commit syslog-ng.1232 for openSUSE:12.2:Update

Hello community, here is the log from the commit of package syslog-ng.1232 for openSUSE:12.2:Update checked in at 2013-01-21 15:36:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/syslog-ng.1232 (Old) and /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "syslog-ng.1232", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-01-09 19:40:42.352580873 +0100 +++ /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new/syslog-ng.changes 2013-01-21 15:36:30.000000000 +0100 @@ -0,0 +1,940 @@ +------------------------------------------------------------------- +Thu Jan 10 12:47:56 UTC 2013 - mt@suse.com + +- Check the existence of /etc/init.d/syslog script before calling + the restart_on_update and stop_on_removal macros to avoid errors + on update, reset the SYSLOG_DAEMON variable on removal only. + Since openSUSE 12.3, the syslog init script is not shipped any + more (bnc#790298,bnc#750478). + +------------------------------------------------------------------- +Tue Apr 17 08:30:01 CEST 2012 - czanik@balabit.hu + +- update to syslog-ng 3.3.5 which fixes even more memleaks +- resolves bnc#757680 + +------------------------------------------------------------------- +Thu Feb 23 16:21:05 UTC 2012 - mt@suse.com + +- Detect if we have to use the new /run/systemd/journal/syslog + socket under newer systemd versions, instead of the default + _PATH_LOG (/dev/log) socket. Avoids update problems and the + need to adopt config before using init=... boot parameter + (bnc#747871). + +------------------------------------------------------------------- +Fri Jan 27 12:45:30 CET 2012 - czanik@balabit.hu + +- more changelog, as requested by saschpe + v3.3.1 was the initial syslog-ng 3.3 release + fixes and changes, taken from the syslog-ng NEWS file + +- Fixes: + +* Fixed set() and subst() rewrite operations to work properly on the + value() parameter specified in the configuration even if they are + referenced at multiple spots in the configuration file. Earlier + the 2nd and subsequent invocation of the rewrite rule changed + $MESSAGE. +* Fixed csv-parser() to work even if it is invoked at multiple spots + in the configuration file. Earlier, the 2nd and subsequent + references of the parser rule forgot the list of column names and + the input template. +* Fixed the processing of condition() parameter in rewrite rules, + which was broken if it contained a filter() function call. +* Fixed program() destination to properly kill the child process on + reload and shutdown. +* Fixed a potential division by zero error which could happen for + large data rates due to a race in an unlocked region. +* Fixed an assertion failure in mongodb destination that happened + due to a race condition at high data rates. +* Fixed an fd leak in the control socket code, that caused the + control connection file descriptors to be leaked. +* Fixed a crash problem in the tcp() destination, that occurred at + or after a reload happens. +* Fixed a segmentation fault on reload when using the same rewrite + rule from multiple log paths. +* Fixed a segmentation fault when processing a reload request in + case an existing tcp() source is removed from the config and there + are open connections. +* Fixed a possible segmentation fault in the scalable queue + implementation, which happens in case a destination is slower to + process messages than syslog-ng would like to send them. +* Fixed a possible file() destination issue that could cause + syslog-ng to omit data or to write garbage to the log file in case + the kernel reports that only a smaller portion of the actual write + request could be accomplished. +* Fixed an "internal error duplicate config element" error during + reload due to an invalid bugfix applied for 3.3.1. Older beta + versions of 3.3 were not affected. +* Fixed a memory leak that causes macro based file destinations to + leak their queue when destination files are closed due to + time-reap(). +* Fixed the handling of the condition() option for rewrite rules. +* Fixed a race condition in value-pairs support, potentially causing + heap corruption problems when $(format-json) is used in threaded + mode. +* Fixed