From 55fac53f408e5c4bbde80597cb7c9b220a240c1e Mon Sep 17 00:00:00 2001 From: Michael Lippautz Date: Wed, 20 Apr 2011 15:29:40 +0200 Subject: syslog-ng: Runtime corrections * Ships with a working syslog-ng.conf * Stops any running syslogd upon installation Signed-off-by: Michael Lippautz --- .../recipes-support/syslog-ng/files/syslog-ng.conf | 457 ++++++--------------- meta-oe/recipes-support/syslog-ng/syslog-ng.inc | 3 +- .../recipes-support/syslog-ng/syslog-ng_3.2.2.bb | 2 +- 3 files changed, 140 insertions(+), 322 deletions(-) (limited to 'meta-oe/recipes-support/syslog-ng') diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf index 5dcf065472..e760dfbdc5 100644 --- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf @@ -1,338 +1,155 @@ +@version: 3.2 # -# Configuration file for syslog-ng under Debian -# -# attempts at reproducing default syslog behavior - -# the standard syslog levels are (in descending order of priority): -# emerg alert crit err warning notice info debug -# the aliases "error", "panic", and "warn" are deprecated -# the "none" priority found in the original syslogd configuration is -# only used in internal messages created by syslogd - - -###### -# options - -options { - # disable the chained hostname format in logs - # (default is enabled) - chain_hostnames(0); - - # the time to wait before a died connection is re-established - # (default is 60) - time_reopen(10); - - # the time to wait before an idle destination file is closed - # (default is 60) - time_reap(360); - - # the number of lines buffered before written to file - # you might want to increase this if your disk isn't catching with - # all the log messages you get or if you want less disk activity - # (say on a laptop) - # (default is 0) - #sync(0); - - # the number of lines fitting in the output queue - log_fifo_size(2048); - - # enable or disable directory creation for destination files - create_dirs(yes); +# Syslog-ng configuration file, compatible with default Debian syslogd +# installation. Originally written by anonymous (I can't find his name) +# Revised, and rewrited by me (SZALAY Attila ) - # default owner, group, and permissions for log files - # (defaults are 0, 0, 0600) - #owner(root); - group(adm); - perm(0640); - - # default owner, group, and permissions for created directories - # (defaults are 0, 0, 0700) - #dir_owner(root); - #dir_group(root); - dir_perm(0755); - - # enable or disable DNS usage - # syslog-ng blocks on DNS queries, so enabling DNS may lead to - # a Denial of Service attack - # (default is yes) - use_dns(no); - - # maximum length of message in bytes - # this is only limited by the program listening on the /dev/log Unix - # socket, glibc can handle arbitrary length log messages, but -- for - # example -- syslogd accepts only 1024 bytes - # (default is 2048) - #log_msg_size(2048); +# First, set some global options. +options { long_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); + owner("root"); group("adm"); perm(0640); stats_freq(0); + bad_hostname("^gconfd$"); }; - -###### -# sources - -# all known message sources -source s_all { - # message generated by Syslog-NG - internal(); - # standard Linux log source (this is the default place for the syslog() - # function to send logs to) - unix-stream("/dev/log"); - # messages from the kernel - file("/proc/kmsg" log_prefix("kernel: ")); - # use the following line if you want to receive remote UDP logging messages - # (this is equivalent to the "-r" syslogd flag) - # udp(); +######################## +# Sources +######################## +# This is the default behavior of sysklogd package +# Logs may come from unix stream, but not from another machine. +# +source s_src { unix-dgram("/dev/log"); internal(); + file("/proc/kmsg" program_override("kernel")); }; +# If you wish to get logs from remote machine you should uncomment +# this and comment the above source line. +# +#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); }; -###### -# destinations - -# some standard log files -destination df_auth { file("/var/log/auth.log"); }; -destination df_syslog { file("/var/log/syslog"); }; -destination df_cron { file("/var/log/cron.log"); }; -destination df_daemon { file("/var/log/daemon.log"); }; -destination df_kern { file("/var/log/kern.log"); }; -destination df_lpr { file("/var/log/lpr.log"); }; -destination df_mail { file("/var/log/mail.log"); }; -destination df_user { file("/var/log/user.log"); }; -destination df_uucp { file("/var/log/uucp.log"); }; - -# these files are meant for the mail system log files -# and provide re-usable destinations for {mail,cron,...}.info, -# {mail,cron,...}.notice, etc. -destination df_facility_dot_info { file("/var/log/$FACILITY.info"); }; -destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); }; -destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); }; -destination df_facility_dot_err { file("/var/log/$FACILITY.err"); }; -destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); }; - -# these files are meant for the news system, and are kept separated -# because they should be owned by "news" instead of "root" -destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); }; -destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); }; -destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); }; +######################## +# Destinations +######################## +# First some standard logfile +# +destination d_auth { file("/var/log/auth.log"); }; +destination d_cron { file("/var/log/cron.