Re: Rsyslog stdout and stderr
Am Fri, 15 Mar 2019 18:55:36 +0100 schrieb Abdelkader Chelouah : > Le 10/03/2019 à 00:58, Howard Chu a écrit : > > Abdelkader Chelouah wrote: > >> Hi, > >> > >> slapd 2.4.44 > >> > >> OpenLDAP instance configure as a proxy (back-ldap) > >> > >> > >> From time to time, bind operations can take more than 5 sec. > >> These latencies do not seem to come from a CPU or memory problem. > >> I'm trying to see if the network can be the root cause of the > >> issue. To debug the fonction ldap_sasl_bind > >> (libraries/libldap/sasl.c), I activated trace loglevel (logs are > >> manage by rsyslog). In the definition of ldap_sasl_bind, there is > >> > >> Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); > >> > >> A least the message "ldap_sasl_bind" should appear in logs, which > >> is not the case. Actually, Debug (which is first defined in > >> include/ldap_log.h) is redefined in libraries/libldap/ldap-int.h > >> > >> ... > >> > >> #include "ldap_log.h" > >> > >> #undef Debug > >> > >> #ifdef LDAP_DEBUG > >> > >> #define DebugTest( level ) \ > >> ( ldap_debug & level ) > >> > >> #define Debug( level, fmt, arg1, arg2, arg3 ) \ > >> do { if ( ldap_debug & level ) \ > >> ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), > >> (arg3) ); \ } while ( 0 ) > >> > >> #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\ > >> ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), > >> (arg3) ) configure > >> #else > >> > >> #define DebugTest( level ) (0 > >> == 1) #define Debug( level, fmt, arg1, arg2, > >> arg3 ) ((void)0) #define LDAP_Debug( subsystem, > >> level, fmt, arg1, arg2, arg3 ) ((void)0) > >> > >> #endif /* LDAP_DEBUG */ > >> > >> ... > >> > >> A a result, the message is send to standard output. By using > >> rsyslog, it is not possible to catch any message inside > >> ldap_sasl_bind. > >> > >> > >> How to get stdout and stderr messages and still use rsyslog to > >> manage openldap logs ? > > syslog is not fast enough to handle the debug traffic. > > > > You could use ber_set_option() to override the log output > > functions, and have them write messages both to rsyslog and stderr. > > But using syslog on every debug message will slow things down more > > than 10x. > Hello Howard, > > > Thanks to your help, I'm now able to send slapd messages both to > rsyslog and stderr when I use the '*-d*' option of slapd. For > information, the latencies were due to a DNS resolution problem. In > detached mode, ie, without the '*-d*' option, messages are redirected > to /dev/null. > > *$ grep -B 1 dup2 libraries/liblutil/detach.c* > /* redirect stdin, stdout, stderr > to /dev/null */ dup2( sd, STDIN_FILENO ); > dup2( sd, STDOUT_FILENO ); > dup2( sd, STDERR_FILENO ); > > > For debugging purpose, I want to be able to switch back and forth > from "stats" to "stats trace" log levels, which is not possible when > slapd starts in background. Is there any way to to this ? ldapmodify is your friend. Modify cn=config, olcLogLevel. -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
Re: Rsyslog stdout and stderr
Le 10/03/2019 à 00:58, Howard Chu a écrit : Abdelkader Chelouah wrote: Hi, slapd 2.4.44 OpenLDAP instance configure as a proxy (back-ldap) From time to time, bind operations can take more than 5 sec. These latencies do not seem to come from a CPU or memory problem. I'm trying to see if the network can be the root cause of the issue. To debug the fonction ldap_sasl_bind (libraries/libldap/sasl.c), I activated trace loglevel (logs are manage by rsyslog). In the definition of ldap_sasl_bind, there is Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); A least the message "ldap_sasl_bind" should appear in logs, which is not the case. Actually, Debug (which is first defined in include/ldap_log.h) is redefined in libraries/libldap/ldap-int.h ... #include "ldap_log.h" #undef Debug #ifdef LDAP_DEBUG #define DebugTest( level ) \ ( ldap_debug & level ) #define Debug( level, fmt, arg1, arg2, arg3 ) \ do { if ( ldap_debug & level ) \ ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \ } while ( 0 ) #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\ ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ) configure #else #define DebugTest( level ) (0 == 1) #define Debug( level, fmt, arg1, arg2, arg3 ) ((void)0) #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0) #endif /* LDAP_DEBUG */ ... A a result, the message is send to standard output. By using rsyslog, it is not possible to catch any message inside ldap_sasl_bind. How to get stdout and stderr messages and still use rsyslog to manage openldap logs ? syslog is not fast enough to handle the debug traffic. You could use ber_set_option() to override the log output functions, and have them write messages both to rsyslog and stderr. But using syslog on every debug message will slow things down more than 10x. Hello Howard, Thanks to your help, I'm now able to send slapd messages both to rsyslog and stderr when I use the '*-d*' option of slapd. For information, the latencies were due to a DNS resolution problem. In detached mode, ie, without the '*-d*' option, messages are redirected to /dev/null. *$ grep -B 1 dup2 libraries/liblutil/detach.c* /* redirect stdin, stdout, stderr to /dev/null */ dup2( sd, STDIN_FILENO ); dup2( sd, STDOUT_FILENO ); dup2( sd, STDERR_FILENO ); For debugging purpose, I want to be able to switch back and forth from "stats" to "stats trace" log levels, which is not possible when slapd starts in background. Is there any way to to this ? Thanks in advance.
Re: Rsyslog stdout and stderr
Abdelkader Chelouah wrote: > > Hi, > > > > slapd 2.4.44 > > > > OpenLDAP instance configure as a proxy (back-ldap) > > > > > > From time to time, bind operations can take more than 5 sec. These > > latencies do not seem to come from a CPU or memory problem. I'm trying to > > see if the network > > can be the root cause of the issue. To debug the fonction ldap_sasl_bind > > (libraries/libldap/sasl.c), I activated trace loglevel (logs are manage by > > rsyslog). In > > the definition of ldap_sasl_bind, there is > > > > Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); > > > > A least the message "ldap_sasl_bind" should appear in logs, which is not > > the case. Actually, Debug (which is first defined in include/ldap_log.h) is > > redefined > > in libraries/libldap/ldap-int.h > > > > ... > > > > #include "ldap_log.h" > > > > #undef Debug > > > > #ifdef LDAP_DEBUG > > > > #define DebugTest( level ) \ > > ( ldap_debug & level ) > > > > #define Debug( level, fmt, arg1, arg2, arg3 ) \ > > do { if ( ldap_debug & level ) \ > > ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \ > > } while ( 0 ) > > > > #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\ > > ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ) > > configure > > #else > > > > #define DebugTest( level )(0 == 1) > > #define Debug( level, fmt, arg1, arg2, arg3 ) ((void)0) > > #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0) > > > > #endif /* LDAP_DEBUG */ > > > > ... > > > > A a result, the message is send to standard output. By using rsyslog, it is > > not possible to catch any message inside ldap_sasl_bind. > > > > > > How to get stdout and stderr messages and still use rsyslog to manage > > openldap logs ? > syslog is not fast enough to handle the debug traffic. > You could use ber_set_option() to override the log output functions, and have > them write > messages both to rsyslog and stderr. But using syslog on every debug message > will slow > things down more than 10x. Hi, I'am also interressed to enable stderr and stdout to rsyslog. I try to figure out how to use ber_set_option(), but i'am pretty sur i miss something in my analysis. Starting from the function ldap_sasl_bind in file libraries/libldap/sasl.c + Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); Debug is macro define in first place in include/ldap_log.h and override by libraries/libldap/ldap-int.h So Debug is replace by ldap_log_printf() which is defined in libraries/libldap/print.c, ldap_log_printf() make some check and get varargs and send to pointer function 'ber_pvt_log_print' ber_pvt_log_print is pointer to ber_error_print() in file libraries/liblber/bprint.c. So the target is to change ber_pvt_log_print In function ber_set_option() we can redefine the print function ber_pvt_log_print to write messages both to rsyslog and stderr. (in /servers/slapd/main.c) ber_set_option(NULL, LBER_OPT_LOG_PRINT_FN, _syslog); The function is pretty basic : voidprint_syslog( LDAP_CONST char *data ) { Log0(LDAP_DEBUG_ANY, ldap_syslog_level, data); return ; } Of course i declare prototype in header file. Is it what you have in mind or should i use a function in OpenLDAP ?
