Hello community,
here is the log from the commit of package syslog-ng.1232 for openSUSE:12.2:Update checked in at 2013-01-21 15:36:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.2:Update/syslog-ng.1232 (Old)
and /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "syslog-ng.1232", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2013-01-09 19:40:42.352580873 +0100
+++ /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new/syslog-ng.changes 2013-01-21 15:36:30.000000000 +0100
@@ -0,0 +1,940 @@
+-------------------------------------------------------------------
+Thu Jan 10 12:47:56 UTC 2013 - mt@suse.com
+
+- Check the existence of /etc/init.d/syslog script before calling
+ the restart_on_update and stop_on_removal macros to avoid errors
+ on update, reset the SYSLOG_DAEMON variable on removal only.
+ Since openSUSE 12.3, the syslog init script is not shipped any
+ more (bnc#790298,bnc#750478).
+
+-------------------------------------------------------------------
+Tue Apr 17 08:30:01 CEST 2012 - czanik@balabit.hu
+
+- update to syslog-ng 3.3.5 which fixes even more memleaks
+- resolves bnc#757680
+
+-------------------------------------------------------------------
+Thu Feb 23 16:21:05 UTC 2012 - mt@suse.com
+
+- Detect if we have to use the new /run/systemd/journal/syslog
+ socket under newer systemd versions, instead of the default
+ _PATH_LOG (/dev/log) socket. Avoids update problems and the
+ need to adopt config before using init=... boot parameter
+ (bnc#747871).
+
+-------------------------------------------------------------------
+Fri Jan 27 12:45:30 CET 2012 - czanik@balabit.hu
+
+- more changelog, as requested by saschpe
+ v3.3.1 was the initial syslog-ng 3.3 release
+ fixes and changes, taken from the syslog-ng NEWS file
+
+- Fixes:
+
+* Fixed set() and subst() rewrite operations to work properly on the
+ value() parameter specified in the configuration even if they are
+ referenced at multiple spots in the configuration file. Earlier
+ the 2nd and subsequent invocation of the rewrite rule changed
+ $MESSAGE.
+* Fixed csv-parser() to work even if it is invoked at multiple spots
+ in the configuration file. Earlier, the 2nd and subsequent
+ references of the parser rule forgot the list of column names and
+ the input template.
+* Fixed the processing of condition() parameter in rewrite rules,
+ which was broken if it contained a filter() function call.
+* Fixed program() destination to properly kill the child process on
+ reload and shutdown.
+* Fixed a potential division by zero error which could happen for
+ large data rates due to a race in an unlocked region.
+* Fixed an assertion failure in mongodb destination that happened
+ due to a race condition at high data rates.
+* Fixed an fd leak in the control socket code, that caused the
+ control connection file descriptors to be leaked.
+* Fixed a crash problem in the tcp() destination, that occurred at
+ or after a reload happens.
+* Fixed a segmentation fault on reload when using the same rewrite
+ rule from multiple log paths.
+* Fixed a segmentation fault when processing a reload request in
+ case an existing tcp() source is removed from the config and there
+ are open connections.
+* Fixed a possible segmentation fault in the scalable queue
+ implementation, which happens in case a destination is slower to
+ process messages than syslog-ng would like to send them.
+* Fixed a possible file() destination issue that could cause
+ syslog-ng to omit data or to write garbage to the log file in case
+ the kernel reports that only a smaller portion of the actual write
+ request could be accomplished.
+* Fixed an "internal error duplicate config element" error during
+ reload due to an invalid bugfix applied for 3.3.1. Older beta
+ versions of 3.3 were not affected.
+* Fixed a memory leak that causes macro based file destinations to
+ leak their queue when destination files are closed due to
+ time-reap().
+* Fixed the handling of the condition() option for rewrite rules.
+* Fixed a race condition in value-pairs support, potentially causing
+ heap corruption problems when $(format-json) is used in threaded
+ mode.
+* Fixed a memory leak in value-pairs template function argument
+ parsing, fixing a leak if $(format-json) is used.