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kern { file("/var/log/kern.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_syslog { file("/var/log/syslog"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; + +# This files are the log come from the mail subsystem. +# +destination d_mailinfo { file("/var/log/mail/mail.info"); }; +destination d_mailwarn { file("/var/log/mail/mail.warn"); }; +destination d_mailerr { file("/var/log/mail/mail.err"); }; -# some more classical and useful files found in standard syslog configurations -destination df_debug { file("/var/log/debug"); }; -destination df_messages { file("/var/log/messages"); }; +# Logging for INN news system +# +destination d_newscrit { file("/var/log/news/news.crit"); }; +destination d_newserr { file("/var/log/news/news.err"); }; +destination d_newsnotice { file("/var/log/news/news.notice"); }; -# pipes -# a console to view log messages under X -destination dp_xconsole { pipe("/dev/xconsole"); }; +# Some `catch-all' logfiles. +# +destination d_debug { file("/var/log/debug"); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; -# consoles -# this will send messages to everyone logged in -destination du_all { usertty("*"); }; +# The root's console. +# +destination d_console { usertty("root"); }; +# Virtual console. +# +destination d_console_all { file("/dev/tty10"); }; -###### -# filters +# The named pipe /dev/xconsole is for the nsole' utility. To use it, +# you must invoke nsole' with the -file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +destination d_xconsole { pipe("/dev/xconsole"); }; -# all messages from the auth and authpriv facilities -filter f_auth { facility(auth, authpriv); }; +# Send the messages to an other host +# +#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); }; -# all messages except from the auth and authpriv facilities -filter f_syslog { not facility(auth, authpriv); }; +# Debian only +destination d_ppp { file("/var/log/ppp.log"); }; -# respectively: messages from the cron, daemon, kern, lpr, mail, news, user, -# and uucp facilities -filter f_cron { facility(cron); }; -filter f_daemon { facility(daemon); }; -filter f_kern { facility(kern); }; -filter f_lpr { facility(lpr); }; -filter f_mail { facility(mail); }; -filter f_news { facility(news); }; -filter f_user { facility(user); }; -filter f_uucp { facility(uucp); }; +######################## +# Filters +######################## +# Here's come the filter options. With this rules, we can set which +# message go where. -# some filters to select messages of priority greater or equal to info, warn, -# and err -# (equivalents of syslogd's *.info, *.warn, and *.err) -filter f_at_least_info { level(info..emerg); }; -filter f_at_least_notice { level(notice..emerg); }; -filter f_at_least_warn { level(warn..emerg); }; -filter f_at_least_err { level(err..emerg); }; -filter f_at_least_crit { level(crit..emerg); }; +filter f_dbg { level(debug); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; -# all messages of priority debug not coming from the auth, authpriv, news, and -# mail facilities filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; - -# all messages of info, notice, or warn priority not coming form the auth, -# authpriv, cron, daemon, mail, and news facilities -filter f_messages { - level(info,notice,warn) - and not facility(auth,authpriv,cron,daemon,mail,news); -}; - -# messages with priority emerg -filter f_emerg { level(emerg); }; - -# complex filter for messages usually sent to the xconsole -filter f_xconsole { - facility(daemon,mail) - or level(debug,info,notice,warn) - or (facility(news) - and level(crit,err,notice)); -}; - - -###### -# logs -# order matters if you use "flags(final);" to mark the end of processing in a -# "log" statement - -# these rules provide the same behavior as the commented original syslogd rules - -# auth,authpriv.* /var/log/auth.log -log { - source(s_all); - filter(f_auth); - destination(df_auth); -}; - -# *.*;auth,authpriv.none -/var/log/syslog -log { - source(s_all); - filter(f_syslog); - destination(df_syslog); -}; - -# this is commented out in the default syslog.conf -# cron.* /var/log/cron.log -#log { -# source(s_all); -# filter(f_cron); -# destination(df_cron); -#}; - -# daemon.* -/var/log/daemon.log -log { - source(s_all); - filter(f_daemon); - destination(df_daemon); -}; - -# kern.* -/var/log/kern.log -log { - source(s_all); - filter(f_kern); - destination(df_kern); -}; - -# lpr.* -/var/log/lpr.log -log { - source(s_all); - filter(f_lpr); - destination(df_lpr); -}; - -# mail.* -/var/log/mail.log -log { - source(s_all); - filter(f_mail); - destination(df_mail); -}; - -# user.* -/var/log/user.log -log { - source(s_all); - filter(f_user); - destination(df_user); -}; - -# uucp.