problem with IdP log files

Delhommeau Vincent vincent.delhommeau at ehess.fr
Wed Apr 22 04:34:23 EDT 2020 

Hi Russel, 

There is no tool scanning the logs. The tmp files content cannot be found in the regular log files. 
It might be related to log4j, I found some bugs like this one on logback jira site. 
To mitigate the problem I have written a script that adds the tmp files content to the regular logs, restarts tomcat, and run it a 0h05. 

Tegards, 


Vincent Delhommeau 
Administrateur Systèmes & Réseaux 
EHESS - DSI/SERI 
01 49 54 84 46 


De: "Russell Beall" <beall at usc.edu> 
À: "Shib Users" <users at shibboleth.net> 
Envoyé: Mardi 21 Avril 2020 19:09:25 
Objet: Re: problem with IdP log files 

I’ve seen this issue occur when the logs are scanned by a tool which is using gunzip -c to decrypt the log files in place. If the gunzip process is interrupted, it leaves those tmp files around. This is separate from the IdP and is not likely caused by log rolling or something within tomcat. 
Regards, 
Russ. 
========================= 
Russell Beall | Identity and Access Management Lead Engineer 
Office of the CISO | University of Southern California 
(213) 740-7221 | beall at usc.edu 









On Apr 21, 2020, at 5:32 AM, Delhommeau Vincent < vincent.delhommeau at ehess.fr > wrote: 

I forgot to mention that if I restart tomcat, it will stop writing in the tmp files. 
Could it be a bug in log4j ? 

Vincent Delhommeau 
Administrateur Systèmes & Réseaux 
EHESS - DSI/SERI 
01 49 54 84 46 


De: "Delhommeau Vincent" < vincent.delhommeau at ehess.fr > 
À: users at shibboleth.net 
Envoyé: Lundi 20 Avril 2020 17:34:59 
Objet: problem with IdP log files 

Hi, 

I'm finishing the setup of a shibboleth v 3.4.4 IdP. 
I have found strange files in the logs folder. 
Here is a partial litsting of /opt/shibboleth-idp/logs : 

-rw-r--r-- 1 tomcat tomcat 21583 Apr 18 00:00 idp-process-2020-04-17.log.gz 
-rw-r--r-- 1 tomcat tomcat 4770 Apr 18 00:03 idp-process-2020-04-17.log713182882606029.tmp 
-rw-r--r-- 1 tomcat tomcat 2862 Apr 18 00:00 idp-process-2020-04-17.log713194143509376.tmp 
-rw-r--r-- 1 tomcat tomcat 11957 Apr 19 00:00 idp-process-2020-04-18.log.gz 
-rw-r--r-- 1 tomcat tomcat 954 Apr 19 00:00 idp-process-2020-04-18.log799578327391671.tmp 
-rw-r--r-- 1 tomcat tomcat 954 Apr 19 00:00 idp-process-2020-04-18.log799588595404227.tmp 
-rw-r--r-- 1 tomcat tomcat 11916 Apr 20 00:00 idp-process-2020-04-19.log.gz 
-rw-r--r-- 1 tomcat tomcat 954 Apr 20 00:00 idp-process-2020-04-19.log885979225206155.tmp 
-rw-r--r-- 1 tomcat tomcat 954 Apr 20 00:00 idp-process-2020-04-19.log885988711505334.tmp 
-rw-r--r-- 1 tomcat tomcat 165221 Apr 20 16:40 idp-process.log 
-rw-r--r-- 1 tomcat tomcat 2122 Apr 18 00:00 idp-warn-2020-04-17.log.gz 
-rw-r--r-- 1 tomcat tomcat 4770 Apr 18 00:03 idp-warn-2020-04-17.log713182892530877.tmp 
-rw-r--r-- 1 tomcat tomcat 2862 Apr 18 00:00 idp-warn-2020-04-17.log713194148379693.tmp 
-rw-r--r-- 1 tomcat tomcat 861 Apr 19 00:00 idp-warn-2020-04-18.log.gz 
-rw-r--r-- 1 tomcat tomcat 954 Apr 19 00:00 idp-warn-2020-04-18.log799578331483925.tmp 
-rw-r--r-- 1 tomcat tomcat 954 Apr 19 00:00 idp-warn-2020-04-18.log799588599983199.tmp 
-rw-r--r-- 1 tomcat tomcat 820 Apr 20 00:00 idp-warn-2020-04-19.log.gz 
-rw-r--r-- 1 tomcat tomcat 954 Apr 20 00:00 idp-warn-2020-04-19.log885979229538330.tmp 
-rw-r--r-- 1 tomcat tomcat 954 Apr 20 00:00 idp-warn-2020-04-19.log885988715547676.tmp 
-rw-r--r-- 1 tomcat tomcat 5972 Apr 20 09:10 idp-warn.log 

After log rotation shibboleth writes in temporary files along with the regular log files. 
The problem only concerns idp-process.log and idp-warn.log, the other log files are "normal". 
I didnt change the logging settings. 

Two monthes ago I tried to install v 3.4.6 IdP. I dropped it because I could not make the shibcas plugin work, but kept the installation folder. 
I can see the same behaviour with log files. 

Has someone already met this situation ? 

My configuration : opensuse leap 15.1, apache 2.4.33, tomcat 9.0.31, java 1.8.0.242 openjdk 

Regards, 

Vincent Delhommeau 
Administrateur Systèmes & Réseaux 
EHESS - DSI/SERI 
01 49 54 84 46 

-- 
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg 
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net 
-- 
For Consortium Member technical support, see https://urldefense.com/v3/__https://wiki.shibboleth.net/confluence/x/coFAAg__;!!LIr3w8kk_Xxm!8z58Ng31x3-Ok82D2jkpRhrpoOHybFLAdlJ58Z9EVGDpnhtIotY1co5D5Tu7$ 
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net 





-- 
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg 
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200422/033c48a8/attachment.html>

More information about the users mailing list