+* Repeated definitions of source, destination, filter, rewrite,
+ parser and block elements are not allowed by default anymore.
+ These are reported as configuration errors unless
+ @define allow-config-dups 1
+ is specified in the configuration file.
+* Fixed pdbtool error reporting in "pdbtool test" to make it easier
+ to understand what went wrong.
+* Added an SQL connection health check in case an INSERT failed.
+ This way syslog-ng handles SQL server timeouts better.
+* Fixed support for systemd socket activation. Previously such
+ sockets were not set to non-blocking mode, causing syslog-ng to
+ hang.
+* Fixed the filter() function in the filter expression to work also
+ when used as a part of an AND or OR construct.
+* Allow the sql() destination to operate even without an indexes()
+ option. That parameter was meant to be optional, but it wasn't.
+* Fixed compilation issues if no OpenSSL is present.
+* Fixed a minor memory leak in the usertty() driver that can increase
+ memory usage on every reload. (The username() parameter wasn't
+ properly freed on reload).
+* Fixed a minor memory leak in the sql() driver that can increase
+ the memory usage on every reload (indexes() parameter wasn't
+ properly freed on reload).
+
+- Changes
+* db-parser() automatically sets a tag named '.classifier.unknown'
+ if the message doesn't match.
+* The use of actions in db-parser() for messages without a
+ correllation context was inconsistently indexing messages. For
+ actions in rules that had correllation @0 was the new message
+ being generated, and @1 was the message that triggered the rule.
+ Without correllation @0 was used for the triggering message, which
+ is greatly inconsistent and unintuitive. This was fixed by
+ changing the behaviour for rules without correllation, now both
+ correllation and non-correllation rules use @0 for the new
+ message, and @1 for the triggering message. This is an
+ incompatible change in the db-parser() format.
+* The value of the $TAGS macro is added to pdbtool match output.
+* unix-dgram() and unix-stream() error logging on systemd failures
+ became more detailed for easier troubleshooting.
+
+-------------------------------------------------------------------
+Thu Jan 26 21:47:32 CET 2012 - czanik@balabit.hu
+
+- fix systemd support for openSUSE > 12.1
+
+-------------------------------------------------------------------
+Fri Jan 20 09:03:53 CET 2012 - czanik@balabit.hu
+
+- update to 3.3.4
+
+-------------------------------------------------------------------
+Wed Jan 11 15:41:57 CET 2012 - czanik@balabit.hu
+
+- update to the latest 3.3-git
+
+-------------------------------------------------------------------
+Tue Jan 3 16:13:47 CET 2012 - czanik@balabit.hu
+
+- update to 3.3.3
+- remove filter patch
+- fix afsql related warning
+
+-------------------------------------------------------------------
+Tue Dec 20 21:01:45 UTC 2011 - coolo@suse.com
+
+- remove call to suse_update_config (very old work around)
+
+-------------------------------------------------------------------
+Tue Oct 25 11:22:09 CEST 2011 - czanik@balabit.hu
+
+- add patch for filters bug
+ https://bugzilla.balabit.com/show_bug.cgi?id=140
+ so firewall logs are correctly filtered
+
+-------------------------------------------------------------------
+Mon Oct 3 12:52:16 CEST 2011 - czanik@balabit.hu
+
+- update to 3.3.1 (3.3 final) which fixes some more minor
+ problems and updates NEWS
+
+-------------------------------------------------------------------
+Thu Sep 29 08:41:31 CEST 2011 - czanik@balabit.hu
+
+- updated to latest git, which made time patch redundant
+ and also fixes for mongodb, memory leaks, etc.
+- fix 11.3 packaging
+- enable json support also for 11.4
+
+-------------------------------------------------------------------
+Fri Sep 23 17:29:15 CEST 2011 - czanik@balabit.hu
+
+- updated to latest git snapshot including fix for bnc#719102
+- enabled capabilities support >11.4 only
+- moved libafmongodb to /usr
+- added fix for compiledate
+- changed time patch to configure option
+ (which does not work yet...)
