--- /dev/null
+# Log DHCP requests to a separate log file
+
+destination d_dhcp {
+ file("/var/log/dhcp");
+};
+
+filter f_dhcp {
+ program("dhcpd") or program("dnsmasq-dhcp");
+};
+
+log {
+ source(s_sys);
+ filter(f_dhcp);
+ destination(d_dhcp);
+ flags(final);
+};
--- /dev/null
+# Redirect freshclam logs to a separate log file
+
+destination d_freshclam {
+ file("/var/log/freshclam.log");
+};
+
+filter f_freshclam {
+ program(freshclam);
+};
+
+log {
+ source(s_sys);
+ filter(f_local6);
+ filter(f_freshclam);
+ destination(d_freshclam);
+};
--- /dev/null
+# Redirect iptables logs to a separate log file
+
+destination d_iptables {
+ file("/var/log/iptables");
+};
+
+filter f_iptables {
+ facility(kern) and match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE"));
+};
+
+log {
+ source(s_sys);
+ filter(f_iptables);
+ destination(d_iptables);
+ flags(final);
+};
--- /dev/null
+# Uncomment the following configuration if you want to send logs to a remote
+# syslog server at the specified IP address and port
+
+#destination d_loghost {
+# udp("192.168.1.100" port(514));
+#};
+
+#log {
+# source(s_sys);
+# destination(d_loghost);
+#};
--- /dev/null
+# Uncomment the following configuration if you want to run a syslog server
+# listening on a given IP address and port
+
+#source s_net {
+# udp(ip(192.168.1.100), port(514));
+#};
+
+#destination d_from_net {
+# file("/var/log/network/$HOST.log" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes));
+#};
+
+#log {
+# source(s_net);
+# destination(d_from_net);
+# flags(final);
+#};
+++ /dev/null
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/CMakeLists.txt syslog-ng-syslog-ng-4.2.0/CMakeLists.txt
---- syslog-ng-syslog-ng-4.2.0.orig/CMakeLists.txt 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/CMakeLists.txt 2023-07-19 02:12:21.375815517 +0200
-@@ -272,7 +272,7 @@
- include(openssl_functions)
- openssl_set_defines()
-
--pkg_check_modules(LIBPCRE REQUIRED libpcre)
-+pkg_check_modules(LIBPCRE REQUIRED libpcre2-8)
-
- if (WRAP_FOUND)
- set(SYSLOG_NG_ENABLE_TCP_WRAPPER 1)
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/configure.ac syslog-ng-syslog-ng-4.2.0/configure.ac
---- syslog-ng-syslog-ng-4.2.0.orig/configure.ac 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/configure.ac 2023-07-19 02:12:21.375815517 +0200
-@@ -48,7 +48,7 @@
- IVYKIS_MIN_VERSION="0.36.1"
- IVYKIS_UPDATED_VERSION="0.39"
- JSON_C_MIN_VERSION="0.9"
--PCRE_MIN_VERSION="6.1"
-+PCRE2_MIN_VERSION="10.0"
- LMC_MIN_VERSION="1.0.0"
- LRMQ_MIN_VERSION="0.0.1"
- LRC_MIN_VERSION="1.6.0"
-@@ -1046,9 +1046,10 @@
- LIBS="$old_LIBS"
- fi
-
--PKG_CHECK_MODULES(PCRE, libpcre >= $PCRE_MIN_VERSION,, PCRE_LIBS="")
--if test -z "$PCRE_LIBS"; then
-- AC_MSG_ERROR(Cannot find pcre version >= $PCRE_MIN_VERSION it is a hard dependency from syslog-ng 3.6 onwards)
-+PKG_CHECK_MODULES(PCRE2, libpcre2-8 >= $PCRE2_MIN_VERSION,, PCRE2_LIBS="")
-+
-+if test test -z "$PCRE2_LIBS"; then
-+ AC_MSG_ERROR(Cannot find pcre2 version >= $PCRE2_MIN_VERSION which is a hard dependency from syslog-ng 3.6 onwards)
- fi
-
- dnl ***************************************************************************
-@@ -1846,7 +1847,7 @@
- python_moduledir="$moduledir"/python
- python_sysconf_moduledir="${sysconfdir}/python"
-
--CPPFLAGS="$CPPFLAGS $GLIB_CFLAGS $EVTLOG_CFLAGS $PCRE_CFLAGS $OPENSSL_CFLAGS $LIBNET_CFLAGS $LIBDBI_CFLAGS $IVYKIS_CFLAGS $LIBCAP_CFLAGS -D_GNU_SOURCE -D_DEFAULT_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
-+CPPFLAGS="$CPPFLAGS $GLIB_CFLAGS $EVTLOG_CFLAGS $PCRE2_CFLAGS $OPENSSL_CFLAGS $LIBNET_CFLAGS $LIBDBI_CFLAGS $IVYKIS_CFLAGS $LIBCAP_CFLAGS -D_GNU_SOURCE -D_DEFAULT_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
-
- ########################################################
- ## NOTES: on how syslog-ng is linked
-@@ -1894,7 +1895,7 @@
- MODULE_DEPS_LIBS="\$(top_builddir)/lib/libsyslog-ng.la"
-
- if test "x$linking_mode" = "xdynamic"; then
-- SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE_LIBS $REGEX_LIBS $DL_LIBS"
-+ SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE2_LIBS $REGEX_LIBS $DL_LIBS"
-
- if test "x$with_ivykis" = "xinternal"; then
- # when using the internal ivykis, we're linking it statically into libsyslog-ng.so
-@@ -1913,8 +1914,8 @@
- # syslog-ng binary is linked with the default link command (e.g. libtool)
- SYSLOGNG_LINK='$(LINK)'
- else
-- SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $RESOLV_LIBS $EVTLOG_NO_LIBTOOL_LIBS $SECRETSTORAGE_NO_LIBTOOL_LIBS $LD_START_STATIC -Wl,${WHOLE_ARCHIVE_OPT} $GLIB_LIBS $PCRE_LIBS $REGEX_LIBS -Wl,${NO_WHOLE_ARCHIVE_OPT} $IVYKIS_NO_LIBTOOL_LIBS $LD_END_STATIC $LIBCAP_LIBS $DL_LIBS"
-- TOOL_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE_LIBS $REGEX_LIBS $IVYKIS_LIBS $DL_LIBS"
-+ SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $RESOLV_LIBS $EVTLOG_NO_LIBTOOL_LIBS $SECRETSTORAGE_NO_LIBTOOL_LIBS $LD_START_STATIC -Wl,${WHOLE_ARCHIVE_OPT} $GLIB_LIBS $PCRE2_LIBS $REGEX_LIBS -Wl,${NO_WHOLE_ARCHIVE_OPT} $IVYKIS_NO_LIBTOOL_LIBS $LD_END_STATIC $LIBCAP_LIBS $DL_LIBS"
-+ TOOL_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE2_LIBS $REGEX_LIBS $IVYKIS_LIBS $DL_LIBS"
- CORE_DEPS_LIBS=""
-
- # bypass libtool in case we want to do mixed linking because it
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/compat/pcre.h syslog-ng-syslog-ng-4.2.0/lib/compat/pcre.h
---- syslog-ng-syslog-ng-4.2.0.orig/lib/compat/pcre.h 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/compat/pcre.h 2023-07-19 02:12:21.376815531 +0200
-@@ -26,18 +26,8 @@
- #define COMPAT_PCRE_H_INCLUDED
-
- #include "compat/compat.h"
--#include <pcre.h>
-
--#ifndef PCRE_CONFIG_JIT
--#define pcre_free_study pcre_free
--#endif
--
--#ifndef PCRE_STUDY_JIT_COMPILE
--#define PCRE_STUDY_JIT_COMPILE 0
--#endif
--
--#ifndef PCRE_NEWLINE_ANYCRLF
--#define PCRE_NEWLINE_ANYCRLF 0
--#endif
-+#define PCRE2_CODE_UNIT_WIDTH 8
-+#include <pcre2.h>
-
- #endif /* COMPAT_PCRE_H_INCLUDED */
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/filter/tests/test_filters_regexp.c syslog-ng-syslog-ng-4.2.0/lib/filter/tests/test_filters_regexp.c
---- syslog-ng-syslog-ng-4.2.0.orig/lib/filter/tests/test_filters_regexp.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/filter/tests/test_filters_regexp.c 2023-07-19 02:12:21.376815531 +0200
-@@ -53,12 +53,6 @@
- const gchar *value;
- } FilterParamRegexp;
-
--static gboolean
--check_pcre_version_is_atleast(const gchar *version)
--{
-- return strncmp(pcre_version(), version, strlen(version)) >= 0;
--}
--
- Test(filter, create_pcre_regexp_filter)
- {
- cr_assert_eq(create_pcre_regexp_filter(LM_V_PROGRAM, "((", 0), NULL);
-@@ -70,8 +64,7 @@
- cr_assert_eq(create_pcre_regexp_filter(LM_V_HOST, "(?iana", 0), NULL);
- cr_assert_eq(create_pcre_regexp_match("((", 0), NULL);