a memory leak in value-pairs template function argument + parsing, fixing a leak if $(format-json) is used. +* Repeated definitions of source, destination, filter, rewrite, + parser and block elements are not allowed by default anymore. + These are reported as configuration errors unless + @define allow-config-dups 1 + is specified in the configuration file. +* Fixed pdbtool error reporting in "pdbtool test" to make it easier + to understand what went wrong. +* Added an SQL connection health check in case an INSERT failed. + This way syslog-ng handles SQL server timeouts better. +* Fixed support for systemd socket activation. Previously such + sockets were not set to non-blocking mode, causing syslog-ng to + hang. +* Fixed the filter() function in the filter expression to work also + when used as a part of an AND or OR construct. +* Allow the sql() destination to operate even without an indexes() + option. That parameter was meant to be optional, but it wasn't. +* Fixed compilation issues if no OpenSSL is present. +* Fixed a minor memory leak in the usertty() driver that can increase + memory usage on every reload. (The username() parameter wasn't + properly freed on reload). +* Fixed a minor memory leak in the sql() driver that can increase + the memory usage on every reload (indexes() parameter wasn't + properly freed on reload). + +- Changes +* db-parser() automatically sets a tag named '.classifier.unknown' + if the message doesn't match. +* The use of actions in db-parser() for messages without a + correllation context was inconsistently indexing messages. For + actions in rules that had correllation @0 was the new message + being generated, and @1 was the message that triggered the rule. + Without correllation @0 was used for the triggering message, which + is greatly inconsistent and unintuitive. This was fixed by + changing the behaviour for rules without correllation, now both + correllation and non-correllation rules use @0 for the new + message, and @1 for the triggering message. This is an + incompatible change in the db-parser() format. +* The value of the $TAGS macro is added to pdbtool match output. +* unix-dgram() and unix-stream() error logging on systemd failures + became more detailed for easier troubleshooting. + +------------------------------------------------------------------- +Thu Jan 26 21:47:32 CET 2012 - czanik@balabit.hu + +- fix systemd support for openSUSE > 12.1 + +------------------------------------------------------------------- +Fri Jan 20 09:03:53 CET 2012 - czanik@balabit.hu + +- update to 3.3.4 + +------------------------------------------------------------------- +Wed Jan 11 15:41:57 CET 2012 - czanik@balabit.hu + +- update to the latest 3.3-git + +------------------------------------------------------------------- +Tue Jan 3 16:13:47 CET 2012 - czanik@balabit.hu + +- update to 3.3.3 +- remove filter patch +- fix afsql related warning + +------------------------------------------------------------------- +Tue Dec 20 21:01:45 UTC 2011 - coolo@suse.com + +- remove call to suse_update_config (very old work around) + +------------------------------------------------------------------- +Tue Oct 25 11:22:09 CEST 2011 - czanik@balabit.hu + +- add patch for filters bug + https://bugzilla.balabit.com/show_bug.cgi?id=140 + so firewall logs are correctly filtered + +------------------------------------------------------------------- +Mon Oct 3 12:52:16 CEST 2011 - czanik@balabit.hu + +- update to 3.3.1 (3.3 final) which fixes some more minor + problems and updates NEWS + +------------------------------------------------------------------- +Thu Sep 29 08:41:31 CEST 2011 - czanik@balabit.hu + +- updated to latest git, which made time patch redundant + and also fixes for mongodb, memory leaks, etc. +- fix 11.3 packaging +- enable json support also for 11.4 + +------------------------------------------------------------------- +Fri Sep 23 17:29:15 CEST 2011 - czanik@balabit.hu + +- updated to latest git snapshot including fix for bnc#719102 +- enabled capabilities support >11.4 only +- moved libafmongodb to /usr +- added fix for compiledate +- changed time patch to configure option + (which does not work