+- removed patches previously picked from git
+
+-------------------------------------------------------------------
+Mon Sep 5 11:43:10 CEST 2011 - czanik@balabit.hu
+
+- fix for an ugly BSD date problem: when using original dates
+ in September - December, all turn up as from December
+ patch to be removed on next release
+
+-------------------------------------------------------------------
+Wed Aug 24 08:41:22 UTC 2011 - mt@suse.de
+
+- Adopted to require new syslog-service package on 12.x, that
+ provides the /etc/init.d/syslog LSB init script and systemd
+ syslog.service service file. Removed syslog-ng.service file
+ installation from spec file. (fate#311316).
+
+-------------------------------------------------------------------
+Thu Aug 18 15:58:26 CEST 2011 - czanik@balabit.hu
+
+- updated to syslog-ng-3.3.0beta2, a new major release with many
++++ 743 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new/syslog-ng.changes
New:
----
syslog-ng-3.3.5-less-static.diff
syslog-ng-3.3.5-sd-sock-name.patch
syslog-ng.changes
syslog-ng.conf.default
syslog-ng.rc-script
syslog-ng.spec
syslog-ng.sysconfig
syslog-ng_3.3.5.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ syslog-ng.spec ++++++
#
# spec file for package syslog-ng
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: syslog-ng
%define with_sql %suse_version > 1130
%define with_systemd %suse_version > 1130
%define with_syslogservice %suse_version > 1140
%define with_json %suse_version > 1130
Version: 3.3.5
Release: 0
Summary: The new-generation syslog-daemon
License: GPL-2.0
Group: System/Daemons
Url: http://www.balabit.com/products/syslog_ng/
%if 0%{?with_syslogservice}
Requires(pre): %insserv_prereq %fillup_prereq syslog-service
%else
Requires(pre): %insserv_prereq %fillup_prereq /sbin/klogd /etc/init.d/syslog
%endif
Provides: syslog
#Source0: http://www.balabit.com/downloads/files/syslog-ng/sources/%%{version}/source/syslog-ng_%%{version}.tar.gz
Source0: syslog-ng_%{version}.tar.gz
Source1: syslog-ng.rc-script
Source2: syslog-ng.sysconfig
Source3: syslog-ng.conf.default
Patch0: syslog-ng-%{version}-less-static.diff
Patch1: syslog-ng-%{version}-sd-sock-name.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
BuildRequires: flex
BuildRequires: gcc-c++
BuildRequires: glib2-devel
BuildRequires: pkgconfig
BuildRequires: python
BuildRequires: tcpd-devel
%if %suse_version > 1140
BuildRequires: libcap-devel
%endif
%if 0%{?with_syslogservice}
BuildRequires: syslog-service
%else
BuildRequires: klogd
%endif
%if %suse_version > 1130
BuildRequires: libnet-devel
%else
BuildRequires: libnet
%endif
%if 0%{?with_systemd}
# The systemd package provides
# /usr/share/doc/packages/systemd/sd-daemon.[ch]
# (http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.[ch])
# files we need for socket activation, see bnc#656259.
#
# Note: On 11.4 we do not ship any systemd service file.
# On 12.x, the syslog.service file is provided by
# the syslog-service package.
# On 12.1+ uses -lsystemd-daemon instead of copying
BuildRequires: systemd
%endif
%if 0%{?with_sql}
BuildRequires: libdbi-devel
%endif
%if 0%{?with_json}
BuildRequires: json-glib-devel
%endif
BuildRequires: libevtlog-devel
BuildRequires: libopenssl-devel
BuildRequires: pcre-devel
# only while preparing dist from git
# BuildRequires: git
%description
syslog-ng is a "new-generation" syslogd (replacement) for Unix and
Unix-like systems. It tries to fill the gaps in the original syslogd:
* powerful configurability
* filtering based on message content
* portability
* better network forwarding
The official home page of syslog-ng is:
http://www.balabit.com/network-security/syslog-ng/
Authors:
--------
Balázs Scheidler
BalaBit IT Ltd.