- cr_assert_eq(create_pcre_regexp_match("(?P<foo_123", 0), NULL); // Unterminated group identifier
-- if (check_pcre_version_is_atleast("8.34"))
-- cr_assert_eq(create_pcre_regexp_match("(?P<1>a)", 0), NULL); // Begins with a digit
-+ cr_assert_eq(create_pcre_regexp_match("(?P<1>a)", 0), NULL); // Begins with a digit
- cr_assert_eq(create_pcre_regexp_match("(?P<!>a)", 0), NULL); // Begins with an illegal char
- cr_assert_eq(create_pcre_regexp_match("(?P<foo!>a)", 0), NULL); // Ends with an illegal char
- cr_assert_eq(create_pcre_regexp_match("\\1", 0), NULL); // Backreference
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/logmatcher.c syslog-ng-syslog-ng-4.2.0/lib/logmatcher.c
---- syslog-ng-syslog-ng-4.2.0.orig/lib/logmatcher.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/logmatcher.c 2023-07-19 02:12:21.376815531 +0200
-@@ -281,87 +281,82 @@
- typedef struct _LogMatcherPcreRe
- {
- LogMatcher super;
-- pcre *pattern;
-- pcre_extra *extra;
-+ pcre2_code *pattern;
- gint match_options;
- gchar *nv_prefix;
- gint nv_prefix_len;
- } LogMatcherPcreRe;
-
- static gboolean
--_compile_pcre_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error)
-+_compile_pcre2_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error)
- {
- gint rc;
-- const gchar *errptr;
-- gint erroffset;
- gint flags = 0;
-
- g_return_val_if_fail(error == NULL || *error == NULL, FALSE);
-
- if (self->super.flags & LMF_ICASE)
-- flags |= PCRE_CASELESS;
-+ flags |= PCRE2_CASELESS;
-
- if (self->super.flags & LMF_NEWLINE)
- {
-- if (!PCRE_NEWLINE_ANYCRLF)
-+ if (!PCRE2_NEWLINE_ANYCRLF)
- msg_warning("syslog-ng was compiled against an old PCRE which doesn't support the 'newline' flag");
-- flags |= PCRE_NEWLINE_ANYCRLF;
-+ flags |= PCRE2_NEWLINE_ANYCRLF;
- }
- if (self->super.flags & LMF_UTF8)
- {
- gint support;
-- flags |= PCRE_UTF8 | PCRE_NO_UTF8_CHECK;
-- self->match_options |= PCRE_NO_UTF8_CHECK;
-+ flags |= PCRE2_UTF | PCRE2_NO_UTF_CHECK;
-+ self->match_options |= PCRE2_NO_UTF_CHECK;
-
-- pcre_config(PCRE_CONFIG_UTF8, &support);
-+ pcre2_config(PCRE2_CONFIG_UNICODE, &support);
- if (!support)
- {
-- g_set_error(error, LOG_TEMPLATE_ERROR, 0, "PCRE library is compiled without UTF8 support and utf8 flag was present");
-+ g_set_error(error, LOG_TEMPLATE_ERROR, 0, "PCRE library is compiled without unicode support and utf8 flag was present");
- return FALSE;
- }
-
-- pcre_config(PCRE_CONFIG_UNICODE_PROPERTIES, &support);
-- if (!support)
-- {
-- g_set_error(error, LOG_TEMPLATE_ERROR, 0,
-- "PCRE library is compiled without UTF8 properties support and utf8 flag was present");
-- return FALSE;
-- }
- }
- if (self->super.flags & LMF_DUPNAMES)
- {
-- if (!PCRE_DUPNAMES)
-+ if (!PCRE2_DUPNAMES)
- msg_warning("syslog-ng was compiled against an old PCRE which doesn't support the 'dupnames' flag");
-- flags |= PCRE_DUPNAMES;
-+ flags |= PCRE2_DUPNAMES;
- }
-
- /* compile the regexp */
-- self->pattern = pcre_compile2(re, flags, &rc, &errptr, &erroffset, NULL);
-+ PCRE2_SIZE error_offset;
-+
-+ self->pattern = pcre2_compile((PCRE2_SPTR) re, PCRE2_ZERO_TERMINATED, flags, &rc, &error_offset, NULL);
- if (!self->pattern)
- {
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
- g_set_error(error, LOG_TEMPLATE_ERROR, 0, "Failed to compile PCRE expression >>>%s<<< `%s' at character %d",
-- re, errptr, erroffset);
-+ re, error_message, (gint) error_offset);
- return FALSE;
- }
- return TRUE;
- }
-
- static gboolean
--_study_pcre_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error)
-+_jit_pcre2_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error)
- {
-- const gchar *errptr;
-- gint options = 0;
--
-- if ((self->super.flags & LMF_DISABLE_JIT) == 0)
-- options |= PCRE_STUDY_JIT_COMPILE;
-+ if ((self->super.flags & LMF_DISABLE_JIT))
-+ return TRUE;
-
- /* optimize regexp */
-- self->extra = pcre_study(self->pattern, options, &errptr);
-- if (errptr != NULL)
-+ gint rc = pcre2_jit_compile(self->pattern, PCRE2_JIT_COMPLETE);
-+ if (rc < 0)
- {
-- g_set_error(error, LOG_TEMPLATE_ERROR, 0, "Failed to optimize regular expression >>>%s<<< `%s'",
-- re, errptr);
-- return FALSE;
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+ msg_warning("Failed to JIT compile regular expression, you might want to use flags(disable-jit)",
-+ evt_tag_str("regexp", re),
-+ evt_tag_str("error", (gchar *) error_message));
- }
- return TRUE;
- }
-@@ -374,10 +369,10 @@
- g_return_val_if_fail(error == NULL || *error == NULL, FALSE);
- log_matcher_store_pattern(s, re);
-
-- if (!_compile_pcre_regexp(self, re, error))
-+ if (!_compile_pcre2_regexp(self, re, error))
- return FALSE;
-
-- if (!_study_pcre_regexp(self, re, error))
-+ if (!_jit_pcre2_regexp(self, re, error))
- return FALSE;
-
- return TRUE;
-@@ -388,8 +383,7 @@
- NVHandle source_handle;
- const gchar *source_value;
- gssize source_value_len;
-- gint *matches;
-- gint num_matches;
-+ pcre2_match_data *match_data;
- } LogMatcherPcreMatchResult;
-
- static inline void
-@@ -434,11 +428,13 @@
- log_matcher_pcre_re_feed_backrefs(LogMatcherPcreRe *self, LogMessage *msg, LogMatcherPcreMatchResult *result)
- {
- gint i;
-+ guint32 num_matches = pcre2_get_ovector_count(result->match_data);
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result->match_data);
-
-- for (i = 0; i < (LOGMSG_MAX_MATCHES) && i < result->num_matches; i++)
-+ for (i = 0; i < (LOGMSG_MAX_MATCHES) && i < num_matches; i++)
- {
-- gint begin_index = result->matches[2 * i];
-- gint end_index = result->matches[2 * i + 1];
-+ gint begin_index = matches[2 * i];
-+ gint end_index = matches[2 * i + 1];
-
- if (begin_index < 0 || end_index < 0)
- continue;
-@@ -446,11 +442,11 @@
- log_matcher_pcre_re_feed_value(self, msg, log_msg_get_match_handle(i), result, begin_index, end_index);
- }
- if (log_msg_is_handle_match(result->source_handle) &&
-- log_msg_get_match_index(result->source_handle) >= result->num_matches)
-+ log_msg_get_match_index(result->source_handle) >= num_matches)
- {
- log_matcher_pcre_re_save_source_value_to_avoid_clobbering(result);
- }
-- log_msg_truncate_matches(msg, result->num_matches);
-+ log_msg_truncate_matches(msg, num_matches);
- }
-
- static void
-@@ -458,18 +454,20 @@
- {
- gchar *name_table = NULL;
- gint i = 0;
-- gint namecount = 0;
-- gint name_entry_size = 0;
-+ guint32 namecount = 0;
-+ guint32 name_entry_size = 0;
-
-- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMECOUNT, &namecount);
-+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMECOUNT, &namecount);
- if (namecount > 0)
- {
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result->match_data);
-+
- gchar *tabptr;
- /* Before we can access the substrings, we must extract the table for
- translating names to numbers, and the size of each entry in the table.
