Howto log multiple sftpd instances with their chroot shared via NFS

Peter Stuge peter at stuge.se
Wed Sep 29 09:29:26 AEST 2021


Hildegard Meier wrote:
> But the problem is that the last started syslog-ng aquires the lock
> for the NFS shared /var/data/chroot/<username>/dev/log so the other
> server cannot read it anymore

Is it known what kind of lock this is? Was it investigated? Maybe on
the NFS server?


Douglas E Engert wrote:
> You already have 800 NFs volumes and they are all mounted on each server.

AIUI there's only one NFS export with all homedirs mounted on each server,
and avoiding per-user runtime setup such as mounts is a requirement.


Jochen Bern wrote:
> I *still* suspect that if only you could configure the syslogd's to use 
> a file locking method that just does *not* work across NFS shares - 
> there's about half a dozen different methods available, see, e.g.,
> 
> https://dovecot.org/pipermail/dovecot/2011-July/060149.html
> 
> -, you could circumvent that effect from the get-go ...

Looking through the afsocket module in syslog-ng it does no file locking.


I'm curious what kind of locking it is. Maybe the contention is
all within the NFS layer and could be overcome by setting a nolock
or local_lock mount option on the SFTP servers, if either option is
acceptable for the use case.


Kind regards

//Peter


More information about the openssh-unix-dev mailing list