- Cleaned up the config files a bit, updated comments in config

file, marked the /etc/rsyslog.early.conf obsolete. Note: rsyslog will be started early/before network using its normal /etc/rsyslog.conf config file (adopted scripts in syslog-service package). When any kind of remote logging is in use, then on-disk queues should be enabled. To start it after the network, please set the SYSLOG_REQUIRES_NETWORK=yes variable in /etc/sysconfig/syslog (bnc#728565). OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=74
2012-02-20 13:31:58 +00:00 · 2012-02-20 13:31:58 +00:00 · 8f067b1d22
commit 8f067b1d22
parent a93bdfd569
5 changed files with 164 additions and 97 deletions
--- a/rsyslog.changes
+++ b/rsyslog.changes
@ -1,3 +1,15 @@
 -------------------------------------------------------------------
 Mon Feb 20 12:11:18 UTC 2012 - mt@suse.com
 - Cleaned up the config files a bit, updated comments in config
  file, marked the /etc/rsyslog.early.conf obsolete.
  Note: rsyslog will be started early/before network using its normal
  /etc/rsyslog.conf config file (adopted scripts in syslog-service
  package). When any kind of remote logging is in use, then on-disk
  queues should be enabled. To start it after the network, please set
  the SYSLOG_REQUIRES_NETWORK=yes variable in /etc/sysconfig/syslog
  (bnc#728565).
 -------------------------------------------------------------------
 Wed Sep  7 12:58:48 UTC 2011 - mrueckert@suse.de
--- a/rsyslog.conf.in
+++ b/rsyslog.conf.in
@ -1,13 +1,15 @@
 ##
 ## === When you're using remote logging, enable on-disk queues ===  
 ## === in rsyslog.d/remote.conf. When neccesary also set the   ===
 ## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog,   ===
 ## === e.g. when rsyslog has to receive on a specific IP only. ===
 ##
 ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules
 ## (provided in separate rsyslog-module-* packages) are enabled, the
 ## configuration can't be used on a system with /usr on a remote
-## filesystem.
+## filesystem, except on newer systems where initrd mounts /usr.
-## [The modules are linked against libraries installed bellow of /usr
+## [The modules are linked against libraries installed bellow of
-##  thus also installed in /usr/lib*/rsyslog because of this.]
+##  /usr thus also installed in /usr/lib*/rsyslog because of this.]
 ##
 ## You can change it by adding network-remotefs to the Required-Start
 ## and Required-Stop LSB init tags in the /etc/init.d/syslog script.
 ##
 #
@ -16,28 +18,34 @@
 # and report them at http://bugzilla.novell.com/
 #
-# rsyslog v3: load input modules
+# since rsyslog v3: load input modules
 # If you do not load inputs, nothing happens!
-$ModLoad immark.so     # provides --MARK-- message capability (every 1 hour)
+# provides --MARK-- message capability (every 1 hour)
 $ModLoad immark.so
 $MarkMessagePeriod      3600
-$ModLoad imuxsock.so   # provides support for local system logging (e.g. via logger command)
+# provides support for local system logging (e.g. via logger command)
 $ModLoad imuxsock.so
 # reduce dupplicate log messages (last message repeated n times)
 $RepeatedMsgReduction   on
-$ModLoad imklog.so     # kernel logging (may be also provided by /sbin/klogd),
+# kernel logging (may be also provided by /sbin/klogd)
 # see also http://www.rsyslog.com/doc-imklog.html.
-$klogConsoleLogLevel 1 # set log level 1 (same as in /etc/sysconfig/syslog).
+$ModLoad imklog.so
-
+# set log level 1 (same as in /etc/sysconfig/syslog).
 $klogConsoleLogLevel    1
 #
-# Use traditional log format by default. To change it for a single
+# Use traditional log format by default. To change a single
-# file, append ";RSYSLOG_TraditionalFileFormat" to the filename.
+# file to use rsyslog format (high-precision timestamps),
 # append ";RSYSLOG_FileFormat" to the filename. See
 #   http://www.rsyslog.com/doc/rsyslog_conf_templates.html
 # for more informations.
 #
 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
 #
 # Include config generated by /etc/init.d/syslog script
 # using the SYSLOGD_ADDITIONAL_SOCKET* variables in the
--- a/rsyslog.d.remote.conf.in
+++ b/rsyslog.d.remote.conf.in
@ -1,39 +1,52 @@
 ##
 ## === When you're using remote logging, enable on-disk queues ===  
 ## === in rsyslog.d/remote.conf. When neccesary also set the   ===
 ## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog,   ===
 ## === e.g. when rsyslog has to receive on a specific IP only. ===
 ##
 ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules
 ## (provided in separate rsyslog-module-* packages) are enabled, the
 ## configuration can't be used on a system with /usr on a remote
-## filesystem.