%if 0%{?with_sql}
%package sql
Summary: SQL support using DBI
Group: System/Daemons
Requires: %{name} = %{version}
%description sql
This package provides the libafsql module providing support for
logging into a SQL database using DBI. To enable it, comment
out the library in %_sysconfdir/syslog-ng/scl/modules.conf
Authors:
--------
Balázs Scheidler
BalaBit IT Ltd.
%endif
%if 0%{?with_json}
%package json
Summary: JSON output support
Group: System/Daemons
Requires: %{name} = %{version}
%description json
This package provides the tfjson module providing support for
logging in JSON format. To enable it, comment out the library
in %_sysconfdir/syslog-ng/scl/modules.conf
Authors:
--------
Balázs Scheidler
BalaBit IT Ltd.
%endif
%prep
%setup -q -n syslog-ng-%{version}
%if 0%{suse_version} <= 1130
%patch0 -p0
%endif
%patch1 -p1
cp -a $RPM_SOURCE_DIR/syslog-ng.rc-script .
cp -a $RPM_SOURCE_DIR/syslog-ng.conf.default .
%ifarch s390 s390x
sed -i -e 's/tty10/console/g' syslog-ng.conf.default
%endif
%if 0%{?with_syslogservice}
%else
sed -i -e 's/\([ \t]*\)\(file.*kmsg.*\)/\1#\2/g' syslog-ng.conf.default
%endif
%if 0%{?with_systemd}
%if 0%{suse_version} <= 1210
cp -a /usr/share/doc/packages/systemd/sd-daemon.[ch] modules/afsocket/
%endif
%endif
%build
##
## build ####################################################
##
export CFLAGS="$RPM_OPT_FLAGS"
# export SUSE_ASNEEDED=0
#
# - update configure scripts & tools:
#
#aclocal --force
#libtoolize -f
#automake --foreign --add-missing --copy --force-missing
#autoheader
#
# autoreconf -fiv
#
# - configure syslog-ng using static eventlog library (default)
#
%configure \
--bindir=/usr/bin \
--sbindir=/sbin \
--enable-ipv6 \
--enable-tcp-wrapper \
--enable-spoof-source \
--with-pidfile-dir=/var/run \
--sysconfdir=/etc/syslog-ng \
--localstatedir=/var/lib/syslog-ng \
--with-module-dir="/%_lib/syslog-ng" \
--with-module-path="/%_lib/syslog-ng:/usr/%_lib/syslog-ng" \
--with-default-modules="affile,afprog,afsocket,afuser,basicfuncs,csvparser,dbparser,syslogformat" \
--datadir=/usr/share/syslog-ng \
--prefix=/ \
--exec-prefix=/ \
--without-compile-date \
%if 0%{suse_version} < 1130
--disable-ssl \
--disable-pcre \
%else
--enable-ssl \
--enable-pcre \
%endif
%if 0%{?with_systemd}
--enable-systemd \
%endif
%if 0%{?with_sql}
--enable-sql \
%endif
%if 0%{?with_json}
--enable-json \
%endif
%if %suse_version > 1140
--enable-capabilities \
%endif
%if 0%{suse_version} > 1130
--enable-dynamic-linking
%else
--enable-mixed-linking
%endif
#
# - build syslog-ng
#
make %_smp_mflags
%check
##
## check ####################################################
##
#make check
%install
##
## install ##################################################
##
export RPM_BUILD_ROOT
for dir in sbin/conf.d \
etc/syslog-ng \
var/lib/syslog-ng \
var/adm/fillup-templates ;
do
test -d $RPM_BUILD_ROOT/$dir || \
install -d -m755 $RPM_BUILD_ROOT/$dir
done
#
install -m644 syslog-ng.conf.default \