* /var/log/uucp.log -log { - source(s_all); - filter(f_uucp); - destination(df_uucp); -}; - -# mail.info -/var/log/mail.info -log { - source(s_all); - filter(f_mail); - filter(f_at_least_info); - destination(df_facility_dot_info); -}; - -# mail.warn -/var/log/mail.warn -log { - source(s_all); - filter(f_mail); - filter(f_at_least_warn); - destination(df_facility_dot_warn); -}; - -# mail.err /var/log/mail.err -log { - source(s_all); - filter(f_mail); - filter(f_at_least_err); - destination(df_facility_dot_err); -}; - -# news.crit /var/log/news/news.crit -log { - source(s_all); - filter(f_news); - filter(f_at_least_crit); - destination(df_news_dot_crit); -}; - -# news.err /var/log/news/news.err -log { - source(s_all); - filter(f_news); - filter(f_at_least_err); - destination(df_news_dot_err); -}; - -# news.notice /var/log/news/news.notice -log { - source(s_all); - filter(f_news); - filter(f_at_least_notice); - destination(df_news_dot_notice); -}; - - -# *.=debug;\ -# auth,authpriv.none;\ -# news.none;mail.none -/var/log/debug -log { - source(s_all); - filter(f_debug); - destination(df_debug); -}; - - -# *.=info;*.=notice;*.=warn;\ -# auth,authpriv.none;\ -# cron,daemon.none;\ -# mail,news.none -/var/log/messages -log { - source(s_all); - filter(f_messages); - destination(df_messages); -}; - -# *.emerg * -log { - source(s_all); - filter(f_emerg); - destination(du_all); -}; - - -# daemon.*;mail.*;\ -# news.crit;news.err;news.notice;\ -# *.=debug;*.=info;\ -# *.=notice;*.=warn |/dev/xconsole -log { - source(s_all); - filter(f_xconsole); - destination(dp_xconsole); -}; - +filter f_error { level(err .. emerg) ; }; +filter f_messages { level(info,notice,warn) and + not facility(auth,authpriv,cron,daemon,mail,news); }; + +filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; +filter f_cron { facility(cron) and not filter(f_debug); }; +filter f_daemon { facility(daemon) and not filter(f_debug); }; +filter f_kern { facility(kern) and not filter(f_debug); }; +filter f_lpr { facility(lpr) and not filter(f_debug); }; +filter f_local { facility(local0, local1, local3, local4, local5, + local6, local7) and not filter(f_debug); }; +filter f_mail { facility(mail) and not filter(f_debug); }; +filter f_news { facility(news) and not filter(f_debug); }; +filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; +filter f_user { facility(user) and not filter(f_debug); }; +filter f_uucp { facility(uucp) and not filter(f_debug); }; + +filter f_cnews { level(notice, err, crit) and facility(news); }; +filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; + +filter f_ppp { facility(local2) and not filter(f_debug); }; +filter f_console { level(warn .. emerg); }; + +######################## +# Log paths +######################## +log { source(s_src); filter(f_auth); destination(d_auth); }; +log { source(s_src); filter(f_cron); destination(d_cron); }; +log { source(s_src); filter(f_daemon); destination(d_daemon); }; +log { source(s_src); filter(f_kern); destination(d_kern); }; +log { source(s_src); filter(f_lpr); destination(d_lpr); }; +log { source(s_src); filter(f_syslog3); destination(d_syslog); }; +log { source(s_src); filter(f_user); destination(d_user); }; +log { source(s_src); filter(f_uucp); destination(d_uucp); }; + +log { source(s_src); filter(f_mail); destination(d_mail); }; +#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; +#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; +#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; + +log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; +log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; +log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; +#log { source(s_src); filter(f_cnews); destination(d_console_all); }; +#log { source(s_src); filter(f_cother); destination(d_console_all); }; + +#log { source(s_src); filter(f_ppp); destination(d_ppp); }; + +log { source(s_src); filter(f_debug); destination(d_debug); }; +log { source(s_src); filter(f_error); destination(d_error); }; +log { source(s_src); filter(f_messages); destination(d_messages); }; + +log { source(s_src); filter(f_console); destination(d_console_all); + destination(d_xconsole); }; +log { source(s_src); filter(f_crit); destination(d_console); }; + +# All messages send to a remote site +# +#log { source(s_src); destination(d_net); }; diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng.inc b/meta-oe/recipes-support/syslog-ng/syslog-ng.inc index 38bcfb08ed..c3a36c18f9 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng.inc +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng.inc @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7ec1bcc46f28b11f4722e20d9b7dd4d5" # update-rc.d and update-alternatives is important RDEPENDS_${PN} += " ${@base_conditional("ONLINE_PACKAGE_MANAGEMENT", "none", "", "update-rc.d", d)}" -INC_PR = "r5" +INC_PR = "r6" inherit autotools @@ -41,6 +41,7 @@ do_install_append() { CONFFILES_${PN} = "${sysconfdir}/${PN}.conf" pkg_postinst_${PN} () { + /etc/init.d/syslog stop update-alternatives --install ${sysconfdir}/init.d/syslog syslog-init syslog.${PN} 200 if test "x$D" != "x"; then diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.2.2.bb b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.2.2.bb index b98827933e..f9eef248b3 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.2.2.bb +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.2.2.bb @@ -1,5 +1,5 @@ require syslog-ng.inc -PR = "${INC_PR}.0" +PR = "${INC_PR}.1" SRC_URI += " \ file://syslog-ng.conf \ -- cgit 1.2.3-korg