- */
-- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMETABLE, &name_table);
-- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMEENTRYSIZE, &name_entry_size);
-+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMETABLE, &name_table);
-+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMEENTRYSIZE, &name_entry_size);
- /* Now we can scan the table and, for each entry, print the number, the name,
- and the substring itself.
- */
-@@ -480,8 +478,8 @@
- for (i = 0; i < namecount; i++, tabptr += name_entry_size)
- {
- int n = (tabptr[0] << 8) | tabptr[1];
-- gint begin_index = result->matches[2 * n];
-- gint end_index = result->matches[2 * n + 1];
-+ gint begin_index = matches[2 * n];
-+ gint end_index = matches[2 * n + 1];
- const gchar *namedgroup_name = tabptr + 2;
-
- if (begin_index < 0 || end_index < 0)
-@@ -502,30 +500,28 @@
- LogMatcherPcreRe *self = (LogMatcherPcreRe *) s;
- LogMatcherPcreMatchResult result;
- gint rc;
-+ gboolean res = TRUE;
-
- if (value_len == -1)
- value_len = strlen(value);
-
-- if (pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_CAPTURECOUNT, &result.num_matches) < 0)
-- g_assert_not_reached();
-- if (result.num_matches > LOGMSG_MAX_MATCHES)
-- result.num_matches = LOGMSG_MAX_MATCHES;
--
-- gsize matches_size = 3 * (result.num_matches + 1);
-- result.matches = g_alloca(matches_size * sizeof(gint));
-+ result.match_data = pcre2_match_data_create_from_pattern(self->pattern, NULL);
- result.source_value = value;
- result.source_value_len = value_len;
- result.source_handle = value_handle;
-
-- rc = pcre_exec(self->pattern, self->extra,
-- result.source_value, result.source_value_len,
-- 0, self->match_options,
-- result.matches, matches_size);
-+ rc = pcre2_match(self->pattern,
-+ (PCRE2_SPTR) result.source_value,
-+ (PCRE2_SIZE) result.source_value_len,
-+ (PCRE2_SIZE) 0,
-+ self->match_options,
-+ result.match_data,
-+ NULL);
- if (rc < 0)
- {
- switch (rc)
- {
-- case PCRE_ERROR_NOMATCH:
-+ case PCRE2_ERROR_NOMATCH:
- break;
-
- default:
-@@ -534,22 +530,22 @@
- evt_tag_int("error_code", rc));
- break;
- }
-- return FALSE;
-+ res = FALSE;
- }
-- if (rc == 0)
-+ else if (rc == 0)
- {
-- msg_error("Error while storing matching substrings");
-+ msg_error("Error while storing matching substrings, more than 256 capture groups encountered");
- }
- else
- {
-- result.num_matches = rc;
- if ((s->flags & LMF_STORE_MATCHES))
- {
- log_matcher_pcre_re_feed_backrefs(self, msg, &result);
- log_matcher_pcre_re_feed_named_substrings(self, msg, &result);
- }
- }
-- return TRUE;
-+ pcre2_match_data_free(result.match_data);
-+ return res;
- }
-
- static gchar *
-@@ -559,24 +555,19 @@
- LogMatcherPcreRe *self = (LogMatcherPcreRe *) s;
- LogMatcherPcreMatchResult result;
- GString *new_value = NULL;
-- gsize matches_size;
- gint rc;
- gint start_offset, last_offset;
- gint options;
- gboolean last_match_was_empty;
-
-- if (pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_CAPTURECOUNT, &result.num_matches) < 0)
-- g_assert_not_reached();
-- if (result.num_matches > LOGMSG_MAX_MATCHES)
-- result.num_matches = LOGMSG_MAX_MATCHES;
-+ result.match_data = pcre2_match_data_create_from_pattern(self->pattern, NULL);
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result.match_data);
-
-- matches_size = 3 * (result.num_matches + 1);
-- result.matches = g_alloca(matches_size * sizeof(gint));
-
- /* we need zero initialized offsets for the last match as the
- * algorithm tries uses that as the base position */
-
-- result.matches[0] = result.matches[1] = result.matches[2] = 0;
-+ matches[0] = matches[1] = 0;
-
- if (value_len == -1)
- value_len = strlen(value);
-@@ -596,7 +587,7 @@
- * advanced).
- *
- * A zero-length match can be as simple as "a*" which will be
-- * returned unless PCRE_NOTEMPTY is specified.
-+ * returned unless PCRE2_NOTEMPTY is specified.
- *
- * By supporting zero-length matches, we basically make it
- * possible to insert replacement between each incoming
-@@ -617,17 +608,21 @@
- * to see if a non-empty match can be found.