$RPM_BUILD_ROOT/etc/syslog-ng/syslog-ng.conf
install -m644 $RPM_SOURCE_DIR/syslog-ng.sysconfig \
$RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.syslog-ng
#
make DESTDIR=${RPM_BUILD_ROOT} install
#
#tar -C doc/reference -xf doc/reference/syslog-ng.html.tar.gz
#mv doc/reference/syslog-ng.html doc/reference/html
#mv doc/reference/html/index.html doc/reference/syslog-ng.html
mkdir %{buildroot}/usr/sbin/
%{__mv} -v %{buildroot}/sbin/syslog-ng-ctl %{buildroot}/usr/sbin/
mkdir -p %{buildroot}/var/run/syslog-ng/
# don't package update-patterndb now
rm %{buildroot}/usr/bin/update-patterndb
# move libsyslogng by hand, until a fix is found
mkdir -p %{buildroot}/%_lib
%{__mv} -v %{buildroot}/usr/%_lib/* %{buildroot}/%_lib
mkdir -p %{buildroot}/usr/%_lib/syslog-ng
%if 0%{?with_sql}
# move libafsql to /usr, as it has dependencies there
mv %{buildroot}/%_lib/syslog-ng/libafsql.so %{buildroot}/usr/%_lib/syslog-ng
%endif
# move libtfjson to /usr, as it has dependencies there
%if 0%{?with_json}
mv %{buildroot}/%_lib/syslog-ng/libtfjson.so %{buildroot}/usr/%_lib/syslog-ng
%endif
# move libafmongodb to /usr, as it has dependencies there (on <11.4)
mv %{buildroot}/%_lib/syslog-ng/libafmongodb.so %{buildroot}/usr/%_lib/syslog-ng
# remove devel files
rm %{buildroot}/%_lib/syslog-ng/*.la
rm %{buildroot}/%_lib/*.la
rm %{buildroot}/%_lib/pkgconfig/syslog-ng.pc
rm -fr %{buildroot}/usr/include/syslog-ng
rm -fr %{buildroot}/usr/share/syslog-ng/tools
# keep only libafsocket-tsl.so
rm %{buildroot}/%_lib/syslog-ng/libafsocket.so
rm %{buildroot}/%_lib/syslog-ng/libafsocket-notls.so
mv %{buildroot}/%_lib/syslog-ng/libafsocket-tls.so %{buildroot}/%_lib/syslog-ng/libafsocket.so
%clean
##
## clean build root #########################################
##
rm -rf $RPM_BUILD_ROOT
%post
##
## post install #############################################
##
#
# remove old SYSLOG_NG_* variables from etc/sysconfig/syslog-ng
# and the file itself as well.
# this may cause, that syslog-ng will be disabled, but because
# it is IMHO not possible to check if the syslog-ng init script
# was active _and_ SYSLOG_NG_REPLACE was "yes" _before_ the old
# syslog-ng package was uninstalled... it's IMHO acceptable.
#
%{remove_and_set -n syslog-ng SYSLOG_NG_REPLACE SYSLOG_NG_PARAMS}
if [ -f etc/sysconfig/syslog-ng ] ; then
# be sure it' away now :-)
rm -f etc/sysconfig/syslog-ng
fi
#
# add syslog variables provided by klogd if needed
#
%{remove_and_set -n syslog SYSLOG_NG_CREATE_CONFIG}
if test "$SYSLOG_NG_CREATE_CONFIG" == "yes" ; then
cat <$additional_sockets <
From da1d7a240090021188db1bb818159ca1999d54e0 Mon Sep 17 00:00:00 2001
From: Marius Tomaschewski
Date: Thu, 23 Feb 2012 17:08:55 +0100
Subject: [PATCH] Detect if to use /run/systemd/journal/syslog under systemd
Detect if we have to use the new /run/systemd/journal/syslog
socket under newer systemd versions, instead of the default
_PATH_LOG (/dev/log) socket.
