From 8f067b1d227349332fd18796a7cf5fff58cd59263776b50fc927c596963a974b Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 20 Feb 2012 13:31:58 +0000 Subject: [PATCH 1/5] - Cleaned up the config files a bit, updated comments in config file, marked the /etc/rsyslog.early.conf obsolete. Note: rsyslog will be started early/before network using its normal /etc/rsyslog.conf config file (adopted scripts in syslog-service package). When any kind of remote logging is in use, then on-disk queues should be enabled. To start it after the network, please set the SYSLOG_REQUIRES_NETWORK=yes variable in /etc/sysconfig/syslog (bnc#728565). OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=74 --- rsyslog.changes | 12 ++++ rsyslog.conf.in | 44 ++++++++----- rsyslog.d.remote.conf.in | 41 ++++++++---- rsyslog.early.conf.in | 138 ++++++++++++++++++++++++--------------- rsyslog.spec | 26 ++++---- 5 files changed, 164 insertions(+), 97 deletions(-) diff --git a/rsyslog.changes b/rsyslog.changes index e615120..321ef02 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Mon Feb 20 12:11:18 UTC 2012 - mt@suse.com + +- Cleaned up the config files a bit, updated comments in config + file, marked the /etc/rsyslog.early.conf obsolete. + Note: rsyslog will be started early/before network using its normal + /etc/rsyslog.conf config file (adopted scripts in syslog-service + package). When any kind of remote logging is in use, then on-disk + queues should be enabled. To start it after the network, please set + the SYSLOG_REQUIRES_NETWORK=yes variable in /etc/sysconfig/syslog + (bnc#728565). + ------------------------------------------------------------------- Wed Sep 7 12:58:48 UTC 2011 - mrueckert@suse.de diff --git a/rsyslog.conf.in b/rsyslog.conf.in index 26ce8ed..4612929 100644 --- a/rsyslog.conf.in +++ b/rsyslog.conf.in @@ -1,13 +1,15 @@ ## +## === When you're using remote logging, enable on-disk queues === +## === in rsyslog.d/remote.conf. When neccesary also set the === +## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog, === +## === e.g. when rsyslog has to receive on a specific IP only. === +## ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules ## (provided in separate rsyslog-module-* packages) are enabled, the ## configuration can't be used on a system with /usr on a remote -## filesystem. -## [The modules are linked against libraries installed bellow of /usr -## thus also installed in /usr/lib*/rsyslog because of this.] -## -## You can change it by adding network-remotefs to the Required-Start -## and Required-Stop LSB init tags in the /etc/init.d/syslog script. +## filesystem, except on newer systems where initrd mounts /usr. +## [The modules are linked against libraries installed bellow of +## /usr thus also installed in /usr/lib*/rsyslog because of this.] ## # @@ -16,28 +18,34 @@ # and report them at http://bugzilla.novell.com/ # -# rsyslog v3: load input modules +# since rsyslog v3: load input modules # If you do not load inputs, nothing happens! -$ModLoad immark.so # provides --MARK-- message capability (every 1 hour) -$MarkMessagePeriod 3600 +# provides --MARK-- message capability (every 1 hour) +$ModLoad immark.so +$MarkMessagePeriod 3600 -$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) - # reduce dupplicate log messages (last message repeated n times) -$RepeatedMsgReduction on +# provides support for local system logging (e.g. via logger command) +$ModLoad imuxsock.so -$ModLoad imklog.so # kernel logging (may be also provided by /sbin/klogd), - # see also http://www.rsyslog.com/doc-imklog.html. -$klogConsoleLogLevel 1 # set log level 1 (same as in /etc/sysconfig/syslog). +# reduce dupplicate log messages (last message repeated n times) +$RepeatedMsgReduction on +# kernel logging (may be also provided by /sbin/klogd) +# see also http://www.rsyslog.com/doc-imklog.html. +$ModLoad imklog.so +# set log level 1 (same as in /etc/sysconfig/syslog). +$klogConsoleLogLevel 1 # -# Use traditional log format by default. To change it for a single -# file, append ";RSYSLOG_TraditionalFileFormat" to