+## filesystem, except on newer systems where initrd mounts /usr.
-## [The modules are linked against libraries installed bellow of /usr
+## [The modules are linked against libraries installed bellow of
-##  thus also installed in /usr/lib*/rsyslog because of this.]
+##  /usr thus also installed in /usr/lib*/rsyslog because of this.]
 ##
 ## You can change it by adding network-remotefs to the Required-Start
 ## and Required-Stop LSB init tags in the /etc/init.d/syslog script.
 ##
-
+# ######### Enable On-Disk queues for remote logging ##########
-# Remote Logging (we use TCP for reliable delivery)
+#
 # An on-disk queue is created for this action. If the remote host is
 # down, messages are spooled to disk and sent when it is up again.
 #
 #$WorkDirectory RSYSLOG_SPOOL_DIR # where to place spool files
 #$ActionQueueFileName uniqName # unique name prefix for spool files
 #$ActionQueueMaxDiskSpace 1g   # 1gb space limit (use as much as possible)
 #$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
 #$ActionQueueType LinkedList   # run asynchronously
 #$ActionResumeRetryCount -1    # infinite retries if host is down
 # ######### Sending Messages to Remote Hosts ########## 
 # Remote Logging using TCP for reliable delivery
 # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
 #*.* @@remote-host
 # Remote Logging using UDP
 # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
 #*.* @remote-host
 # ######### Receiving Messages from Remote Hosts ########## 
 # TCP Syslog Server:
 # provides TCP syslog reception and GSS-API (if compiled to support it)
 #$ModLoad imtcp.so         # load module
-# Note: as of now, you need to use the -t command line option to
+##$UDPServerAddress 10.10.0.1 # force to listen on this IP only,
-# enable TCP reception (e.g. -t514 to run a server at port 514/tcp)
+##                            # needs SYSLOG_REQUIRES_NETWORK=yes.
-# This will change in later v3 releases.
+#$InputTCPServerRun <port> # Starts a TCP server on selected port
 # UDP Syslog Server:
 #$ModLoad imudp.so         # provides UDP syslog reception
 ##$UDPServerAddress 10.10.0.1 # force to listen on this IP only,
 ##                            # needs SYSLOG_REQUIRES_NETWORK=yes.
 #$UDPServerRun 514         # start a UDP syslog server at standard port 514
--- a/rsyslog.early.conf.in
+++ b/rsyslog.early.conf.in
@ -1,25 +1,42 @@
 ##
-## WARNING: This config contains only statements that are
+## NOTE: This config file is obsolete and will be dropped in
-##          safe for early syslog start, that is before the
+##       further package versions. Even while early syslog
-##          network and remote filesystems are available.
+##       start, the /etc/rsyslog.conf file is used now.
 ##
 ##          Don't include ETC_RSYSLOG_D_DIR/remote.conf
 ##          in this configuration file or enable any of the
 ##          additional (MYSQL, PGSQL, GSSAPI, GnuTLS, SNMP)
 ##          modules provided in separate module packages.
 ##
 ##
 ## if you experience problems, check
 ## http://www.rsyslog.com/troubleshoot for assistance
 ## and report them at http://bugzilla.novell.com/
 ##
-# rsyslog v3: load input modules
+#
 # if you experience problems, check
 # http://www.rsyslog.com/troubleshoot for assistance
 # and report them at http://bugzilla.novell.com/
 #
 # since rsyslog v3: load input modules
 # If you do not load inputs, nothing happens!
-$ModLoad immark.so   # provides --MARK-- message capability
+# provides --MARK-- message capability (every 1 hour)
-$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)
+$ModLoad immark.so
-$ModLoad imklog.so   # kernel logging (may be also provided by /sbin/klogd)