Signed-off-by: Marius Tomaschewski
---
modules/afsocket/afunix.c | 29 +++++++++++++++++++++++++++++
1 files changed, 29 insertions(+), 0 deletions(-)
diff --git a/modules/afsocket/afunix.c b/modules/afsocket/afunix.c
index 8145f1a..5fe600a 100644
--- a/modules/afsocket/afunix.c
+++ b/modules/afsocket/afunix.c
@@ -34,12 +34,25 @@
#include
#include
+#include
#include
#include
#include
#include
#include
+#if ENABLE_SYSTEMD
+/*
+ * default log socket name is usually defined
+ * as _PATH_LOG in the sys/socket.h (/dev/log
+ * on linux or /var/run/log on bsd), but under
+ * systemd, we have to use a different one...
+ */
+#ifndef SYSTEMD_PATH_LOG
+#define SYSTEMD_PATH_LOG "/run/systemd/journal/syslog"
+#endif
+#endif
+
void
afunix_sd_set_uid(LogDriver *s, gchar *owner)
{
@@ -228,6 +241,22 @@ afunix_sd_new(gchar *filename, guint32 flags)
else if (self->super.flags & AFSOCKET_STREAM)
afsocket_sd_set_transport(&self->super.super.super, "unix-stream");
+#if defined(_PATH_LOG) && ENABLE_SYSTEMD
+ /*
+ * systemd >= 38 wants we use /run/systemd/journal/syslog,
+ * instead of /dev/log, so use it when the socket exists...
+ */
+ if(sd_booted() && strcmp(filename, _PATH_LOG) == 0) {
+ struct stat st;
+ if(stat(SYSTEMD_PATH_LOG, &st) != -1 && S_ISSOCK(st.st_mode)) {
+ msg_debug("Systemd socket name override",
+ evt_tag_str("log-socket-old", filename),
+ evt_tag_str("log-socket-new", SYSTEMD_PATH_LOG),
+ NULL);
+ filename = SYSTEMD_PATH_LOG;
+ }
+ }
+#endif
self->filename = g_strdup(filename);
self->owner = -1;
self->group = -1;
--
1.7.7
++++++ syslog-ng.conf.default ++++++
@version:3.3
@include "scl.conf"
#
# /etc/syslog-ng/syslog-ng.conf
#
# File format description can be found in syslog-ng.conf(5)
# and in /usr/share/doc/packages/syslog-ng/syslog-ng.txt.
#
# NOTE: The SuSEconfig script and its syslog-ng.conf.in
# configuration template aren't used any more.
#
# Feel free to edit this file directly.
#
#
# Global options.
#
options { chain_hostnames(off); flush_lines(0); perm(0640); stats_freq(3600); threaded(yes); };
#
# 'src' is our main source definition. you can add
# more sources driver definitions to it, or define
# your own sources, i.e.:
#
#source my_src { .... };
#
source src {
#
# include internal syslog-ng messages
# note: the internal() soure is required!
#
internal();
#
# read kernel messages directly (12.x) or
# does klogd forward them via /dev/log?
#
file ("/proc/kmsg" program_override("kernel"));
#
# the default log socket for local logging:
#
unix-dgram("/dev/log");
#
# uncomment to process log messages from network:
#
#udp(ip("0.0.0.0") port(514));
};
include "/var/run/syslog-ng/additional-log-sockets.conf";
#
# Filter definitions
#
filter f_iptables { facility(kern) and message("IN=") and message("OUT="); };
filter f_console { level(warn) and facility(kern) and not filter(f_iptables)
or level(err) and not facility(authpriv); };
filter f_newsnotice { level(notice) and facility(news); };
filter f_newscrit { level(crit) and facility(news); };
filter f_newserr { level(err) and facility(news); };
filter f_news { facility(news); };
filter f_mailinfo { level(info) and facility(mail); };
filter f_mailwarn { level(warn) and facility(mail); };
filter f_mailerr { level(err, crit) and facility(mail); };
filter f_mail { facility(mail); };
filter f_cron { facility(cron); };
filter f_local { facility(local0, local1, local2, local3,
local4, local5, local6, local7); };
#
# acpid messages
#
filter f_acpid_full { message('^acpid:'); };
filter f_acpid { level(emerg..notice) and message('^acpid:'); };
# this is for the old acpid < 1.0.6
filter f_acpid_old { message('^\[acpid\]:'); };
filter f_netmgm { message('^NetworkManager:'); };
filter f_messages { not facility(news, mail) and not filter(f_iptables); };
filter f_warn { level(warn, err, crit) and not filter(f_iptables); };
filter f_alert { level(alert); };