the filename. +# Use traditional log format by default. To change a single +# file to use rsyslog format (high-precision timestamps), +# append ";RSYSLOG_FileFormat" to the filename. See +# http://www.rsyslog.com/doc/rsyslog_conf_templates.html +# for more informations. # $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat - # # Include config generated by /etc/init.d/syslog script # using the SYSLOGD_ADDITIONAL_SOCKET* variables in the diff --git a/rsyslog.d.remote.conf.in b/rsyslog.d.remote.conf.in index 9928276..13bf32b 100644 --- a/rsyslog.d.remote.conf.in +++ b/rsyslog.d.remote.conf.in @@ -1,40 +1,53 @@ ## +## === When you're using remote logging, enable on-disk queues === +## === in rsyslog.d/remote.conf. When neccesary also set the === +## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog, === +## === e.g. when rsyslog has to receive on a specific IP only. === +## ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules ## (provided in separate rsyslog-module-* packages) are enabled, the ## configuration can't be used on a system with /usr on a remote -## filesystem. -## [The modules are linked against libraries installed bellow of /usr -## thus also installed in /usr/lib*/rsyslog because of this.] -## -## You can change it by adding network-remotefs to the Required-Start -## and Required-Stop LSB init tags in the /etc/init.d/syslog script. +## filesystem, except on newer systems where initrd mounts /usr. +## [The modules are linked against libraries installed bellow of +## /usr thus also installed in /usr/lib*/rsyslog because of this.] ## - -# Remote Logging (we use TCP for reliable delivery) +# ######### Enable On-Disk queues for remote logging ########## +# # An on-disk queue is created for this action. If the remote host is # down, messages are spooled to disk and sent when it is up again. +# #$WorkDirectory RSYSLOG_SPOOL_DIR # where to place spool files #$ActionQueueFileName uniqName # unique name prefix for spool files #$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) #$ActionQueueSaveOnShutdown on # save messages to disk on shutdown #$ActionQueueType LinkedList # run asynchronously #$ActionResumeRetryCount -1 # infinite retries if host is down + +# ######### Sending Messages to Remote Hosts ########## + +# Remote Logging using TCP for reliable delivery # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional #*.* @@remote-host +# Remote Logging using UDP +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @remote-host + # ######### Receiving Messages from Remote Hosts ########## # TCP Syslog Server: # provides TCP syslog reception and GSS-API (if compiled to support it) -#$ModLoad imtcp.so # load module -# Note: as of now, you need to use the -t command line option to -# enable TCP reception (e.g. -t514 to run a server at port 514/tcp) -# This will change in later v3 releases. +#$ModLoad imtcp.so # load module +##$UDPServerAddress 10.10.0.1 # force to listen on this IP only, +## # needs SYSLOG_REQUIRES_NETWORK=yes. +#$InputTCPServerRun # Starts a TCP server on selected port # UDP Syslog Server: -#$ModLoad imudp.so # provides UDP syslog reception -#$UDPServerRun 514 # start a UDP syslog server at standard port 514 +#$ModLoad imudp.so # provides UDP syslog reception +##$UDPServerAddress 10.10.0.1 # force to listen on this IP only, +## # needs SYSLOG_REQUIRES_NETWORK=yes. +#$UDPServerRun 514 # start a UDP syslog server at standard port 514 ########### Encrypting Syslog Traffic with TLS ########## diff --git a/rsyslog.early.conf.in b/rsyslog.early.conf.in index 0ac9aa0..1002dd6 100644 --- a/rsyslog.early.conf.in +++ b/rsyslog.early.conf.in @@ -1,25 +1,42 @@ ## -## WARNING: This config contains only statements that are -## safe for early syslog start, that is before the -## network and remote filesystems are available. -## -## Don't include ETC_RSYSLOG_D_DIR/remote.conf -## in this configuration file or enable any of the -## additional (MYSQL, PGSQL, GSSAPI, GnuTLS, SNMP) -## modules provided in separate module packages. -## -## -## if