Hello,
Syslog-ng 3.2 beta1 was released over the weekend. It has many interesting new features:
- modularized, so /usr is no more a problem - patternize - automatic pattern generation from logs - correlation - for more info see blogs - SCL - a config library to ease configuration generation
For a complete list of changes, see the lead developers blog: http://bazsi.blogs.balabit.com/2010/10/syslog-ng-ose-3-2beta1-released/ The final version of 3.2 will be released before openSUSE 11.4 feature freeze, so I'd like to update syslog-ng to 3.2.
Questions / problems:
- it is not yet a final version. Can I push it to factory (once some problems are solved), or I need to wait for the final release coming end of November?
- for database support, libdbi is needed. Currently it is available only in Contrib. Could it be imported to factory so database support could be enabled?
- I get one error and some warning messages regarding libraries. Could someone take a closer look at them and help me out?
- AppArmor: there are some new files and directories, which is an easy fix (see below). The problem is SCL, but also affects syslog-ng.conf, if someone wants to call an external application as log source or destination. I got some advice previously, but that did not help, calling external apps still does not work, only when disabling AppArmor completly. For now I don't use the new features from SCL to avoid this problem, but would be nice, if we could demo some easy steps to modify /etc/apparmor.d/sbin.syslog-ng than saying that if one needs to call external apps, then should disable AppArmor...
A working but not yet perfect version of syslog-ng 3.2 beta1 is available in the oBS: https://build.opensuse.org/package/show?package=syslog-ng32&project=home...
- it has glib fixes for factory (thanks go to cristian.rodriguez@opensuse.org) - ssl is enabled - no database support yet (libdbi is in contrib) - system() from SCL is not yet used due to AppArmor troubles - AppArmor needs some manual editing: --- sbin.syslog-ng.orig 2010-07-05 13:21:25.000000000 +0200 +++ sbin.syslog-ng 2010-09-29 10:09:51.001748203 +0200 @@ -36,9 +36,10 @@ /etc/hosts.deny r, /etc/hosts.allow r, /sbin/syslog-ng mr, + /usr/share/syslog-ng/** r, # chrooted applications @{CHROOT_BASE}/var/lib/*/dev/log w, - @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist rw, + @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist* rw, @{CHROOT_BASE}/var/log/** w, @{CHROOT_BASE}/var/run/syslog-ng.pid krw, @{CHROOT_BASE}/var/run/syslog-ng.ctl rw,
Please give it a try, let me know if you have any problems or fixes (sr :-) )! Bye,