Re: Rsyslog stdout and stderr
Abdelkader Chelouah wrote: > Hi, > > slapd 2.4.44 > > OpenLDAP instance configure as a proxy (back-ldap) > > > From time to time, bind operations can take more than 5 sec. These latencies > do not seem to come from a CPU or memory problem. I'm trying to see if the > network > can be the root cause of the issue. To debug the fonction ldap_sasl_bind > (libraries/libldap/sasl.c), I activated trace loglevel (logs are manage by > rsyslog). In > the definition of ldap_sasl_bind, there is > > Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); > > A least the message "ldap_sasl_bind" should appear in logs, which is not the > case. Actually, Debug (which is first defined in include/ldap_log.h) is > redefined > in libraries/libldap/ldap-int.h > > ... > > #include "ldap_log.h" > > #undef Debug > > #ifdef LDAP_DEBUG > > #define DebugTest( level ) \ > ( ldap_debug & level ) > > #define Debug( level, fmt, arg1, arg2, arg3 ) \ > do { if ( ldap_debug & level ) \ > ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \ > } while ( 0 ) > > #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\ > ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ) > configure > #else > > #define DebugTest( level ) (0 == 1) > #define Debug( level, fmt, arg1, arg2, arg3 ) ((void)0) > #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0) > > #endif /* LDAP_DEBUG */ > > ... > > A a result, the message is send to standard output. By using rsyslog, it is > not possible to catch any message inside ldap_sasl_bind. > > > How to get stdout and stderr messages and still use rsyslog to manage > openldap logs ? syslog is not fast enough to handle the debug traffic. You could use ber_set_option() to override the log output functions, and have them write messages both to rsyslog and stderr. But using syslog on every debug message will slow things down more than 10x. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Rsyslog stdout and stderr
Hi, slapd 2.4.44 OpenLDAP instance configure as a proxy (back-ldap) >From time to time, bind operations can take more than 5 sec. These latencies do not seem to come from a CPU or memory problem. I'm trying to see if the network can be the root cause of the issue. To debug the fonction ldap_sasl_bind (libraries/libldap/sasl.c), I activated trace loglevel (logs are manage by rsyslog). In the definition of ldap_sasl_bind, there is Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 ); A least the message "ldap_sasl_bind" should appear in logs, which is not the case. Actually, Debug (which is first defined in include/ldap_log.h) is redefined in libraries/libldap/ldap-int.h ... #include "ldap_log.h" #undef Debug #ifdef LDAP_DEBUG #define DebugTest( level ) \ ( ldap_debug & level ) #define Debug( level, fmt, arg1, arg2, arg3 ) \ do { if ( ldap_debug & level ) \ ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \ } while ( 0 ) #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 )\ ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ) configure #else #define DebugTest( level )(0 == 1) #define Debug( level, fmt, arg1, arg2, arg3 ) ((void)0) #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0) #endif /* LDAP_DEBUG */ ... A a result, the message is send to standard output. By using rsyslog, it is not possible to catch any message inside ldap_sasl_bind. How to get stdout and stderr messages and still use rsyslog to manage openldap logs ? Thanks in advance.