you experience problems, check -## http://www.rsyslog.com/troubleshoot for assistance -## and report them at http://bugzilla.novell.com/ +## NOTE: This config file is obsolete and will be dropped in +## further package versions. Even while early syslog +## start, the /etc/rsyslog.conf file is used now. ## -# rsyslog v3: load input modules +# +# if you experience problems, check +# http://www.rsyslog.com/troubleshoot for assistance +# and report them at http://bugzilla.novell.com/ +# + +# since rsyslog v3: load input modules # If you do not load inputs, nothing happens! -$ModLoad immark.so # provides --MARK-- message capability -$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) -$ModLoad imklog.so # kernel logging (may be also provided by /sbin/klogd) +# provides --MARK-- message capability (every 1 hour) +$ModLoad immark.so +$MarkMessagePeriod 3600 + +# provides support for local system logging (e.g. via logger command) +$ModLoad imuxsock.so + +# reduce dupplicate log messages (last message repeated n times) +$RepeatedMsgReduction on + +# kernel logging (may be also provided by /sbin/klogd) +# see also http://www.rsyslog.com/doc-imklog.html. +$ModLoad imklog.so +# set log level 1 (same as in /etc/sysconfig/syslog). +$klogConsoleLogLevel 1 + +# +# Use traditional log format by default. To change a single +# file to use rsyslog format (high-precision timestamps), +# append ";RSYSLOG_FileFormat" to the filename. See +# http://www.rsyslog.com/doc/rsyslog_conf_templates.html +# for more informations. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # # Include config generated by /etc/init.d/syslog script @@ -28,92 +45,109 @@ $ModLoad imklog.so # kernel logging (may be also provided by /sbin/klogd) # $IncludeConfig ADDITIONAL_SOCKETS + ### +# print most important on tty10 and on the xconsole pipe # -# print most on tty10 and on the xconsole pipe -# -kern.warning;*.err;authpriv.none /dev/tty10;RSYSLOG_TraditionalFileFormat -kern.warning;*.err;authpriv.none |/dev/xconsole;RSYSLOG_TraditionalFileFormat +if ( \ + /* kernel up to warning except of firewall */ \ + ($syslogfacility-text == 'kern') and \ + ($syslogseverity <= 4 /* warning */ ) and not \ + ($msg contains 'IN=' and $msg contains 'OUT=') \ + ) or ( \ + /* up to errors except of facility authpriv */ \ + ($syslogseverity <= 3 /* errors */ ) and not \ + ($syslogfacility-text == 'authpriv') \ + ) \ +then /dev/tty10 +& |/dev/xconsole + + +# Emergency messages to everyone logged on (wall) *.emerg :omusrmsg:* # enable this, if you want that root is informed # immediately, e.g. of logins #*.alert root + # # firewall messages into separate file and stop their further processing # if ($syslogfacility-text == 'kern') and \ - ($msg contains 'IN=' and $msg contains 'OUT=') then \ - -/var/log/firewall;RSYSLOG_TraditionalFileFormat -if ($syslogfacility-text == 'kern') and \ - ($msg contains 'IN=' and $msg contains 'OUT=') then \ - ~ + ($msg contains 'IN=' and $msg contains 'OUT=') \ +then -/var/log/firewall +& ~ + # # acpid messages into separate file and stop their further processing # # => all acpid messages for debuging (uncomment if needed): #if ($programname == 'acpid' or $syslogtag == '[acpid]:') then \ -# -/var/log/acpid;RSYSLOG_TraditionalFileFormat +# -/var/log/acpid # # => up to notice (skip info and debug) if ($programname == 'acpid' or $syslogtag == '[acpid]:') and \ - ($syslogseverity <= 5) then \ - -/var/log/acpid;RSYSLOG_TraditionalFileFormat -if ($programname == 'acpid' or $syslogtag == '[acpid]:') then \ - ~ + ($syslogseverity <= 5 /* notice */) \ +then -/var/log/acpid +& ~ + # # NetworkManager into separate file and stop their further processing # if ($programname == 'NetworkManager') or \ - ($programname startswith 'nm-') then \ - -/var/log/NetworkManager;RSYSLOG_TraditionalFileFormat -if ($programname == 'NetworkManager') or \ - ($programname startswith 'nm-') then \ - ~ + ($programname startswith 'nm-') \ +then -/var/log/NetworkManager +& ~ + # # email-messages # -mail.