- */
-
-- options = PCRE_NOTEMPTY | PCRE_ANCHORED;
-+ options = PCRE2_NOTEMPTY | PCRE2_ANCHORED;
- }
- else
- {
- options = 0;
- }
-
-- rc = pcre_exec(self->pattern, self->extra,
-- result.source_value, result.source_value_len,
-- start_offset, (self->match_options | options), result.matches, matches_size);
-- if (rc < 0 && rc != PCRE_ERROR_NOMATCH)
-+ rc = pcre2_match(self->pattern,
-+ (PCRE2_SPTR) result.source_value,
-+ (PCRE2_SIZE) result.source_value_len,
-+ start_offset,
-+ (self->match_options | options),
-+ result.match_data,
-+ NULL);
-+ if (rc < 0 && rc != PCRE2_ERROR_NOMATCH)
- {
- msg_error("Error while matching regexp",
- evt_tag_int("error_code", rc));
-@@ -635,7 +630,7 @@
- }
- else if (rc < 0)
- {
-- if ((options & PCRE_NOTEMPTY) == 0)
-+ if ((options & PCRE2_NOTEMPTY) == 0)
- {
- /* we didn't match, even when we permitted to match the
- * empty string. Nothing to find here, bail out */
-@@ -651,31 +646,31 @@
- last_match_was_empty = FALSE;
- continue;
- }
-+ else if (rc == 0)
-+ {
-+ msg_error("Error while storing matching substrings, more than 256 capture groups encountered");
-+ break;
-+ }
- else
- {
-- /* if the output array was too small, truncate the number of
-- captures to LOGMSG_MAX_MATCHES */
--
-- if (rc == 0)
-- rc = matches_size / 3;
--
-- result.num_matches = rc;
- log_matcher_pcre_re_feed_backrefs(self, msg, &result);
- log_matcher_pcre_re_feed_named_substrings(self, msg, &result);
-
- if (!new_value)
- new_value = g_string_sized_new(result.source_value_len);
- /* append non-matching portion */
-- g_string_append_len(new_value, &result.source_value[last_offset], result.matches[0] - last_offset);
-+ g_string_append_len(new_value, &result.source_value[last_offset], matches[0] - last_offset);
- /* replacement */
- log_template_append_format(replacement, msg, &DEFAULT_TEMPLATE_EVAL_OPTIONS, new_value);
-
-- last_match_was_empty = (result.matches[0] == result.matches[1]);
-- start_offset = last_offset = result.matches[1];
-+ last_match_was_empty = (matches[0] == matches[1]);
-+ start_offset = last_offset = matches[1];
- }
- }
- while (self->super.flags & LMF_GLOBAL && start_offset < result.source_value_len);
-
-+ pcre2_match_data_free(result.match_data);
-+
- if (new_value)
- {
- /* append the last literal */
-@@ -691,8 +686,7 @@
- log_matcher_pcre_re_free(LogMatcher *s)
- {
- LogMatcherPcreRe *self = (LogMatcherPcreRe *) s;
-- pcre_free_study(self->extra);
-- pcre_free(self->pattern);
-+ pcre2_code_free(self->pattern);
- log_matcher_free_method(s);
- }
-
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.c syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.c
---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.c 2023-07-19 02:12:21.376815531 +0200
-@@ -22,69 +22,105 @@
- * COPYING for details.
- */
- #include "multi-line/multi-line-pattern.h"
-+#include "messages.h"
-
- MultiLinePattern *
- multi_line_pattern_compile(const gchar *regexp, GError **error)
- {
- MultiLinePattern *self = g_new0(MultiLinePattern, 1);
-- gint optflags = 0;
- gint rc;
-- const gchar *errptr;
-- gint erroffset;
-+ PCRE2_SIZE erroffset;
-
- g_return_val_if_fail(error == NULL || *error == NULL, FALSE);
- self->ref_cnt = 1;
-
- /* compile the regexp */
-- self->pattern = pcre_compile2(regexp, 0, &rc, &errptr, &erroffset, NULL);
-+ self->pattern = pcre2_compile((PCRE2_SPTR) regexp, PCRE2_ZERO_TERMINATED, 0, &rc, &erroffset, NULL);
- if (!self->pattern)
- {
-- g_set_error(error, 0, 0, "Error while compiling multi-line regexp as a PCRE expression, error=%s, error_at=%d", errptr,
-- erroffset);
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+ g_set_error(error, 0, 0,
-+ "Error while compiling multi-line regexp as a PCRE expression, error=%s, error_at=%" G_GSIZE_FORMAT,
-+ (gchar *) error_message, erroffset);
- goto error;
- }
-
--#ifdef PCRE_STUDY_JIT_COMPILE
-- optflags = PCRE_STUDY_JIT_COMPILE;
--#endif
--
- /* optimize regexp */
-- self->extra = pcre_study(self->pattern, optflags, &errptr);
-- if (errptr != NULL)
-+ rc = pcre2_jit_compile(self->pattern, PCRE2_JIT_COMPLETE);
-+ if (rc < 0)
- {
-- g_set_error(error, 0, 0, "Error while studying multi-line regexp, error=%s", errptr);
-- goto error;
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+ msg_warning("multi-line-pattern: Error while JIT compiling regular expression",
-+ evt_tag_str("regexp", regexp),
-+ evt_tag_str("error", (gchar *) error_message));
- }
-
- return self;
- error:
- if (self->pattern)
-- pcre_free(self->pattern);
-+ pcre2_code_free(self->pattern);
- g_free(self);
- return NULL;
- }
-
- gint
--multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *matches, gint matches_num)
-+multi_line_pattern_eval(MultiLinePattern *re, const guchar *str, gsize len, pcre2_match_data *match_data)
- {
-- gint rc;
-+ return pcre2_match(re->pattern, (PCRE2_SPTR) str, (PCRE2_SIZE) len, 0, 0, match_data, NULL);
-+}
-
-+gboolean
-+multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *start, gint *end)
-+{
- if (!re)
-- return -1;
-+ return FALSE;
-+
-+ gboolean result = FALSE;
-+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(re->pattern, NULL);
-+
-
-- rc = pcre_exec(re->pattern, re->extra, (const gchar *) str, len, 0, 0, matches, matches_num * 3);
-- return rc;
-+ if (multi_line_pattern_eval(re, str, len, match_data) < 0)
-+ goto exit;
-+
-+ guint32 num_matches = pcre2_get_ovector_count(match_data);
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data);
-+
-+ if (num_matches == 0)
-+ goto exit;
-+
-+ *start = matches[0];
-+ *end = matches[1];
-+ result = TRUE;
-+exit:
-+ pcre2_match_data_free(match_data);
-+ return result;
- }
-
- gboolean
- multi_line_pattern_match(MultiLinePattern *re, const guchar *str, gsize len)
- {
-- gint match[3];
-- if (multi_line_pattern_find(re, str, len, match, 1) < 0)
-+ if (!re)
- return FALSE;
-- return match[0] >= 0;
--}
-
-+ gboolean result = FALSE;
-+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(re->pattern, NULL);
-+
-+ if (multi_line_pattern_eval(re, str, len, match_data) < 0)
-+ goto exit;
-+
-+ guint32 num_matches = pcre2_get_ovector_count(match_data);
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data);
-+
-+ result = num_matches > 0 && matches[0] >= 0;
-+
-+exit:
-+ pcre2_match_data_free(match_data);
-+ return result;
-+}
-
- MultiLinePattern *
- multi_line_pattern_ref(MultiLinePattern *self)
-@@ -100,9 +136,7 @@
- if (self && (--self->ref_cnt == 0))
- {
- if (self->pattern)
-- pcre_free(self->pattern);
-- if (self->extra)