#
# Enable this and adopt IP to send log messages to a log server.
#
#destination logserver { udp("10.10.10.10" port(514)); };
#log { source(src); destination(logserver); };
#
# Enable this, if you want to keep all messages in one file:
# (don't forget to provide logrotation config)
#
#destination allmessages { file("/var/log/allmessages"); };
#log { source(src); destination(allmessages); };
#
# Most warning and errors on tty10 and on the xconsole pipe:
#
destination console { file("/dev/tty10" suppress(30) owner(-1) group(-1) perm(-1)); };
log { source(src); source(chroots); filter(f_console); destination(console); };
destination xconsole { pipe("/dev/xconsole" suppress(30) owner(-1) group(-1) perm(-1)); };
log { source(src); source(chroots); filter(f_console); destination(xconsole); };
# Enable this, if you want that root is informed immediately,
# e.g. of logins:
#
#destination root { usertty("root"); };
#log { source(src); source(chroots); filter(f_alert); destination(root); };
#
# News-messages in separate files:
#
destination newscrit { file("/var/log/news/news.crit"
suppress(30) owner(news) group(news)); };
log { source(src); source(chroots); filter(f_newscrit); destination(newscrit); };
destination newserr { file("/var/log/news/news.err"
suppress(30) owner(news) group(news)); };
log { source(src); source(chroots); filter(f_newserr); destination(newserr); };
destination newsnotice { file("/var/log/news/news.notice"
suppress(30) owner(news) group(news)); };
log { source(src); source(chroots); filter(f_newsnotice); destination(newsnotice); };
#
# and optionally also all in one file:
# (don't forget to provide logrotation config)
#
#destination news { file("/var/log/news.all"); };
#log { source(src); source(chroots); filter(f_news); destination(news); };
#
# Mail-messages in separate files:
#
destination mailinfo { file("/var/log/mail.info" suppress(30)); };
log { source(src); source(chroots); filter(f_mailinfo); destination(mailinfo); };
destination mailwarn { file("/var/log/mail.warn" suppress(30)); };
log { source(src); source(chroots); filter(f_mailwarn); destination(mailwarn); };
destination mailerr { file("/var/log/mail.err" suppress(30) fsync(yes)); };
log { source(src); source(chroots); filter(f_mailerr); destination(mailerr); };
#
# and also all in one file:
#
destination mail { file("/var/log/mail" suppress(30)); };
log { source(src); source(chroots); filter(f_mail); destination(mail); };
#
# acpid messages in one file:
#
destination acpid { file("/var/log/acpid" suppress(30)); };
destination devnull { };
log { source(src); source(chroots); filter(f_acpid); destination(acpid); flags(final); };
#
# if you want more verbose acpid logging, comment the destination(null)
# line and uncomment the destination(acpid) line
#
log { source(src); source(chroots); filter(f_acpid_full); destination(devnull); flags(final); };
# log { source(src); source(chroots); filter(f_acpid_full); destination(acpid); flags(final); };
#
# old acpid < 1.0.6
log { source(src); source(chroots); filter(f_acpid_old); destination(acpid); flags(final); };
#
# NetworkManager messages in one file:
#
destination netmgm { file("/var/log/NetworkManager" suppress(30)); };
log { source(src); source(chroots); filter(f_netmgm); destination(netmgm); flags(final); };
#
# Cron-messages in one file:
# (don't forget to provide logrotation config)
#
#destination cron { file("/var/log/cron" suppress(30)); };
#log { source(src); source(chroots); filter(f_cron); destination(cron); };
#
# Some boot scripts use/require local[1-7]:
#
destination localmessages { file("/var/log/localmessages" suppress(30)); };
log { source(src); source(chroots); filter(f_local); destination(localmessages); };
#
# All messages except iptables and the facilities news and mail:
#
destination messages { file("/var/log/messages" suppress(30) owner(-1) group(-1) perm(-1)); };
log { source(src); source(chroots); filter(f_messages); destination(messages); };
#
# Firewall (iptables) messages in one file:
#
destination firewall { file("/var/log/firewall" suppress(30)); };
log { source(src); source(chroots); filter(f_iptables); destination(firewall); };
#
# Warnings (except iptables) in one file:
#
destination warn { file("/var/log/warn" suppress(30) fsync(yes)); };
log { source(src); source(chroots); filter(f_warn); destination(warn); };