yet...) +- removed patches previously picked from git + +------------------------------------------------------------------- +Mon Sep 5 11:43:10 CEST 2011 - czanik@balabit.hu + +- fix for an ugly BSD date problem: when using original dates + in September - December, all turn up as from December + patch to be removed on next release + +------------------------------------------------------------------- +Wed Aug 24 08:41:22 UTC 2011 - mt@suse.de + +- Adopted to require new syslog-service package on 12.x, that + provides the /etc/init.d/syslog LSB init script and systemd + syslog.service service file. Removed syslog-ng.service file + installation from spec file. (fate#311316). + +------------------------------------------------------------------- +Thu Aug 18 15:58:26 CEST 2011 - czanik@balabit.hu + +- updated to syslog-ng-3.3.0beta2, a new major release with many ++++ 743 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.syslog-ng.1232.new/syslog-ng.changes New: ---- syslog-ng-3.3.5-less-static.diff syslog-ng-3.3.5-sd-sock-name.patch syslog-ng.changes syslog-ng.conf.default syslog-ng.rc-script syslog-ng.spec syslog-ng.sysconfig syslog-ng_3.3.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ syslog-ng.spec ++++++ # # spec file for package syslog-ng # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: syslog-ng %define with_sql %suse_version > 1130 %define with_systemd %suse_version > 1130 %define with_syslogservice %suse_version > 1140 %define with_json %suse_version > 1130 Version: 3.3.5 Release: 0 Summary: The new-generation syslog-daemon License: GPL-2.0 Group: System/Daemons Url: http://www.balabit.com/products/syslog_ng/ %if 0%{?with_syslogservice} Requires(pre): %insserv_prereq %fillup_prereq syslog-service %else Requires(pre): %insserv_prereq %fillup_prereq /sbin/klogd /etc/init.d/syslog %endif Provides: syslog #Source0: http://www.balabit.com/downloads/files/syslog-ng/sources/%%{version}/source/syslog-ng_%%{version}.tar.gz Source0: syslog-ng_%{version}.tar.gz Source1: syslog-ng.rc-script Source2: syslog-ng.sysconfig Source3: syslog-ng.conf.default Patch0: syslog-ng-%{version}-less-static.diff Patch1: syslog-ng-%{version}-sd-sock-name.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison BuildRequires: flex BuildRequires: gcc-c++ BuildRequires: glib2-devel BuildRequires: pkgconfig BuildRequires: python BuildRequires: tcpd-devel %if %suse_version > 1140 BuildRequires: libcap-devel %endif %if 0%{?with_syslogservice} BuildRequires: syslog-service %else BuildRequires: klogd %endif %if %suse_version > 1130 BuildRequires: libnet-devel %else BuildRequires: libnet %endif %if 0%{?with_systemd} # The systemd package provides # /usr/share/doc/packages/systemd/sd-daemon.[ch] # (http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.[ch]) # files we need for socket activation, see bnc#656259. # # Note: On 11.4 we do not ship any systemd service file. # On 12.x, the syslog.service file is provided by # the syslog-service package. # On 12.1+ uses -lsystemd-daemon instead of copying BuildRequires: systemd %endif %if 0%{?with_sql} BuildRequires: libdbi-devel %endif %if 0%{?with_json} BuildRequires: json-glib-devel %endif BuildRequires: libevtlog-devel BuildRequires: libopenssl-devel BuildRequires: pcre-devel # only while preparing dist from git # BuildRequires: git %description syslog-ng is a "new-generation" syslogd (replacement) for Unix and Unix-like systems. It tries to fill the gaps in the original syslogd: * powerful configurability * filtering based on message content * portability * better network forwarding The official home page of syslog-ng is: http://www.balabit.com/network-security/syslog-ng/ Authors: -------- Balázs Scheidler BalaBit IT Ltd. %if 0%{?with_sql} %package sql Summary: SQL support using DBI Group: System/Daemons Requires: %{name} = %{version} %description sql This package provides the libafsql module providing support for logging into a SQL database using DBI. To enable it, comment out the library in %_sysconfdir/syslog-ng/scl/modules.conf Authors: -------- Balázs Scheidler BalaBit IT Ltd. %endif %if 0%{?with_json} %package json Summary: JSON output support Group: System/Daemons Requires: %{name} = %{version} %description json This package provides the tfjson module providing support for logging in JSON format. To enable it, comment out the library in %_sysconfdir/syslog-ng/scl/modules.conf Authors: -------- Balázs Scheidler BalaBit IT Ltd. %endif %prep %setup -q -n syslog-ng-%{version} %if 0%{suse_version} <= 1130 %patch0 -p0 %endif %patch1 -p1 cp -a $RPM_SOURCE_DIR/syslog-ng.rc-script . cp -a $RPM_SOURCE_DIR/syslog-ng.conf.default . %ifarch s390 s390x sed -i -e 's/tty10/console/g' syslog-ng.conf.default %endif %if 0%{?with_syslogservice} %else sed -i -e 's/\([ \t]*\)\(file.