-- pcre_free_study(self->extra);
-+ pcre2_code_free(self->pattern);
- g_free(self);
- }
- }
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.h syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.h
---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.h 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.h 2023-07-19 02:12:21.376815531 +0200
-@@ -33,11 +33,10 @@
- struct _MultiLinePattern
- {
- gint ref_cnt;
-- pcre *pattern;
-- pcre_extra *extra;
-+ pcre2_code *pattern;
- };
-
--gint multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *matches, gint matches_num);
-+gboolean multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *start, gint *end);
- gboolean multi_line_pattern_match(MultiLinePattern *re, const guchar *str, gsize len);
- MultiLinePattern *multi_line_pattern_compile(const gchar *regexp, GError **error);
- MultiLinePattern *multi_line_pattern_ref(MultiLinePattern *self);
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/regexp-multi-line.c syslog-ng-syslog-ng-4.2.0/lib/multi-line/regexp-multi-line.c
---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/regexp-multi-line.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/regexp-multi-line.c 2023-07-19 02:12:21.377815546 +0200
-@@ -27,19 +27,21 @@
- static gint
- _prefix_garbage_get_offset_of_garbage(RegexpMultiLine *self, const guchar *line, gsize line_len)
- {
-- gint match[3];
-- if (multi_line_pattern_find(self->garbage, line, line_len, match, 1) < 0)
-+ gint start, end;
-+
-+ if (!multi_line_pattern_find(self->garbage, line, line_len, &start, &end))
- return -1;
-- return match[0];
-+ return start;
- }
-
- static gint
- _prefix_suffix_get_offset_of_garbage(RegexpMultiLine *self, const guchar *line, gsize line_len)
- {
-- gint match[3];
-- if (multi_line_pattern_find(self->garbage, line, line_len, match, 1) < 0)
-+ gint start, end;
-+
-+ if (!multi_line_pattern_find(self->garbage, line, line_len, &start, &end))
- return -1;
-- return match[1];
-+ return end;
- }
-
- static gint
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/list-funcs.c syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/list-funcs.c
---- syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/list-funcs.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/list-funcs.c 2023-07-19 02:12:21.377815546 +0200
-@@ -354,8 +354,7 @@
- StringMatchMode mode;
- gchar *pattern;
- GPatternSpec *glob;
-- pcre *pcre;
-- pcre_extra *pcre_extra;
-+ pcre2_code *pcre;
- } StringMatcher;
-
- static gboolean
-@@ -369,33 +368,35 @@
- static gboolean
- string_matcher_prepare_pcre(StringMatcher *self)
- {
-- const gchar *errptr;
-- gint erroffset;
-+ PCRE2_SIZE erroffset;
- gint rc;
-
-- self->pcre = pcre_compile2(self->pattern, PCRE_ANCHORED, &rc, &errptr, &erroffset, NULL);
-+ self->pcre = pcre2_compile((PCRE2_SPTR) self->pattern, PCRE2_ZERO_TERMINATED, PCRE2_ANCHORED, &rc, &erroffset, NULL);
- if (!self->pcre)
- {
-+ PCRE2_UCHAR error_message[128];
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+
- msg_error("Error while compiling regular expression",
- evt_tag_str("regular_expression", self->pattern),
- evt_tag_str("error_at", &self->pattern[erroffset]),
- evt_tag_int("error_offset", erroffset),
-- evt_tag_str("error_message", errptr),
-+ evt_tag_str("error_message", (gchar *) error_message),
- evt_tag_int("error_code", rc));
- return FALSE;
- }
-- self->pcre_extra = pcre_study(self->pcre, PCRE_STUDY_JIT_COMPILE, &errptr);
-- if (errptr)
-+
-+ /* optimize regexp */
-+ rc = pcre2_jit_compile(self->pcre, PCRE2_JIT_COMPLETE);
-+ if (rc < 0)
- {
-- msg_error("Error while optimizing regular expression",
-- evt_tag_str("regular_expression", self->pattern),
-- evt_tag_str("error_message", errptr));
-- pcre_free(self->pcre);
-- if (self->pcre_extra)
-- pcre_free_study(self->pcre_extra);
-- return FALSE;
-- }
-+ PCRE2_UCHAR error_message[128];
-
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+ msg_warning("$(list-search): Failed to JIT compile regular expression",
-+ evt_tag_str("regexp", self->pattern),
-+ evt_tag_str("error", (gchar *) error_message));
-+ }
- return TRUE;
- }
-
-@@ -416,8 +417,11 @@
- static gboolean
- string_matcher_match_pcre(StringMatcher *self, const char *string, gsize string_len)
- {
-- gint rc = pcre_exec(self->pcre, self->pcre_extra, string, string_len, 0, 0, NULL, 0);
-- if (rc == PCRE_ERROR_NOMATCH)
-+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(self->pcre, NULL);
-+ gint rc = pcre2_match(self->pcre, (PCRE2_SPTR) string, (PCRE2_SIZE) string_len, 0, 0, match_data, NULL);
-+ pcre2_match_data_free(match_data);
-+
-+ if (rc == PCRE2_ERROR_NOMATCH)
- {
- return FALSE;
- }
-@@ -468,9 +472,7 @@
- if (self->glob)
- g_pattern_spec_free(self->glob);
- if (self->pcre)
-- pcre_free(self->pcre);
-- if (self->pcre_extra)
-- pcre_free_study(self->pcre_extra);
-+ pcre2_code_free(self->pcre);
- g_free(self);
- }
-
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/tests/test_basicfuncs.c syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/tests/test_basicfuncs.c
---- syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/tests/test_basicfuncs.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/tests/test_basicfuncs.c 2023-07-19 02:12:21.377815546 +0200
-@@ -663,3 +663,8 @@
- {
- assert_template_format(param->template, param->expected);
- }
-+
-+Test(basicfuncs, test_performance)
-+{
-+ perftest_template("$(list-search --start-index 1 --mode pcre .az '\"foo,\",\"bar\",\"baz\"')");
-+}
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/group-lines.c syslog-ng-syslog-ng-4.2.0/modules/correlation/group-lines.c
---- syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/group-lines.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/modules/correlation/group-lines.c 2023-07-19 02:12:21.377815546 +0200
-@@ -28,7 +28,6 @@
- #include "messages.h"
- #include "grouping-parser.h"
-
--#include <pcre.h>
- #include <iv.h>
-
- typedef struct _GroupLinesContext
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/radix.c syslog-ng-syslog-ng-4.2.0/modules/correlation/radix.c
---- syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/radix.c 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/modules/correlation/radix.c 2023-07-19 02:12:21.377815546 +0200
-@@ -22,13 +22,12 @@
- */
-
- #include "radix.h"
-+#include "compat/pcre.h"
-
- #include <string.h>
- #include <stdlib.h>
- #include <limits.h>
-
--#include <pcre.h>
--
- /**************************************************************
- * Parsing nodes.