* -/var/log/mail;RSYSLOG_TraditionalFileFormat -mail.info -/var/log/mail.info;RSYSLOG_TraditionalFileFormat -mail.warning -/var/log/mail.warn;RSYSLOG_TraditionalFileFormat -mail.err /var/log/mail.err;RSYSLOG_TraditionalFileFormat +mail.* -/var/log/mail +mail.info -/var/log/mail.info +mail.warning -/var/log/mail.warn +mail.err /var/log/mail.err + # # news-messages # -news.crit -/var/log/news/news.crit;RSYSLOG_TraditionalFileFormat -news.err -/var/log/news/news.err;RSYSLOG_TraditionalFileFormat -news.notice -/var/log/news/news.notice;RSYSLOG_TraditionalFileFormat +news.crit -/var/log/news/news.crit +news.err -/var/log/news/news.err +news.notice -/var/log/news/news.notice # enable this, if you want to keep all news messages # in one file -#news.* -/var/log/news.all;RSYSLOG_TraditionalFileFormat +#news.* -/var/log/news.all + # # Warnings in one file # -*.=warning;*.=err -/var/log/warn;RSYSLOG_TraditionalFileFormat -*.crit /var/log/warn;RSYSLOG_TraditionalFileFormat +*.=warning;*.=err -/var/log/warn +*.crit /var/log/warn + # # the rest in one file # -*.*;mail.none;news.none -/var/log/messages;RSYSLOG_TraditionalFileFormat +*.*;mail.none;news.none -/var/log/messages + # # enable this, if you want to keep all messages # in one file -#*.* -/var/log/allmessages;RSYSLOG_TraditionalFileFormat +#*.* -/var/log/allmessages + # # Some foreign boot scripts require local7 # -local0,local1.* -/var/log/localmessages;RSYSLOG_TraditionalFileFormat -local2,local3.* -/var/log/localmessages;RSYSLOG_TraditionalFileFormat -local4,local5.* -/var/log/localmessages;RSYSLOG_TraditionalFileFormat -local6,local7.* -/var/log/localmessages;RSYSLOG_TraditionalFileFormat +local0,local1.* -/var/log/localmessages +local2,local3.* -/var/log/localmessages +local4,local5.* -/var/log/localmessages +local6,local7.* -/var/log/localmessages ### diff --git a/rsyslog.spec b/rsyslog.spec index 5f27840..906fab2 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -1,7 +1,7 @@ # # spec file for package rsyslog # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ Name: rsyslog Summary: The enhanced syslogd for Linux and Unix Version: 5.8.5 -Release: 4 +Release: 1 # for setting those bcond_with* configs see # http://lizards.opensuse.org/2008/09/12/conditional-features-aka-use-flags/ %if 0%{?suse_version} >= 1140 @@ -56,7 +56,7 @@ Release: 4 %define _libdir /%_lib %define rsyslog_module_dir_nodeps %{_libdir}/rsyslog/ %define rsyslog_module_dir_withdeps %{_prefix}/%{_lib}/rsyslog/ -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Url: http://www.rsyslog.com/ AutoReqProv: on @@ -131,7 +131,7 @@ protected syslog relay chains while at the same time being very easy to setup for the novice user. %package doc -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: Additional documentation for rsyslog @@ -143,7 +143,7 @@ package. This package provides additional documentation for rsyslog. %package diag-tools -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: Diagnostic tools @@ -158,7 +158,7 @@ usually not needed). %if %{with gssapi} %package module-gssapi -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: GSS-API support module for rsyslog @@ -174,7 +174,7 @@ network protected via Kerberos 5 encryption and authentication. %if %{with mysql} %package module-mysql -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: MySQL support module for rsyslog @@ -190,7 +190,7 @@ databases. %if %{with pgsql} %package module-pgsql -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: PostgreSQL support module for rsyslog @@ -205,7 +205,7 @@ This module provides the support for logging into PostgreSQL databases. %if %{with dbi} %package module-dbi -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: Database support via DBI @@ -221,7 +221,7 @@ supported databases. %if %{with snmp} %package module-snmp -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: SNMP support module for rsyslog @@ -237,7 +237,7 @@ v2c traps. %if %{with gnutls} %package module-gtls -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: TLS encryption support module for rsyslog @@ -253,7 +253,7 @@ on current