*kmsg.*\)/\1#\2/g' syslog-ng.conf.default %endif %if 0%{?with_systemd} %if 0%{suse_version} <= 1210 cp -a /usr/share/doc/packages/systemd/sd-daemon.[ch] modules/afsocket/ %endif %endif %build ## ## build #################################################### ## export CFLAGS="$RPM_OPT_FLAGS" # export SUSE_ASNEEDED=0 # # - update configure scripts & tools: # #aclocal --force #libtoolize -f #automake --foreign --add-missing --copy --force-missing #autoheader # # autoreconf -fiv # # - configure syslog-ng using static eventlog library (default) # %configure \ --bindir=/usr/bin \ --sbindir=/sbin \ --enable-ipv6 \ --enable-tcp-wrapper \ --enable-spoof-source \ --with-pidfile-dir=/var/run \ --sysconfdir=/etc/syslog-ng \ --localstatedir=/var/lib/syslog-ng \ --with-module-dir="/%_lib/syslog-ng" \ --with-module-path="/%_lib/syslog-ng:/usr/%_lib/syslog-ng" \ --with-default-modules="affile,afprog,afsocket,afuser,basicfuncs,csvparser,dbparser,syslogformat" \ --datadir=/usr/share/syslog-ng \ --prefix=/ \ --exec-prefix=/ \ --without-compile-date \ %if 0%{suse_version} < 1130 --disable-ssl \ --disable-pcre \ %else --enable-ssl \ --enable-pcre \ %endif %if 0%{?with_systemd} --enable-systemd \ %endif %if 0%{?with_sql} --enable-sql \ %endif %if 0%{?with_json} --enable-json \ %endif %if %suse_version > 1140 --enable-capabilities \ %endif %if 0%{suse_version} > 1130 --enable-dynamic-linking %else --enable-mixed-linking %endif # # - build syslog-ng # make %_smp_mflags %check ## ## check #################################################### ## #make check %install ## ## install ################################################## ## export RPM_BUILD_ROOT for dir in sbin/conf.d \ etc/syslog-ng \ var/lib/syslog-ng \ var/adm/fillup-templates ; do test -d $RPM_BUILD_ROOT/$dir || \ install -d -m755 $RPM_BUILD_ROOT/$dir done # install -m644 syslog-ng.conf.default \ $RPM_BUILD_ROOT/etc/syslog-ng/syslog-ng.conf install -m644 $RPM_SOURCE_DIR/syslog-ng.sysconfig \ $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.syslog-ng # make DESTDIR=${RPM_BUILD_ROOT} install # #tar -C doc/reference -xf doc/reference/syslog-ng.html.tar.gz #mv doc/reference/syslog-ng.html doc/reference/html #mv doc/reference/html/index.html doc/reference/syslog-ng.html mkdir %{buildroot}/usr/sbin/ %{__mv} -v %{buildroot}/sbin/syslog-ng-ctl %{buildroot}/usr/sbin/ mkdir -p %{buildroot}/var/run/syslog-ng/ # don't package update-patterndb now rm %{buildroot}/usr/bin/update-patterndb # move libsyslogng by hand, until a fix is found mkdir -p %{buildroot}/%_lib %{__mv} -v %{buildroot}/usr/%_lib/* %{buildroot}/%_lib mkdir -p %{buildroot}/usr/%_lib/syslog-ng %if 0%{?with_sql} # move libafsql to /usr, as it has dependencies there mv %{buildroot}/%_lib/syslog-ng/libafsql.so %{buildroot}/usr/%_lib/syslog-ng %endif # move libtfjson to /usr, as it has dependencies there %if 0%{?with_json} mv %{buildroot}/%_lib/syslog-ng/libtfjson.so %{buildroot}/usr/%_lib/syslog-ng %endif # move libafmongodb to /usr, as it has dependencies there (on <11.4) mv %{buildroot}/%_lib/syslog-ng/libafmongodb.so %{buildroot}/usr/%_lib/syslog-ng # remove devel files rm %{buildroot}/%_lib/syslog-ng/*.la rm %{buildroot}/%_lib/*.la rm %{buildroot}/%_lib/pkgconfig/syslog-ng.pc rm -fr %{buildroot}/usr/include/syslog-ng rm -fr %{buildroot}/usr/share/syslog-ng/tools # keep only libafsocket-tsl.so rm %{buildroot}/%_lib/syslog-ng/libafsocket.so rm %{buildroot}/%_lib/syslog-ng/libafsocket-notls.so mv %{buildroot}/%_lib/syslog-ng/libafsocket-tls.so %{buildroot}/%_lib/syslog-ng/libafsocket.so %clean ## ## clean build root ######################################### ## rm -rf $RPM_BUILD_ROOT %post ## ## post install ############################################# ## # # remove old SYSLOG_NG_* variables from etc/sysconfig/syslog-ng # and the file itself as well. # this may cause, that syslog-ng will be disabled, but because # it is IMHO not possible to check if the syslog-ng init script # was active _and_ SYSLOG_NG_REPLACE was "yes" _before_ the old # syslog-ng package was uninstalled... it's IMHO acceptable. # %{remove_and_set -n syslog-ng SYSLOG_NG_REPLACE SYSLOG_NG_PARAMS} if [ -f etc/sysconfig/syslog-ng ] ; then # be sure it' away now :-) rm -f etc/sysconfig/syslog-ng fi # # add syslog variables provided by klogd if needed # %{remove_and_set -n syslog SYSLOG_NG_CREATE_CONFIG} if test "$SYSLOG_NG_CREATE_CONFIG" == "yes" ; then cat <$additional_sockets <

From da1d7a240090021188db1bb818159ca1999d54e0 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Thu, 23 Feb 2012 17:08:55 +0100 Subject: [PATCH] Detect if to use /run/systemd/journal/syslog under systemd

Detect if we have to use the new /run/systemd/journal/syslog socket under newer systemd versions, instead of the default _PATH_LOG (/dev/log) socket. Signed-off-by: Marius Tomaschewski --- modules/afsocket/afunix.c | 29 +++++++++++++++++++++++++++++ 1 files changed, 29 insertions(+), 0 deletions(-) diff --git a/modules/afsocket/afunix.c b/modules/afsocket/afunix.c index 8145f1a..5fe600a 100644 --- a/modules/afsocket/afunix.c +++ b/modules/afsocket/afunix.c @@ -34,12 +34,25 @@ #include #include +#include #include #include #include #include #include +#if ENABLE_SYSTEMD +/* + * default log socket name is usually defined + * as _PATH_LOG in the sys/socket.h (/dev/log + * on linux or /var/run/log on bsd), but under + * systemd, we have to use a different one... + */ +#ifndef SYSTEMD_PATH_LOG +#define SYSTEMD_PATH_LOG "/run/systemd/journal/syslog" +#endif +#endif + void afunix_sd_set_uid(LogDriver *s, gchar *owner) { @@ -228,6 +241,22 @@ afunix_sd_new(gchar *filename, guint32 flags) else if (self->super.flags & AFSOCKET_STREAM) afsocket_sd_set_transport(&self->super.super.super, "unix-stream"); +#if defined(_PATH_LOG) && ENABLE_SYSTEMD + /* + * systemd >= 38 wants we use /run/systemd/journal/syslog, + * instead of /dev/log, so use it when the socket exists... + */ + if(sd_booted() && strcmp(filename, _PATH_LOG) == 0) { + struct stat st; + if(stat(SYSTEMD_PATH_LOG, &st) != -1 && S_ISSOCK(st.st_mode)) { + msg_debug("Systemd socket name override", + evt_tag_str("log-socket-old", filename), + evt_tag_str("log-socket-new", SYSTEMD_PATH_LOG), + NULL); + filename = SYSTEMD_PATH_LOG; + } + } +#endif self->filename = g_strdup(filename); self->owner = -1; self->group = -1; -- 1.7.7 ++++++ syslog-ng.conf.default ++++++ @version:3.3 @include "scl.conf" # # /etc/syslog-ng/syslog-ng.conf # # File format description can be found in syslog-ng.conf(5) # and in /usr/share/doc/packages/syslog-ng/syslog-ng.txt. # # NOTE: The SuSEconfig script and its syslog-ng.conf.in # configuration template aren't used any more. # # Feel free to edit this file directly. # # # Global options. # options { chain_hostnames(off); flush_lines(0); perm(0640); stats_freq(3600); threaded(yes); }; # # 'src' is our main source definition. you can add # more sources driver definitions to it, or define # your own sources, i.e.: # #source my_src { .... }; # source src { # # include internal syslog-ng messages # note: the internal() soure is required! # internal(); # # read kernel messages directly (12.x) or # does klogd forward them via /dev/log? # file ("/proc/kmsg" program_override("kernel")); # # the default log socket for local logging: # unix-dgram("/dev/log"); # # uncomment to process log messages from network: # #udp(ip("0.0.0.0") port(514)); }; include "/var/run/syslog-ng/additional-log-sockets.conf"; # # Filter definitions # filter f_iptables { facility(kern) and message("IN=") and message("OUT="); }; filter f_console { level(warn) and facility(kern) and not filter(f_iptables) or level(err) and not facility(authpriv); }; filter f_newsnotice { level(notice) and facility(news); }; filter f_newscrit { level(crit) and facility(news); }; filter f_newserr { level(err) and facility(news); }; filter