+$MarkMessagePeriod      3600
 # provides support for local system logging (e.g. via logger command)
 $ModLoad imuxsock.so
 # reduce dupplicate log messages (last message repeated n times)
 $RepeatedMsgReduction   on
 # kernel logging (may be also provided by /sbin/klogd)
 # see also http://www.rsyslog.com/doc-imklog.html.
 $ModLoad imklog.so
 # set log level 1 (same as in /etc/sysconfig/syslog).
 $klogConsoleLogLevel    1
 #
 # Use traditional log format by default. To change a single
 # file to use rsyslog format (high-precision timestamps),
 # append ";RSYSLOG_FileFormat" to the filename. See
 #   http://www.rsyslog.com/doc/rsyslog_conf_templates.html
 # for more informations.
 #
 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
 #
 # Include config generated by /etc/init.d/syslog script
@ -28,92 +45,109 @@ $ModLoad imklog.so   # kernel logging (may be also provided by /sbin/klogd)
 #
 $IncludeConfig ADDITIONAL_SOCKETS
 ###
 # print most important on tty10 and on the xconsole pipe
 #
-# print most on tty10 and on the xconsole pipe
+if	( \
-#
+	    /* kernel up to warning except of firewall  */ \
-kern.warning;*.err;authpriv.none	 /dev/tty10;RSYSLOG_TraditionalFileFormat
+	    ($syslogfacility-text == 'kern')      and      \
-kern.warning;*.err;authpriv.none	|/dev/xconsole;RSYSLOG_TraditionalFileFormat
+	    ($syslogseverity <= 4 /* warning */ ) and not  \
 	    ($msg contains 'IN=' and $msg contains 'OUT=') \
 	) or ( \
 	    /* up to errors except of facility authpriv */ \
 	    ($syslogseverity <= 3 /* errors  */ ) and not  \
 	    ($syslogfacility-text == 'authpriv')           \
 	) \
 then	/dev/tty10
 &	|/dev/xconsole
 # Emergency messages to everyone logged on (wall)
 *.emerg					 :omusrmsg:*
 # enable this, if you want that root is informed
 # immediately, e.g. of logins
 #*.alert				root
 #
 # firewall messages into separate file and stop their further processing
 #
 if	($syslogfacility-text == 'kern') and \
-	($msg contains 'IN=' and $msg contains 'OUT=') then \
+	($msg contains 'IN=' and $msg contains 'OUT=') \
-	-/var/log/firewall;RSYSLOG_TraditionalFileFormat
+then	-/var/log/firewall
-if	($syslogfacility-text == 'kern') and \
+&	~
-	($msg contains 'IN=' and $msg contains 'OUT=') then \
+
 	~
 #
 # acpid messages into separate file and stop their further processing
 #
 # => all acpid messages for debuging (uncomment if needed):
 #if	($programname == 'acpid' or $syslogtag == '[acpid]:') then \
-#	-/var/log/acpid;RSYSLOG_TraditionalFileFormat
+#	-/var/log/acpid
 #
 # => up to notice (skip info and debug)
 if	($programname == 'acpid' or $syslogtag == '[acpid]:') and \
-	($syslogseverity <= 5) then \
+	($syslogseverity <= 5 /* notice */) \
-	-/var/log/acpid;RSYSLOG_TraditionalFileFormat
+then	-/var/log/acpid
-if	($programname == 'acpid' or $syslogtag == '[acpid]:') then \
+&	~
-	~
+
 #
 # NetworkManager into separate file and stop their further processing
 #
 if      ($programname == 'NetworkManager') or \
-	($programname startswith 'nm-') then \
+	($programname startswith 'nm-') \
-	-/var/log/NetworkManager;RSYSLOG_TraditionalFileFormat
+then	-/var/log/NetworkManager
-if      ($programname == 'NetworkManager') or \
+&	~
-	($programname startswith 'nm-') then \
+
 	~
 #
 # email-messages
 #
-mail.*					-/var/log/mail;RSYSLOG_TraditionalFileFormat
+mail.*					-/var/log/mail
-mail.info				-/var/log/mail.info;RSYSLOG_TraditionalFileFormat
+mail.info				-/var/log/mail.info
-mail.warning				-/var/log/mail.warn;RSYSLOG_TraditionalFileFormat
+mail.warning				-/var/log/mail.warn
-mail.err				 /var/log/mail.err;RSYSLOG_TraditionalFileFormat
+mail.err				 /var/log/mail.err
 #
 # news-messages
 #
-news.crit				-/var/log/news/news.crit;RSYSLOG_TraditionalFileFormat
+news.crit				-/var/log/news/news.crit
-news.err				-/var/log/news/news.err;RSYSLOG_TraditionalFileFormat
+news.err				-/var/log/news/news.err
-news.notice				-/var/log/news/news.notice;RSYSLOG_TraditionalFileFormat
+news.notice				-/var/log/news/news.notice