syslog-transport-tls internet drafts). %if %{with relp} %package module-relp -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: RELP protocol support module for syslog @@ -267,7 +267,7 @@ This module provides Reliable Event Logging Protocol support. %endif %package module-udpspoof -License: GPLv3+ +License: GPL-3.0+ Group: System/Daemons Requires: %{name} = %{version} Summary: UDP spoof support module for syslog From 0c25abf381202f4c192fa03c5f45f7e73d009dd1202834a7edce8028411e396f Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 20 Feb 2012 14:04:02 +0000 Subject: [PATCH 2/5] - Changed /etc/rsyslog.early.conf to just include rsyslog.conf, fixed spec to use sd-daemon.[ch] from docs on 11.4 only. OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=75 --- rsyslog.changes | 6 ++ rsyslog.early.conf.in | 150 ++---------------------------------------- rsyslog.spec | 4 ++ 3 files changed, 15 insertions(+), 145 deletions(-) diff --git a/rsyslog.changes b/rsyslog.changes index 321ef02..17833e5 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Feb 20 13:44:36 UTC 2012 - mt@suse.com + +- Changed /etc/rsyslog.early.conf to just include rsyslog.conf, + fixed spec to use sd-daemon.[ch] from docs on 11.4 only. + ------------------------------------------------------------------- Mon Feb 20 12:11:18 UTC 2012 - mt@suse.com diff --git a/rsyslog.early.conf.in b/rsyslog.early.conf.in index 1002dd6..6839f2a 100644 --- a/rsyslog.early.conf.in +++ b/rsyslog.early.conf.in @@ -2,152 +2,12 @@ ## NOTE: This config file is obsolete and will be dropped in ## further package versions. Even while early syslog ## start, the /etc/rsyslog.conf file is used now. +## See rsyslog.conf and remote.conf for more details. +## +## We still ship the file, because systemd does not +## provide a way to execute syslog-service-generator. ## -# -# if you experience problems, check -# http://www.rsyslog.com/troubleshoot for assistance -# and report them at http://bugzilla.novell.com/ -# - -# since rsyslog v3: load input modules -# If you do not load inputs, nothing happens! - -# provides --MARK-- message capability (every 1 hour) -$ModLoad immark.so -$MarkMessagePeriod 3600 - -# provides support for local system logging (e.g. via logger command) -$ModLoad imuxsock.so - -# reduce dupplicate log messages (last message repeated n times) -$RepeatedMsgReduction on - -# kernel logging (may be also provided by /sbin/klogd) -# see also http://www.rsyslog.com/doc-imklog.html. -$ModLoad imklog.so -# set log level 1 (same as in /etc/sysconfig/syslog). -$klogConsoleLogLevel 1 - -# -# Use traditional log format by default. To change a single -# file to use rsyslog format (high-precision timestamps), -# append ";RSYSLOG_FileFormat" to the filename. See -# http://www.rsyslog.com/doc/rsyslog_conf_templates.html -# for more informations. -# -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat - -# -# Include config generated by /etc/init.d/syslog script -# using the SYSLOGD_ADDITIONAL_SOCKET* variables in the -# /etc/sysconfig/syslog file. -# -$IncludeConfig ADDITIONAL_SOCKETS - - -### -# print most important on tty10 and on the xconsole pipe -# -if ( \ - /* kernel up to warning except of firewall */ \ - ($syslogfacility-text == 'kern') and \ - ($syslogseverity <= 4 /* warning */ ) and not \ - ($msg contains 'IN=' and $msg contains 'OUT=') \ - ) or ( \ - /* up to errors except of facility authpriv */ \ - ($syslogseverity <= 3 /* errors */ ) and not \ - ($syslogfacility-text == 'authpriv') \ - ) \ -then /dev/tty10 -& |/dev/xconsole - - -# Emergency messages to everyone logged on (wall) -*.emerg :omusrmsg:* - -# enable this, if you want that root is informed -# immediately, e.g. of logins -#*.alert root - - -# -# firewall messages into separate file and stop their further processing -# -if ($syslogfacility-text == 'kern') and \ - ($msg contains 'IN=' and $msg contains 'OUT=') \ -then -/var/log/firewall -& ~ - - -# -# acpid messages into separate file and stop their further processing -# -# => all acpid messages for debuging (uncomment if needed): -#if ($programname == 'acpid' or $syslogtag == '[acpid]:') then \ -# -/var/log/acpid -# -# => up to notice (skip info and debug) -if ($programname == 'acpid' or $syslogtag == '[acpid]:') and \ - ($syslogseverity <= 5 /* notice */) \ -then -/var/log/acpid -& ~ - - -# -# NetworkManager into separate file and stop their further processing -# -if ($programname == 'NetworkManager') or \ - ($programname startswith 'nm-') \ -then -/var/log/NetworkManager -& ~ - - -# -# email-messages -# -mail.