++++++ syslog-ng.rc-script ++++++
#! /bin/sh
# Copyright (c) 1995-2006 SUSE LINUX Products GmbH
#
# Author:
# Marius Tomaschewski
#
# Sample init script to start an additional syslog-ng daemon.
#
# Should be installed as e.g. /etc/init.d/syslog-ng-user for
# a configuration file /etc/syslog-ng/syslog-ng-user.conf,
# where the 'user' suffix is configureable.
#
### BEGIN INIT INFO
# Provides: syslog-ng-user
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Description: Start additional system logging daemon
### END INIT INFO
#
# ==>> YOU MAY ADOPT the $syslog_ng_name <<==
# ==>> bellow AND above Provides variable!! <<==
#
if test "$0" != "${0//*syslog-ng-/}" ; then
# use suffix we've found in script name
syslog_ng_name="syslog-ng-${0//*syslog-ng-/}"
else
syslog_ng_name="syslog-ng-user"
fi
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
# check binary and config
syslogng=/sbin/syslog-ng
configng=/etc/syslog-ng/${syslog_ng_name}.conf
pid_file=/var/run/${syslog_ng_name}.pid
test -x "$syslogng" || {
echo "$syslogng not installed"
test "$1" == "stop" && exit 0 || exit 5
}
test -f "$configng" || {
echo "$configng not avaliable"
test "$1" == "stop" && exit 0 || exit 6
}
# SuSE LSB status shell functions from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
# rc_active <name> check if service <name> is ative
#
. /etc/rc.status || exit 1
# reset status of this service
rc_reset
case "$1" in
start)
if test -s $pid_file ; then
killproc -p $pid_file $syslogng 2> /dev/null
echo -n "Re-"
fi
echo -n "Starting ${syslog_ng_name} service"
startproc -p $pid_file $syslogng -p $pid_file $SYSLOG_NG_PARAMS
rc_status -v
;;
stop)
echo -n "Shutting down ${syslog_ng_name} service"
killproc -p $pid_file -TERM $syslogng 2>/dev/null
rc_status -v
;;
try-restart|condrestart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
$0 status >/dev/null
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
rc_status
;;
force-reload|reload)
## Signal the daemon to reload its config.
echo -n "Reload ${syslog_ng_name} service"
killproc -p $pid_file -HUP $syslogng
rc_status -v
;;
status)
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0. checkproc
## returns LSB compliant status values:
## 0 - service running
## 1 - service dead, but /var/run/ pid file exists
## 2 - service dead, but /var/lock/ lock file exists
## 3 - service not running
echo -n "Checking for ${syslog_ng_name} service: "
checkproc -p $pid_file $syslogng
rc_status -v
;;
probe)
## Optional: Probe for the necessity of a reload,
## give out the argument which is required for a reload.
test $configng -nt $pid_file && echo reload
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload|probe}"
exit 1
;;
esac
rc_exit
++++++ syslog-ng.sysconfig ++++++
## Type: string
## Default: ""
## Config: ""
## ServiceRestart: syslog
#
# Parameters for Syslog New-Generation - see syslog-ng(8)
#
SYSLOG_NG_PARAMS=""
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org