- **************************************************************/
-@@ -129,80 +128,80 @@
-
- typedef struct _RParserPCREState
- {
-- pcre *re;
-- pcre_extra *extra;
-+ pcre2_code *re;
- } RParserPCREState;
-
- gboolean
- r_parser_pcre(gchar *str, gint *len, const gchar *param, gpointer state, RParserMatch *match)
- {
- RParserPCREState *self = (RParserPCREState *) state;
-+ gboolean result = FALSE;
- gint rc;
-- gint num_matches;
--
-- if (pcre_fullinfo(self->re, self->extra, PCRE_INFO_CAPTURECOUNT, &num_matches) < 0)
-- g_assert_not_reached();
-- if (num_matches > LOGMSG_MAX_MATCHES)
-- num_matches = LOGMSG_MAX_MATCHES;
-
-- gsize matches_size = 3 * (num_matches + 1);
-- gint *matches = g_alloca(matches_size * sizeof(gint));
-+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(self->re, NULL);
-+ rc = pcre2_match(self->re, (PCRE2_SPTR) str, (PCRE2_SIZE) strlen(str), 0, 0, match_data, NULL);
-
-- rc = pcre_exec(self->re, self->extra, str, strlen(str), 0, 0, matches, matches_size);
--
-- if (rc == PCRE_ERROR_NOMATCH)
-- {
-- return FALSE;
-- }
-+ if (rc == PCRE2_ERROR_NOMATCH)
-+ goto exit;
-
- if (rc < 0)
- {
- msg_error("Error while matching regexp", evt_tag_int("error_code", rc));
-- return FALSE;
-+ goto exit;
- }
-
- if (rc == 0)
- {
- msg_error("Error while storing matching substrings");
-- return FALSE;
-+ goto exit;
- }
-
-+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data);
-+
- *len = matches[1] - matches[0];
-- return TRUE;
-+ result = TRUE;
-+exit:
-+ pcre2_match_data_free(match_data);
-+ return result;
- }
-
- gpointer
- r_parser_pcre_compile_state(const gchar *expr)
- {
- RParserPCREState *self = g_new0(RParserPCREState, 1);
-- const gchar *errptr;
-- gint erroffset;
-+ gsize erroffset;
- gint rc;
-
-- self->re = pcre_compile2(expr, PCRE_ANCHORED, &rc, &errptr, &erroffset, NULL);
-+ self->re = pcre2_compile((PCRE2_SPTR)expr, PCRE2_ZERO_TERMINATED, PCRE2_ANCHORED, &rc, &erroffset, NULL);
- if (!self->re)
- {
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+
- msg_error("Error while compiling regular expression",
- evt_tag_str("regular_expression", expr),
- evt_tag_str("error_at", &expr[erroffset]),
- evt_tag_int("error_offset", erroffset),
-- evt_tag_str("error_message", errptr),
-+ evt_tag_str("error_message", (gchar *) error_message),
- evt_tag_int("error_code", rc));
- g_free(self);
- return NULL;
- }
-- self->extra = pcre_study(self->re, 0, &errptr);
-- if (errptr)
-+
-+ /* optimize regexp */
-+ rc = pcre2_jit_compile(self->re, PCRE2_JIT_COMPLETE);
-+ if (rc < 0)
- {
-- msg_error("Error while optimizing regular expression",
-- evt_tag_str("regular_expression", expr),
-- evt_tag_str("error_message", errptr));
-- pcre_free(self->re);
-- if (self->extra)
-- pcre_free(self->extra);
-- g_free(self);
-- return NULL;
-+ PCRE2_UCHAR error_message[128];
-+
-+ pcre2_get_error_message(rc, error_message, sizeof(error_message));
-+ msg_warning("radix: Error while JIT compiling regular expression",
-+ evt_tag_str("regular_expression", expr),
-+ evt_tag_str("error_message", (gchar *) error_message),
-+ evt_tag_int("error_code", rc));
- }
-+
- return (gpointer) self;
- }
-
-@@ -212,9 +211,7 @@
- RParserPCREState *self = (RParserPCREState *) s;
-
- if (self->re)
-- pcre_free(self->re);
-- if (self->extra)
-- pcre_free(self->extra);
-+ pcre2_code_free(self->re);
- g_free(self);
- }
-
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/packaging/debian/control syslog-ng-syslog-ng-4.2.0/packaging/debian/control
---- syslog-ng-syslog-ng-4.2.0.orig/packaging/debian/control 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/packaging/debian/control 2023-07-19 02:12:21.377815546 +0200
-@@ -21,7 +21,7 @@
- libbson-dev,
- libjson-c-dev | libjson0-dev,
- libwrap0-dev,
-- libpcre3-dev,
-+ libpcre2-dev,
- libcap-dev [linux-any],
- libsystemd-dev (>= 209) [linux-any],
- libhiredis-dev,
-diff -ur syslog-ng-syslog-ng-4.2.0.orig/packaging/rhel/syslog-ng.spec syslog-ng-syslog-ng-4.2.0/packaging/rhel/syslog-ng.spec
---- syslog-ng-syslog-ng-4.2.0.orig/packaging/rhel/syslog-ng.spec 2023-05-10 16:55:07.000000000 +0200
-+++ syslog-ng-syslog-ng-4.2.0/packaging/rhel/syslog-ng.spec 2023-07-19 02:12:21.378815560 +0200
-@@ -60,7 +60,7 @@
- BuildRequires: libdbi-devel
- BuildRequires: libnet-devel
- BuildRequires: openssl-devel
--BuildRequires: pcre-devel
-+BuildRequires: pcre2-devel
- BuildRequires: libuuid-devel
- BuildRequires: libesmtp-devel
- BuildRequires: libcurl-devel
--- /dev/null
+# Redirect freshclam logs to a separate log file
+
+destination d_ppp {
+ file("/var/log/ppp");
+};
+
+filter f_ppp {
+ program(pppd) or program(chat);
+};
+
+log {
+ source(s_sys);
+ filter(f_daemon);
+ filter(f_ppp);
+ destination(d_ppp);
+};
+++ /dev/null
-@version: 4.8
-#
-# Syslog-ng configuration for TLD Linux
-#
-# See syslog-ng(8) and syslog-ng.conf(5) for more information.
-#
-
-options {
- flush_lines(0);
- owner(root);
- group(logs);
- perm(0640);
- create_dirs(yes);
- dir_owner(root);
- dir_group(logs);
- dir_perm(0750);
- stats(freq(43200));
- time_reopen(10);
- time_reap(360);
- mark_freq(600);
- threaded(yes);
-};
-
-source s_sys {
- file ("/proc/kmsg" program_override("kernel"));
-
- unix-stream("/dev/log" max-connections(1000) log_iw_size(100000));
- internal();
-};
-
-destination d_mail { file("/var/log/maillog"); };
-destination d_messages { file("/var/log/messages"); };
-destination d_kern { file("/var/log/kernel"); };
-destination d_console_all { file("/dev/tty12"); };
-
-# if using systemd, an IP address instead of name may be required here
-#destination d_loghost { udp("loghost" port(514)); };
-
-filter f_kern { facility(kern); };
-filter f_mail { facility(mail); };
-
-log { source(s_sys); filter(f_kern); destination(d_kern); };
-log { source(s_sys); filter(f_mail); destination(d_mail); };
-
-# This is a catchall statement, and should catch all messages which were not
-# accepted any of the previous statements.
-# If using d_console_all or network logging, remove flags(fallback);
-log { source(s_sys); destination(d_messages); flags(fallback); };
-#log { source(s_sys); destination(d_messages); };
-
-# Log all messages to tty12
-#log { source(s_sys); destination(d_console_all); };
-
-# Network syslogging
-#log { source(s_sys); destination(d_loghost); };
-@version: 4.8
+@version: #VERSION#
@include "scl.conf"
#
# Syslog-ng configuration for TLD Linux
#
options {
- flush_lines(0);
- owner(root);
- group(logs);
- perm(0640);
- create_dirs(yes);
- dir_owner(root);
- dir_group(logs);
- dir_perm(0750);
- stats(freq(3600));
- time_reopen(10);
- time_reap(360);
- mark_freq(600);
- threaded(yes);
+ flush_lines(0);
+ owner(root);
+ group(logs);
+ perm(0640);
+ create_dirs(yes);
+ dir_owner(root);
+ dir_group(logs);
+ dir_perm(0750);
+ stats(freq(3600));
+ time_reopen(10);
+ time_reap(360);
+ mark_freq(600);
+ threaded(yes);
};
source s_sys {
- system();
- internal();
+ system();
+ internal();
};
-# uncomment the line below and change ip/port if you want to run syslog server
-#source s_net { udp(ip(192.168.1.100),port(514)); };
-
-# uncomment the line bellow if you want to send logs to syslog server
-#destination d_loghost { udp("loghost" port(514)); };
-
destination d_kern { file("/var/log/kernel"); };
destination d_messages { file("/var/log/messages"); };
destination d_authlog { file("/var/log/secure"); };
destination d_daemon { file("/var/log/daemon"); };
destination d_lpr { file("/var/log/lpr"); };
destination d_user { file("/var/log/user"); };
-destination d_ppp { file("/var/log/ppp"); };
destination d_ftp { file("/var/log/xferlog"); };
destination d_audit { file("/var/log/audit"); };
-destination d_freshclam { file("/var/log/freshclam.log"); };
-destination d_shorewall { file("/var/log/shorewall"); };
destination d_console { usertty("root"); };
destination d_xconsole { pipe("/dev/xconsole"); };
destination d_newscrit { file("/var/log/news/news.crit" owner(news) group(news)); };
destination d_newserr { file("/var/log/news/news.err" owner(news) group(news)); };
destination d_newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); };
-destination d_dhcp { file("/var/log/dhcp"); };
-
-# uncomment the line below if you want to run syslog server
-#destination d_from_net { file("/var/log/$HOST.log" owner(root) group(root) perm(0644) dir_perm(0700) create_dirs(yes)); };
# Filters for standard syslog(3) facilities
#filter f_audit { facility(audit); };
filter p_crit { level(crit); };
filter p_emergency { level(emerg); };
-# Additional filters for specific programs/use
-filter f_freshclam { program(freshclam); };
-filter f_ppp { program(pppd) or program(chat); };
-filter f_shorewall { facility(kern) and match("Shorewall:" value("MESSAGE")); };
-filter f_dhcp { program("dhcpd") or program("dnsmasq-dhcp"); };
-
-# uncomment the line below if you want to run syslog server
-#log { source(s_net); destination(d_from_net); flags(final); };
-
-# uncomment the line bellow if you want to send logs to syslog server
-#log { source(s_sys); destination(d_loghost); };
-
-# log shorewall to separate log file by default
-log { source(s_sys); filter(f_shorewall); destination(d_shorewall); flags(final); };
-
-# log dhcp daemons to separate log file by default
-log { source(s_sys); filter(f_dhcp); destination(d_dhcp); flags(final); };
+# Include custom configurations that should be loaded before the system default
+# log rules.