* -/var/log/mail -mail.info -/var/log/mail.info -mail.warning -/var/log/mail.warn -mail.err /var/log/mail.err - - -# -# news-messages -# -news.crit -/var/log/news/news.crit -news.err -/var/log/news/news.err -news.notice -/var/log/news/news.notice -# enable this, if you want to keep all news messages -# in one file -#news.* -/var/log/news.all - - -# -# Warnings in one file -# -*.=warning;*.=err -/var/log/warn -*.crit /var/log/warn - - -# -# the rest in one file -# -*.*;mail.none;news.none -/var/log/messages - - -# -# enable this, if you want to keep all messages -# in one file -#*.* -/var/log/allmessages - - -# -# Some foreign boot scripts require local7 -# -local0,local1.* -/var/log/localmessages -local2,local3.* -/var/log/localmessages -local4,local5.* -/var/log/localmessages -local6,local7.* -/var/log/localmessages +$IncludeConfig ETC_RSYSLOG_CONF ### diff --git a/rsyslog.spec b/rsyslog.spec index 906fab2..d450606 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -281,10 +281,13 @@ This module provides a UDP forwarder that allows changing the sender address. %prep %setup -q -n %{name}-%{upstream_version} %if %{with systemd} +%if 0%{?suse_version} <= 1140 # Bug: https://bugzilla.novell.com/show_bug.cgi?id=656259 # install the files systemd provides rather than what we provide. +# On newer systems, systemd-devel provides them. cp -a /usr/share/doc/packages/systemd/sd-daemon.[ch] runtime/ %endif +%endif dos2unix doc/*.html %build @@ -391,6 +394,7 @@ for file in rsyslog.conf rsyslog.early.conf rsyslog.d.remote.conf ; do -e 's;tty10;console;g' \ %endif -e 's;ADDITIONAL_SOCKETS;%{additional_sockets};g' \ + -e 's;ETC_RSYSLOG_CONF;%{_sysconfdir}/rsyslog.conf;g' \ -e 's;ETC_RSYSLOG_D_DIR;%{_sysconfdir}/rsyslog.d;g' \ -e 's;ETC_RSYSLOG_D_GLOB;%{_sysconfdir}/rsyslog.d/*.conf;g' \ -e 's;RSYSLOG_SPOOL_DIR;%{_localstatedir}/spool/rsyslog;g' \ From 8d095aab102835351f27e9390d8b99d345b5b10d2c3826c6cf7bc56a9572692b Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 20 Feb 2012 14:14:46 +0000 Subject: [PATCH 3/5] - updated to 5.8.7 [V5-stable]: - bugfix: instabilities when using RFC5424 header fields Thanks to Kaiwang Chen for the patch - bugfix: imuxsock did truncate part of received message if it did not contain a proper date. The truncation occured because we removed that part of the messages that was expected to be the date. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=295 - bugfix: potential abort after reading invalid X.509 certificate closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290 Thanks to Tomas Heinrich for the patch - bugfix: stats counter were not properly initialized on creation - FQDN hostname for multihomed host was not always set to the correct name if multiple aliases existed. Thanks to Tomas Heinreich for the patch. - updated to 5.8.6 [V5-stable]: - bugfix: missing whitespace after property-based filter was not detected - bugfix: $OMFileFlushInterval period was doubled - now using correct value - bugfix: ActionQueue could malfunction due to index error Thanks to Vlad Grigorescu for the patch - bugfix: $ActionExecOnlyOnce interval did not work properly Thanks to Tomas Heinrich for the patch - bugfix: race condition when extracting program name, APPNAME, structured data and PROCID (RFC5424 fields) could lead to invalid characters e.g. in dynamic file names or during forwarding (general malfunction ofthese fields in templates, mostly under heavy load) - bugfix: imuxsock did no longer ignore message-provided timestamp, if so configured (the *default*). Lead to no longer sub-second timestamps. OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=76 --- rsyslog-5.8.5.tar.bz2 | 3 --- rsyslog-5.8.7.tar.bz2 | 3 +++ rsyslog.changes | 41 +++++++++++++++++++++++++++++++++++++++++ rsyslog.spec | 4 ++-- 4 files changed, 46 insertions(+), 5 deletions(-) delete mode 100644 rsyslog-5.8.5.tar.bz2 create mode 100644 rsyslog-5.8.7.tar.bz2 diff --git a/rsyslog-5.8.5.tar.bz2 b/rsyslog-5.8.5.tar.bz2 deleted file mode 100644 index f64bc0a..0000000 --- a/rsyslog-5.8.5.