[tor-bugs] #32461 [Internal Services/Tor Sysadmin Team]: do not write logs on caching servers

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 11 21:06:28 UTC 2019 

#32461: do not write logs on caching servers
-------------------------------------------------+---------------------
 Reporter:  anarcat                              |          Owner:  tpa
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------

Comment (by anarcat):

 a/i sends logs from syslog into mtail using a rsyslog
 [https://git.autistici.org/ai3/float/blob/master/roles/base/templates/rsyslog.conf.j2#L23
 rule like this]:

 {{{
 ruleset(name="incoming") {
   # [...]
   action(type="ompipe" Pipe="/run/mtail.fifo")
   # [...]
 }
 }}}

 Then mtail gets
 [https://git.autistici.org/ai3/float/blob/master/roles/base/files/mtail.socket
 started by systemd using socket activation], with something like this:

 {{{
 [Unit]
 Description=MTail input FIFO

 [Socket]
 ListenFIFO=/run/mtail.fifo
 SocketMode=700
 SocketUser=mtail
 SocketGroup=mtail
 PipeSize=1M
 RemoveOnStop=on
 }}}

 Finally, there's a
 [https://git.autistici.org/ai3/float/blob/master/roles/base/files/mtail.service.buster
 service file] which has some magic bits to deal with memory leaks that
 mtail apparently suffers from (at least in stretch):

 {{{
 [Unit]
 Description=MTail
 Requires=mtail.socket

 [Service]
 Type=simple
 # Systemd will pass mtail.socket as FD 3.
 ExecStart=/usr/bin/mtail --progs /etc/mtail --logtostderr --port 3903
 --logs /dev/fd/3
 Restart=on-failure
 User=mtail

 # Limit memory leaks
 MemoryMax=1G
 ExecStartPost=+/bin/sh -c "echo 0 >
 /sys/fs/cgroup/memory/system.slice/%n/memory.swappiness"

 [Install]
 WantedBy=multi-user.target
 }}}

 That should about cover it. We need to figure out how that would translate
 into a newsyslog config.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32461#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list