 # enable this, if you want to keep all news messages
 # in one file
-#news.*					-/var/log/news.all;RSYSLOG_TraditionalFileFormat
+#news.*					-/var/log/news.all
 #
 # Warnings in one file
 #
-*.=warning;*.=err			-/var/log/warn;RSYSLOG_TraditionalFileFormat
+*.=warning;*.=err			-/var/log/warn
-*.crit					 /var/log/warn;RSYSLOG_TraditionalFileFormat
+*.crit					 /var/log/warn
 #
 # the rest in one file
 #
-*.*;mail.none;news.none			-/var/log/messages;RSYSLOG_TraditionalFileFormat
+*.*;mail.none;news.none			-/var/log/messages
 #
 # enable this, if you want to keep all messages
 # in one file
-#*.*					-/var/log/allmessages;RSYSLOG_TraditionalFileFormat
+#*.*					-/var/log/allmessages
 #
 # Some foreign boot scripts require local7
 #
-local0,local1.*				-/var/log/localmessages;RSYSLOG_TraditionalFileFormat
+local0,local1.*				-/var/log/localmessages
-local2,local3.*				-/var/log/localmessages;RSYSLOG_TraditionalFileFormat
+local2,local3.*				-/var/log/localmessages
-local4,local5.*				-/var/log/localmessages;RSYSLOG_TraditionalFileFormat
+local4,local5.*				-/var/log/localmessages
-local6,local7.*				-/var/log/localmessages;RSYSLOG_TraditionalFileFormat
+local6,local7.*				-/var/log/localmessages
 ###
--- a/rsyslog.spec
+++ b/rsyslog.spec
@ -1,7 +1,7 @@
 #
 # spec file for package rsyslog
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -21,7 +21,7 @@
 Name:           rsyslog
 Summary:        The enhanced syslogd for Linux and Unix
 Version:        5.8.5
-Release:        4
+Release:        1
 # for setting those bcond_with* configs see
 # http://lizards.opensuse.org/2008/09/12/conditional-features-aka-use-flags/
 %if 0%{?suse_version} >= 1140
@ -56,7 +56,7 @@ Release:        4
 %define         _libdir                     /%_lib
 %define         rsyslog_module_dir_nodeps   %{_libdir}/rsyslog/
 %define         rsyslog_module_dir_withdeps %{_prefix}/%{_lib}/rsyslog/
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Url:            http://www.rsyslog.com/
 AutoReqProv:    on
@ -131,7 +131,7 @@ protected syslog relay chains while at the same time being very easy to
 setup for the novice user.
 %package doc
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        Additional documentation for rsyslog
@ -143,7 +143,7 @@ package.
 This package provides additional documentation for rsyslog.
 %package diag-tools
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        Diagnostic tools
@ -158,7 +158,7 @@ usually not needed).
 %if %{with gssapi}
 %package module-gssapi
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        GSS-API support module for rsyslog
@ -174,7 +174,7 @@ network protected via Kerberos 5 encryption and authentication.
 %if %{with mysql}
 %package module-mysql
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        MySQL support module for rsyslog
@ -190,7 +190,7 @@ databases.
 %if %{with pgsql}
 %package module-pgsql
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        PostgreSQL support module for rsyslog
@ -205,7 +205,7 @@ This module provides the support for logging into PostgreSQL databases.
 %if %{with dbi}
 %package module-dbi
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        Database support via DBI
@ -221,7 +221,7 @@ supported databases.
 %if %{with snmp}
 %package module-snmp
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        SNMP support module for rsyslog
@ -237,7 +237,7 @@ v2c traps.
 %if %{with gnutls}
 %package module-gtls
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        TLS encryption support module for rsyslog
@ -253,7 +253,7 @@ on current syslog-transport-tls internet drafts).
 %if %{with relp}
 %package module-relp
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        RELP protocol support module for syslog
@ -267,7 +267,7 @@ This module provides Reliable Event Logging Protocol support.
 %endif
 %package module-udpspoof
-License:        GPLv3+
+License:        GPL-3.0+
 Group:          System/Daemons
 Requires:       %{name} = %{version}
 Summary:        UDP spoof support module for syslog