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cfdc128f8b3ab88e36f85ce8fb12ff8d19790181b7b0138f97afda42c256ee78 -size 1909999 diff --git a/rsyslog-5.8.7.tar.bz2 b/rsyslog-5.8.7.tar.bz2 new file mode 100644 index 0000000..486ce44 --- /dev/null +++ b/rsyslog-5.8.7.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6d43db0d7dbdefbdb0fce27ae70b304d53681ff5d8f6d823c761be4242bf5080 +size 1925789 diff --git a/rsyslog.changes b/rsyslog.changes index 17833e5..1c9b948 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -1,6 +1,47 @@ ------------------------------------------------------------------- Mon Feb 20 13:44:36 UTC 2012 - mt@suse.com +- updated to 5.8.7 [V5-stable]: + - bugfix: instabilities when using RFC5424 header fields + Thanks to Kaiwang Chen for the patch + - bugfix: imuxsock did truncate part of received message if it did + not contain a proper date. The truncation occured because we + removed that part of the messages that was expected to be the date. + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=295 + - bugfix: potential abort after reading invalid X.509 certificate + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290 + Thanks to Tomas Heinrich for the patch + - bugfix: stats counter were not properly initialized on creation + - FQDN hostname for multihomed host was not always set to the correct + name if multiple aliases existed. Thanks to Tomas Heinreich for the + patch. +- updated to 5.8.6 [V5-stable]: + - bugfix: missing whitespace after property-based filter was not + detected + - bugfix: $OMFileFlushInterval period was doubled - now using correct + value + - bugfix: ActionQueue could malfunction due to index error + Thanks to Vlad Grigorescu for the patch + - bugfix: $ActionExecOnlyOnce interval did not work properly + Thanks to Tomas Heinrich for the patch + - bugfix: race condition when extracting program name, APPNAME, + structured data and PROCID (RFC5424 fields) could lead to invalid + characters e.g. in dynamic file names or during forwarding (general + malfunction ofthese fields in templates, mostly under heavy load) + - bugfix: imuxsock did no longer ignore message-provided timestamp, + if so configured (the *default*). Lead to no longer sub-second + timestamps. + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=281 + - bugfix: omfile returns fatal error code for things that go really + wrong previously, RS_RET_RESUME was returned, which lead to a loop + inside the rule engine as omfile could not really recover. + - bugfix: imfile did invalid system call under some circumstances + when a file that was to be monitored did not exist BUT the state + file actually existed. Mostly a cosmetic issue. Root cause was + incomplete error checking in stream.c; so patch may affect other + code areas. + - bugfix: rsyslogd -v always said 64 atomics were not present + thanks to mono_matsuko for the patch - Changed /etc/rsyslog.early.conf to just include rsyslog.conf, fixed spec to use sd-daemon.