f_news { facility(news); }; filter f_mailinfo { level(info) and facility(mail); }; filter f_mailwarn { level(warn) and facility(mail); }; filter f_mailerr { level(err, crit) and facility(mail); }; filter f_mail { facility(mail); }; filter f_cron { facility(cron); }; filter f_local { facility(local0, local1, local2, local3, local4, local5, local6, local7); }; # # acpid messages # filter f_acpid_full { message('^acpid:'); }; filter f_acpid { level(emerg..notice) and message('^acpid:'); }; # this is for the old acpid < 1.0.6 filter f_acpid_old { message('^\[acpid\]:'); }; filter f_netmgm { message('^NetworkManager:'); }; filter f_messages { not facility(news, mail) and not filter(f_iptables); }; filter f_warn { level(warn, err, crit) and not filter(f_iptables); }; filter f_alert { level(alert); }; # # Enable this and adopt IP to send log messages to a log server. # #destination logserver { udp("10.10.10.10" port(514)); }; #log { source(src); destination(logserver); }; # # Enable this, if you want to keep all messages in one file: # (don't forget to provide logrotation config) # #destination allmessages { file("/var/log/allmessages"); }; #log { source(src); destination(allmessages); }; # # Most warning and errors on tty10 and on the xconsole pipe: # destination console { file("/dev/tty10" suppress(30) owner(-1) group(-1) perm(-1)); }; log { source(src); source(chroots); filter(f_console); destination(console); }; destination xconsole { pipe("/dev/xconsole" suppress(30) owner(-1) group(-1) perm(-1)); }; log { source(src); source(chroots); filter(f_console); destination(xconsole); }; # Enable this, if you want that root is informed immediately, # e.g. of logins: # #destination root { usertty("root"); }; #log { source(src); source(chroots); filter(f_alert); destination(root); }; # # News-messages in separate files: # destination newscrit { file("/var/log/news/news.crit" suppress(30) owner(news) group(news)); }; log { source(src); source(chroots); filter(f_newscrit); destination(newscrit); }; destination newserr { file("/var/log/news/news.err" suppress(30) owner(news) group(news)); }; log { source(src); source(chroots); filter(f_newserr); destination(newserr); }; destination newsnotice { file("/var/log/news/news.notice" suppress(30) owner(news) group(news)); }; log { source(src); source(chroots); filter(f_newsnotice); destination(newsnotice); }; # # and optionally also all in one file: # (don't forget to provide logrotation config) # #destination news { file("/var/log/news.all"); }; #log { source(src); source(chroots); filter(f_news); destination(news); }; # # Mail-messages in separate files: # destination mailinfo { file("/var/log/mail.info" suppress(30)); }; log { source(src); source(chroots); filter(f_mailinfo); destination(mailinfo); }; destination mailwarn { file("/var/log/mail.warn" suppress(30)); }; log { source(src); source(chroots); filter(f_mailwarn); destination(mailwarn); }; destination mailerr { file("/var/log/mail.err" suppress(30) fsync(yes)); }; log { source(src); source(chroots); filter(f_mailerr); destination(mailerr); }; # # and also all in one file: # destination mail { file("/var/log/mail" suppress(30)); }; log { source(src); source(chroots); filter(f_mail); destination(mail); }; # # acpid messages in one file: # destination acpid { file("/var/log/acpid" suppress(30)); }; destination devnull { }; log { source(src); source(chroots); filter(f_acpid); destination(acpid); flags(final); }; # # if you want more verbose acpid logging, comment the destination(null) # line and uncomment the destination(acpid) line # log { source(src); source(chroots); filter(f_acpid_full); destination(devnull); flags(final); }; # log { source(src); source(chroots); filter(f_acpid_full); destination(acpid); flags(final); }; # # old acpid < 1.0.6 log { source(src); source(chroots); filter(f_acpid_old); destination(acpid); flags(final); }; # # NetworkManager messages in one file: # destination netmgm { file("/var/log/NetworkManager" suppress(30)); }; log { source(src); source(chroots); filter(f_netmgm); destination(netmgm); flags(final); }; # # Cron-messages in one file: # (don't forget to provide logrotation config) # #destination cron { file("/var/log/cron" suppress(30)); }; #log { source(src); source(chroots); filter(f_cron); destination(cron); }; # # Some boot scripts use/require local[1-7]: # destination localmessages { file("/var/log/localmessages" suppress(30)); }; log { source(src); source(chroots); filter(f_local); destination(localmessages); }; # # All messages except iptables and the facilities news and mail: # destination messages { file("/var/log/messages" suppress(30) owner(-1) group(-1) perm(-1)); }; log { source(src); source(chroots); filter(f_messages); destination(messages); }; # # Firewall (iptables) messages in one file: # destination firewall { file("/var/log/firewall" suppress(30)); }; log { source(src); source(chroots); filter(f_iptables); destination(firewall); }; # # Warnings (except iptables) in one file: # destination warn { file("/var/log/warn" suppress(30) fsync(yes)); }; log { source(src); source(chroots); filter(f_warn); destination(warn); }; ++++++ syslog-ng.rc-script ++++++ #! /bin/sh # Copyright (c) 1995-2006 SUSE LINUX Products GmbH # # Author: # Marius Tomaschewski # # Sample init script to start an additional syslog-ng daemon. # # Should be installed as e.g. /etc/init.d/syslog-ng-user for # a configuration file /etc/syslog-ng/syslog-ng-user.conf, # where the 'user' suffix is configureable. # ### BEGIN INIT INFO # Provides: syslog-ng-user # Required-Start: $network $syslog # Required-Stop: $network $syslog # Default-Start: 2 3 5 # Default-Stop: 0 1 6 # Description: Start additional system logging daemon ### END INIT INFO # # ==>> YOU MAY ADOPT the $syslog_ng_name <<== # ==>> bellow AND above Provides variable!! <<== # if test "$0" != "${0//*syslog-ng-/}" ; then # use suffix we've found in script name syslog_ng_name="syslog-ng-${0//*syslog-ng-/}" else syslog_ng_name="syslog-ng-user" fi # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. # check binary and config syslogng=/sbin/syslog-ng configng=/etc/syslog-ng/${syslog_ng_name}.conf pid_file=/var/run/${syslog_ng_name}.pid test -x "$syslogng" || { echo "$syslogng not installed" test "$1" == "stop" && exit 0 || exit 5 } test -f "$configng" || { echo "$configng not avaliable" test "$1" == "stop" && exit 0 || exit 6 } # SuSE LSB status shell functions from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed <num> set local and overall rc status to <num><num> # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status # rc_active <name> check if service <name> is ative # . /etc/rc.status || exit 1 # reset status of this service rc_reset case "$1" in start) if test -s $pid_file ; then killproc -p $pid_file $syslogng 2> /dev/null echo -n "Re-" fi echo -n "Starting ${syslog_ng_name} service" startproc -p $pid_file $syslogng -p $pid_file $SYSLOG_NG_PARAMS rc_status -v ;; stop) echo -n "Shutting down ${syslog_ng_name} service" killproc -p $pid_file -TERM $syslogng 2>/dev/null rc_status -v ;; try-restart|condrestart) ## Stop the service and if this succeeds (i.e. the ## service was running before), start it again. $0 status >/dev/null if test $? = 0; then $0 restart else rc_reset # Not running is not a failure. fi rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start rc_status ;; force-reload|reload) ## Signal the daemon to reload its config. echo -n "Reload ${syslog_ng_name} service" killproc -p $pid_file -HUP $syslogng rc_status -v ;; status) ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. checkproc ## returns LSB compliant status values: ## 0 - service running ## 1 - service dead, but /var/run/ pid file exists ## 2 - service dead, but /var/lock/ lock file exists ## 3 - service not running echo -n "Checking for ${syslog_ng_name} service: " checkproc -p $pid_file $syslogng rc_status -v ;; probe) ## Optional: Probe for the necessity of a reload, ## give out the argument which is required for a reload. test $configng -nt $pid_file && echo reload ;; *) echo "Usage: $0 {start|stop|status|restart|reload|probe}" exit 1 ;; esac rc_exit ++++++ syslog-ng.sysconfig ++++++ ## Type: string ## Default: "" ## Config: "" ## ServiceRestart: syslog # # Parameters for Syslog New-Generation - see syslog-ng(8) # SYSLOG_NG_PARAMS="" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org