail logs in any way
- the same configuration on the host does not show this behavior
I also tried disabling compression and using an empty flag set in newsyslog.conf, but the duplication still occurs.
What could cause newsyslog to emit multiple "logfile turned over" messages during a single scheduled rotation inside a jail?
Is this expected behavior, or is there something jail-related (e.g. devfs, procfs, signals, or syslogd interaction) that I should check?
Thank you.
I am observing strange newsyslog behavior inside a jail on FreeBSD 14.3.
It looks as if log rotation happens twice at midnight, resulting in an additional rotated file that contains only two log lines.
Current log files:
Code:
-rw-r----- 1 root wheel 1.0K Feb 5 03:17 maillog
-rw-r----- 1 root wheel 114B Feb 5 00:00 maillog.0.bz2
-rw-r----- 1 root wheel 415B Feb 5 00:00 maillog.1.bz2
-rw-r----- 1 root wheel 115B Feb 4 00:00 maillog.2.bz2
-rw-r----- 1 root wheel 377B Feb 4 00:00 maillog.3.bz2
-rw-r----- 1 root wheel 116B Feb 3 00:00 maillog.4.bz2
-rw-r----- 1 root wheel 382B Feb 3 00:00 maillog.5.bz2
-rw-r----- 1 root wheel 116B Feb 2 00:00 maillog.6.bz2Contents of the smallest rotated file:
Code:
# bzcat /var/log/maillog.0.bz2
Feb 5 00:00:28 dns2 newsyslog[58866]: logfile turned over
Feb 5 00:00:43 dns2 newsyslog[58852]: logfile turned overCron shows a single newsyslog execution per hour, with no duplicates:
Code:
Feb 4 23:00:42 dns2 /usr/sbin/cron[58533]: (root) CMD (newsyslog)
Feb 5 00:00:28 dns2 /usr/sbin/cron[58866]: (root) CMD (newsyslog)
Feb 5 01:00:33 dns2 /usr/sbin/cron[59180]: (root) CMD (newsyslog)The jail was created according to the FreeBSD Handbook (17.5.1. Creating a Thin Jail Using OpenZFS Snapshotsм and 17.5.3. Creating a VNET Jail).
Important notes:
- newsyslog is started only via cron
- there are no manual runs
- the host does not rotate or manipulate jail logs in any way
- the same configuration on the host does not show this behavior
I also tried disabling compression and using an empty flag set in newsyslog.conf, but the duplication still occurs.
What could cause newsyslog to emit multiple "logfile turned over" messages during a single scheduled rotation inside a jail?
Is this expected behavior, or is there something jail-related (e.g. devfs, procfs, signals, or syslogd interaction) that I should check?
Thank you.