[ch] from docs on 11.4 only. diff --git a/rsyslog.spec b/rsyslog.spec index d450606..a460527 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -20,8 +20,8 @@ Name: rsyslog Summary: The enhanced syslogd for Linux and Unix -Version: 5.8.5 -Release: 1 +Version: 5.8.7 +Release: 0 # for setting those bcond_with* configs see # http://lizards.opensuse.org/2008/09/12/conditional-features-aka-use-flags/ %if 0%{?suse_version} >= 1140 From ea7540677c7a28c97d40e015f4eb0fa879c96874b856a1b857cfcb8b8fb5498a Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 20 Feb 2012 15:34:54 +0000 Subject: [PATCH 4/5] - Detect if we have to use the new /run/systemd/journal/syslog socket instead of the /dev/log under newer systemd versions. OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=77 --- rsyslog-5.8.7-systemd-log-socket.patch | 43 ++++++++++++++++++++++++++ rsyslog.changes | 4 ++- rsyslog.spec | 2 ++ 3 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 rsyslog-5.8.7-systemd-log-socket.patch diff --git a/rsyslog-5.8.7-systemd-log-socket.patch b/rsyslog-5.8.7-systemd-log-socket.patch new file mode 100644 index 0000000..7197b9d --- /dev/null +++ b/rsyslog-5.8.7-systemd-log-socket.patch @@ -0,0 +1,43 @@ +From a738e3d5866a1dbbb1538b7461e266ec81cb1f45 Mon Sep 17 00:00:00 2001 +From: Marius Tomaschewski +Date: Mon, 20 Feb 2012 16:29:42 +0100 +Subject: [PATCH] Detect if to use /run/systemd/journal/syslog under systemd + +Detect if we have to use the new /run/systemd/journal/syslog +socket instead of the /dev/log under newer systemd versions. + +Signed-off-by: Marius Tomaschewski +--- + plugins/imuxsock/imuxsock.c | 9 +++++++++ + 1 files changed, 9 insertions(+), 0 deletions(-) + +diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c +index feddb20..767f9a9 100644 +--- a/plugins/imuxsock/imuxsock.c ++++ b/plugins/imuxsock/imuxsock.c +@@ -67,6 +67,9 @@ MODULE_TYPE_NOKEEP + #define _PATH_LOG "/dev/log" + #endif + #endif ++#ifndef SYSTEMD_PATH_LOG ++#define SYSTEMD_PATH_LOG "/run/systemd/journal/syslog" ++#endif + + /* emulate struct ucred for platforms that do not have it */ + #ifndef HAVE_SCM_CREDENTIALS +@@ -775,6 +778,12 @@ CODESTARTwillRun + # endif + if(pLogSockName != NULL) + listeners[0].sockName = pLogSockName; ++ else if(sd_booted()) { ++ struct stat st; ++ if(stat(SYSTEMD_PATH_LOG, &st) != -1 && S_ISSOCK(st.st_mode)) { ++ listeners[0].sockName = SYSTEMD_PATH_LOG; ++ } ++ } + if(ratelimitIntervalSysSock > 0) { + if((listeners[0].ht = create_hashtable(100, hash_from_key_fn, key_equals_fn, NULL)) == NULL) { + /* in this case, we simply turn of rate-limiting */ +-- +1.7.7 + diff --git a/rsyslog.changes b/rsyslog.changes index 1c9b948..9f66980 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -1,6 +1,8 @@ ------------------------------------------------------------------- -Mon Feb 20 13:44:36 UTC 2012 - mt@suse.com +Mon Feb 20 15:33:05 UTC 2012 - mt@suse.com +- Detect if we have to use the new /run/systemd/journal/syslog + socket instead of the /dev/log under newer systemd versions. - updated to 5.8.7 [V5-stable]: - bugfix: instabilities when using RFC5424 header fields Thanks to Kaiwang Chen for the patch diff --git a/rsyslog.spec b/rsyslog.spec index a460527..0e9ddcc 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -120,6 +120,7 @@ Source1: rsyslog.sysconfig Source2: rsyslog.conf.in Source3: rsyslog.early.conf.in Source4: rsyslog.d.remote.conf.in +Patch1: rsyslog-5.8.7-systemd-log-socket.patch %description Rsyslog is an enhanced multi-threaded syslogd supporting, among others, @@ -280,6 +281,7 @@ This module provides a UDP forwarder that allows changing the sender address. %prep %setup -q -n %{name}-%{upstream_version} +%patch1 -p1 %if %{with systemd} %if 0%{?suse_version} <= 1140 # Bug: https://bugzilla.novell.com/show_bug.cgi?id=656259 From a6ba59f53eca79048991c6627650341a37478b4eb0e3dea13f0c93f541c8a981 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 20 Feb 2012 15:51:10 +0000 Subject: [PATCH 5/5] Obsoletes listen.conf installed by systemd (bnc#747871). OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=78 --- rsyslog.changes | 1 + 1 file changed, 1 insertion(+) diff --git a/rsyslog.changes b/rsyslog.changes index 9f66980..43c98fb 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -3,6 +3,7 @@ Mon Feb 20 15:33:05 UTC 2012 - mt@suse.com - Detect if we have to use the new /run/systemd/journal/syslog socket instead of the /dev/log under newer systemd versions. + Obsoletes listen.conf installed by systemd (bnc#747871). - updated to 5.8.7 [V5-stable]: - bugfix: instabilities when using RFC5424 header fields Thanks to Kaiwang Chen for the patch