+@include "/etc/syslog-ng/pre.conf.d/*.conf"
log { source(s_sys); filter(f_authpriv); destination(d_authlog); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_local6); filter(f_freshclam); destination(d_freshclam); };
log { source(s_sys); filter(p_emergency); destination(d_console); };
-# This is a catchall statement, and should catch all messages which were not
-# accepted any of the previous statements.
+# Include custom configurations that should be loaded after the system default
+# log rules.
+@include "/etc/syslog-ng/post.conf.d/*.conf"
+
+# This is a catchall statement and should catch any messages that were not
+# accepted by any of the previous log statements.
log { source(s_sys); destination(d_messages); flags(fallback); };
-# TODO:
-# - switch to LTS version??? where???
-# - relies on libs in /usr which is wrong
-# (well, for modules bringing additional functionality it's acceptable IMO --q)
-# - package python module
+# NOTE: only core functionality is available without /usr;
+# some non-trivial extension modules rely in libraries/daemons existing in /usr.
#
# Conditional build:
%bcond_with dynamic # link dynamically with glib, eventlog, pcre (modules are always linked dynamically)
%bcond_without sql # support for logging to SQL DB
-%bcond_with tests # do not perform "make check"
+%bcond_without tests # do not perform "make check"
+%bcond_with bpf # loading eBPF programs support (generates some data from current kernel)
+%bcond_without grpc # support for GRPC protocols
%bcond_without http # support for HTTP destination
%bcond_without json # support for JSON template formatting
%bcond_without mongodb # support for mongodb destination
+%bcond_without mqtt # support for MQTT protocol
%bcond_without redis # support for Redis destination
%bcond_without smtp # support for logging into SMTP
%bcond_without geoip2 # support for GeoIP2
+%bcond_without kafka # support for Apache Kafka protocol
%bcond_without riemann # support for Riemann monitoring system
%bcond_without amqp # AMQP support
-%bcond_with python # python module
+%bcond_without python # python module
%bcond_with java # java modules and support
%bcond_without system_libivykis # use system libivykis
%bcond_without system_rabbitmq # use system librabbitmq
%endif
# as in git submodule
-%define libivykis_version 0.42.4
+%define libivykis_version 0.43.2
%define glib2_ver 1:2.32.0
%define mver 4.8
Summary(pl.UTF-8): Syslog-ng - systemowy demon logujący nowej generacji
Summary(pt_BR.UTF-8): Daemon de log nova geração
Name: syslog-ng
-Version: 4.8.0
-Release: 1
+Version: 4.8.1
+Release: 0.1
License: GPL v2+ with OpenSSL exception
Group: Daemons
-Source0: https://github.com/balabit/syslog-ng/archive/%{name}-%{version}.tar.gz
-# Source0-md5: 11711fb6c942ef52e89f114054854f54
+#Source0Download: https://github.com/syslog-ng/syslog-ng/releases
+Source0: https://github.com/syslog-ng/syslog-ng/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz
+# Source0-md5: 6a5852343f9a34449c3812b474728aa7
Source1: %{name}.init
Source2: %{name}.conf
Source3: %{name}.logrotate
-Source5: %{name}-simple.conf
-Source6: https://github.com/buytenh/ivykis/archive/v%{libivykis_version}/ivykis-%{libivykis_version}.tar.gz
-# Source6-md5: e09caeb95a01a541ec40d3b757dada12
+Source4: log_server.conf
+Source5: log_remote.conf
+Source6: dhcp.conf
+Source7: freshclam.conf
+Source8: iptables.conf
+Source9: ppp.conf
+%if 0
+# for git archives (release tarballs include ivykis)
+#Source10Download: https://github.com/buytenh/ivykis/releases
+#Source10: https://github.com/buytenh/ivykis/archive/v%{libivykis_version}/ivykis-%{libivykis_version}.tar.gz
+Source10: https://downloads.sourceforge.net/libivykis/ivykis-%{libivykis_version}.tar.gz
+# Source10-md5: df51c6d5c52bef1c82ea33eddc997792
+%endif
Patch0: %{name}-datadir.patch
-Patch1: %{name}-nolibs.patch
-Patch2: man-paths.patch
-Patch3: %{name}-link.patch
-Patch4: no_shared_ivykis.patch
-Patch5: bison.patch
-Patch6: shebang.patch
+Patch2: %{name}-nolibs.patch
+Patch4: man-paths.patch
+Patch5: %{name}-link.patch
+Patch6: no_shared_ivykis.patch
Patch7: 32bit.patch
-Patch8: glib-static.patch
+
+Patch9: glib-static.patch
URL: https://syslog-ng.org/
BuildRequires: autoconf >= 2.59
BuildRequires: automake
BuildRequires: bison >= 3.7.6
+%if %{with tests}
+BuildRequires: criterion-devel >= 2.3.3-5
+%endif
%{?with_http:BuildRequires: curl-devel}
-BuildRequires: docbook-style-xsl
-%{?with_tests:BuildRequires: findutils}
+BuildRequires: docbook-style-xsl-nons
+BuildRequires: eventlog-devel >= 0.2.12
BuildRequires: flex
BuildRequires: glib2-devel >= %{glib2_ver}
+%{?with_java:BuildRequires: gradle >= 3.4}
+%{?with_grpc:BuildRequires: grpc-devel >= 1.16.1}
%{?with_redis:BuildRequires: hiredis-devel >= 0.11.0}
%{?with_java:BuildRequires: jdk >= 1.8}
%{?with_json:BuildRequires: json-c-devel >= 0.13}
-%{?with_java:BuildRequires: gradle >= 3.4}
-%{?with_mongodb:BuildRequires: libbson-devel}
+# bpftool
+%{?with_bpf:BuildRequires: kernel-tools >= 4.15}
+%{?with_bpf:BuildRequires: libbpf-devel >= 1.0.1}
BuildRequires: libcap-devel
%{?with_sql:BuildRequires: libdbi-devel >= 0.9.0}
%{?with_smtp:BuildRequires: libesmtp-devel}
%{?with_system_libivykis:BuildRequires: libivykis-devel >= %{libivykis_version}}
-%{?with_mongodb:BuildRequires: mongo-c-driver-devel}
%{?with_geoip2:BuildRequires: libmaxminddb-devel}
BuildRequires: libnet-devel >= 1:1.1.2.1-3
-%{?with_java:BuildRequires: librdkafka-devel >= 1.1.0}
+%{?with_kafka:BuildRequires: librdkafka-devel >= 1.1.0}
BuildRequires: libtool >= 2:2.0
BuildRequires: libwrap-devel
BuildRequires: libxslt-progs
BuildRequires: lz4-devel >= r131-5
+%{?with_mongodb:BuildRequires: mongo-c-driver-devel >= 1.0.0}
+BuildRequires: net-snmp-devel
BuildRequires: openssl-devel >= 0.9.8
+%{?with_mqtt:BuildRequires: paho-mqtt-devel}
BuildRequires: pcre2-8-devel >= 10.0
BuildRequires: pkgconfig
+%{?with_grpc:BuildRequires: protobuf-devel >= 3.12.0}
