Some log files missing


#1

My certificates were valid until 21st Jan 2018
They have been renewed automatically and are now valid to 22nd March 2018.

On checking the directory where the keys are located I can see that the new keys were added on the 23rd December at 00:55

Directory listing below:

-rw-r–r-- 1 root root 1704 Oct 23 17:05 privkey1.pem
-rw-r–r-- 1 root root 3505 Oct 23 17:05 fullchain1.pem
-rw-r–r-- 1 root root 1647 Oct 23 17:05 chain1.pem
-rw-r–r-- 1 root root 1858 Oct 23 17:05 cert1.pem
-rw-r–r-- 1 root root 1704 Dec 23 00:55 privkey2.pem
-rw-r–r-- 1 root root 3505 Dec 23 00:55 fullchain2.pem
-rw-r–r-- 1 root root 1647 Dec 23 00:55 chain2.pem
-rw-r–r-- 1 root root 1858 Dec 23 00:55 cert2.pem

However in the /var/log/letsencrypt directory there is no log for this date and time.

Section of directory listing below.

-rw-r–r-- 1 root root 6427 Dec 17 12:14 letsencrypt.log.31
-rw-r–r-- 1 root root 6427 Dec 18 12:29 letsencrypt.log.29
-rw-r–r-- 1 root root 6427 Dec 19 12:10 letsencrypt.log.27
-rw-r–r-- 1 root root 6427 Dec 20 12:55 letsencrypt.log.25
-rw-r–r-- 1 root root 6427 Dec 21 12:32 letsencrypt.log.23
-rw-r–r-- 1 root root 6427 Dec 22 12:48 letsencrypt.log.21
-rw-r–r-- 1 root root 6427 Dec 23 12:20 letsencrypt.log.19
-rw-r–r-- 1 root root 6427 Dec 24 12:08 letsencrypt.log.17
-rw-r–r-- 1 root root 6427 Dec 25 12:02 letsencrypt.log.15
-rw-r–r-- 1 root root 6427 Dec 26 06:40 letsencrypt.log.14
-rw-r–r-- 1 root root 0 Dec 26 06:40 letsencrypt.log.13
-rw-r–r-- 1 root root 6427 Dec 26 12:25 letsencrypt.log.12

There appears to be no log for the time in question ie. no log between Dec 22 12:48 and Dec 23 12:48

I have changed nothing from a standard Ubuntu 16.04 install and so the /etc/cron.d/certbot file is unchanged.

I have just realised that I have added a logrotate entry:

/var/log/letsencrypt/letsencrypt.log {
copytruncate
daily
rotate 14
missingok
}

Could this be what is causing the problem?


#2

A lot of log files are missing… :confused: They’re sequential, but mostly every other one is missing. And letsencrypt.log.13 is empty!

Yes, maybe. Certbot manages its own log rotation automatically – by default, it keeps up to 1000 files – so having logrotate in the mix could cause problems.


#3

I have deleted the logrotate entry and will see if the logs start to make more sense.


#4

So, on Ubuntu, typically, the “certbot renew” timer runs at 00:00-01:00 and 12:00-13:00 every day. And it looks like logrotate probably runs at 06:40.

I don’t understand the exact interactions, but it looks like logrotate is eating the log for every 00:00 Certbot run, but perhaps preserving the 12:00 ones. Or at least the most recent 14.

Since the first certificate was created at 17:05, Certbot will renew it at 00:00-01:00 – that time it was renewed at 00:55 – as long as it doesn’t get interrupted (e.g. because the computer is shut down for several hours for maintenance on the day it wants to renew) so it looks like the log files when it’s actually renewed will always be lost.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.