dnsmasq Log File Rotation Using logrotate

Use the dnsmasq-logrotate package to ensure that dnsmasq logs are created and then managed by the standard distro logrotate utility.

·

4 min read

dnsmasq log files are extremely useful but the package itself does not offer any way of managing them. So using the dnsmasq-logrotate package outlined here will ensure that logs are created and then managed by the standard distro logrotate utility. Although manually changing dnsmasq.conf and setting up a logrotate file is straightforward, adopting this package approach means that the setup is easily maintained and it is easy to setup on a new distro installation.

Packages are available for Debian, Fedora, openSUSE, Raspbian and Ubuntu. If you wish to hand-roll the package you can build from source or use the AutoTools distribution tarball as described on the wiki.

There are 3 sections to this post:-

Setting up dnsmasq to produce a log file.
Installing the dnsmasq log management package – dnsmasq-logrotate.
A brief design overview of what the dnsmasq log management package does.

Setup dnsmasq log file

Using your favourite editor with root privileges edit the dnsmasq.conf configuration file. eg:-

sudo vim /etc/dnsmasq.conf

If the following lines do not exist, add them to the end of the file. (Lines starting with a ‘#’ are comment lines, so the three lines without #’s below must not have #’s in the file). N.B. If a line starting log-facility=/path/to/log/file already exists, it can be left, the log file will be in /path/to/log/file.

#log DNS queries log-queries #log DHCP details log-dhcp #log file to use log-facility=/var/log/dnsmasq.log

Installing the dnsmasq log management package – dnsmasq-logrotate

The log management package is called dnsmasq-logrotate.
The installation is in two steps; the package installation and the package setup.
To prevent bitrot of this blog, please follow the installation instructions for your distribution at the project wiki:- https://github.com/m-grant-prg/dnsmasq-logrotate/wiki

dnsmasq-logrotate package design overview

The dnsmasq-postrotate.sh script has two functions; a setup function and a post-rotate function.

Running dnsmasq-postrotate.sh with the –setup option interrogates the dnsmasq configuration and command line to locate the log file and write this location in the logrotate control file. This is run during the package installation and should be run after configuration changes to dnsmasq.

In normal day-to-day operation after logrotate has rotated the log file dnsmasq-postrotate.sh is run with the –post-rotate option whereby SIGUSR1 and SIGUSR2 are sent to dnsmasq to ask it to dump stats to the log file and to close and reopen it’s log file.

During setup the script must determine the log file location and during post-rotate the script must determine the dnsmasq pid file. The two file locations can be specified to dnsmasq with the log-facility and pid-file options. These can be provided via a configuration file or on the command line. Configuration files can be nested via the conf-file and / or conf-dir options. The logic for finding these directives is as follows:-

  1. Configuration files are processed sequentially and in the order they are found.

  2. The first instance of each directive found is used, in fact processing of configuration files terminates immediately if both directives are found.

  3. The first configuration file is either the default, sysconfdir/dnsmasq.conf, or if the commmand line contains the option -C then the filename specified there is used.

  4. Any configuration files specified by conf-file, or found in a conf-dir directory are appended to the list of configuration files to process in the order in which they are found.

  5. If not found in any configuration file then any command line specification of these options is used in place of the missing directive. (Configuration file value overriding command line option is behaviour specified in the dnsmasq man page).

  6. If no pid file is found then as a last resort the pid of the running dnsmasq instance is determined and used.

Authoritative sources

The authoritative source for this dnsmasq-logrotate project is held on GitHub at:-

The code repository:- https://github.com/m-grant-prg/dnsmasq-logrotate

The wiki:- https://github.com/m-grant-prg/dnsmasq-logrotate/wiki

To view or raise issues please visit:- https://github.com/m-grant-prg/dnsmasq-logrotate/issues

My Projects