%{?with_system_rabbitmq:BuildRequires: rabbitmq-c-devel >= 0.5.3}
%{?with_riemann:BuildRequires: riemann-c-client-devel >= 1.6.0}
BuildRequires: rpm >= 4.4.9-56
%if %{with tests}
BuildRequires: GeoIP-db-Country
BuildRequires: pylint
-BuildRequires: python
-BuildRequires: python-pep8
-BuildRequires: python-ply
+BuildRequires: python3
+%{?with_python:BuildRequires: python3-devel >= 1:3.2}
+BuildRequires: python3-pep8
+BuildRequires: python3-ply
+BuildRequires: python3-pytest-mock
BuildRequires: tzdata
%endif
%if %{without dynamic}
+BuildRequires: eventlog-static >= 0.2.12
BuildRequires: glib2-static >= %{glib2_ver}
%{?with_system_libivykis:BuildRequires: libivykis-static >= %{libivykis_version}}
BuildRequires: pcre-static >= 6.1
Requires(post,preun): /sbin/chkconfig
Requires: %{name}-libs = %{version}-%{release}
Requires: psmisc >= 20.1
-%{?with_system_rabbitmq:Requires: rabbitmq-c >= 0.0.1}
+%{?with_system_rabbitmq:Requires: rabbitmq-c >= 0.5.3}
Requires: rc-scripts >= 0.4.3.0
# for afsocket
Requires: libnet >= 1:1.1.2.1-7
+# for afsocket and dbparser
Requires: openssl >= 0.9.8
Provides: service(klogd)
Provides: service(syslog)
Provides: syslogdaemon
-Obsoletes: syslog-ng-module-afsocket
-Obsoletes: syslog-ng-module-dbparser
-Obsoletes: syslog-ng-module-tfgeoip
-Obsoletes: syslog-ng-systemd
+Obsoletes: syslog-ng-module-afsocket < 3.3.1-4
+Obsoletes: syslog-ng-module-dbparser < 3.3.1-4
+Obsoletes: syslog-ng-systemd < 3.3.4-3
Conflicts: klogd
Conflicts: msyslog
Conflicts: rsyslog
Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazie MongoDB
Group: Libraries
Requires: %{name} = %{version}-%{release}
-Requires: libmongo-client >= 0.1.8
+Requires: mongo-c-driver >= 1.0.0
%description module-afmongodb
MongoDB destination support module for syslog-ng.
Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazach SQL
Group: Libraries
Requires: %{name} = %{version}-%{release}
-Requires: libdbi >= 0.8.3-2
+Requires: libdbi >= 0.9.0
Requires: openssl >= 0.9.8
%description module-afsql
%description module-http -l pl.UTF-8
Moduł sysloga-ng do obsługi zapisu logów poprzez HTTP (via libcurl).
-%package module-java
-Summary: Java destination support module for syslog-ng
-Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów przy pomocy Java
+%package module-cloudauth
+Summary: Cloud Authentication support for syslog-ng: pubsub
+Summary(pl.UTF-8): Moduł sysloga-ng do uwierzytelniania chmurowego na potrzeby pubsub
Group: Libraries
Requires: %{name} = %{version}-%{release}
-Requires: librdkafka >= 1.1.0
-Requires: %{name}-module-json-plugin = %{version}-%{release}
-%description module-java
-Java destination support module for syslog-ng
+%description module-cloudauth
+Cloud Authentication support for syslog-ng, currently used for Google
+PubSub.
+
+%description module-cloudauth -l pl.UTF-8
+Moduł sysloga-ng do obsługi uwierzytelniania w chmurze, używany przez
+Google PubSub.
+
+%package module-grpc
+Summary: GRPC modules for syslog-ng: bigquery, loki, otel
+Summary(pl.UTF-8): Moduły GRPC dla sysloga-ng: bigquery, loki, otel
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description module-grpc
+GRPC protocols support for syslog-ng, currently: bigquery, loki and
+otel.
-%description module-java -l pl.UTF-8
-Moduł sysloga-ng do obsługi zapisu logów przy pomocy Java
+%description module-grpc -l pl.UTF-8
+Obsługa protokołów GRPC dla sysloga-ng, obecnie: bigquery, loki i
+otel.
%package module-json-plugin
Summary: JSON formatting template function for syslog-ng
Group: Libraries
Requires: %{name} = %{version}-%{release}
Requires: json-c >= 0.9
-Obsoletes: syslog-ng-module-tfjson
+Obsoletes: syslog-ng-module-tfjson < 3.4.2
%description module-json-plugin
JSON formatting template function for syslog-ng.
%description module-json-plugin -l pl.UTF-8
Moduł sysloga-ng do obsługi szablonów z formatowaniem JSON.
-%package module-python
-Summary: Python destination support module for syslog-ng
-Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów przy pomocy pythona
+%package module-kafka
+Summary: Apache Kafka destination support module for syslog-ng
+Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów poprzez protokół Apache Kafka
Group: Libraries
Requires: %{name} = %{version}-%{release}
-Requires: python3
+Requires: librdkafka >= 1.1.0
+
+%description module-kafka
+Apache Kafka destination support module for syslog-ng.
+
+%description module-kafka -l pl.UTF-8
+Moduł sysloga-ng do obsługi zapisu logów poprzez protokół Apache
+Kafka.
+
+%package module-mqtt
+Summary: MQTT protocol support module for syslog-ng
+Summary(pl.UTF-8): Moduł sysloga-ng do obsługi protokołu MQTT
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description module-mqtt
+MQTT protocol support module for syslog-ng.
+
+%description module-mqtt -l pl.UTF-8
+Moduł sysloga-ng do obsługi protokołu MQTT.
+
+%package module-python
+Summary: Python support module for syslog-ng
+Summary(pl.UTF-8): Moduł obsługi Pythona dla sysloga-ng
+Group: Librares
+Requires: %{name} = %{version}-%{release}
%description module-python
-Python destination support module for syslog-ng
+Python support module for syslog-ng.
%description module-python -l pl.UTF-8
-Moduł sysloga-ng do obsługi zapisu logów przy pomocy pythona
+Moduł obsługi Pythona dla sysloga-ng.
%package module-redis
Summary: Redis destination support module for syslog-ng
Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazie Redis
Group: Libraries
Requires: %{name} = %{version}-%{release}
+Requires: hiredis >= 0.11.0
%description module-redis
Redis destination support module for syslog-ng (via libhiredis).
Summary(pl.UTF-8): Biblioteka współdzielona sysloga-ng
Group: Libraries
%if %{with dynamic}
+Requires: eventlog >= 0.2.12
Requires: glib2 >= %{glib2_ver}
-%{?with_system_libivykis:Requires: libivykis >= 0.42}
Requires: pcre >= 6.1
%endif
+%{?with_system_libivykis:Requires: libivykis >= %{libivykis_version}}
Conflicts: syslog-ng < 3.3.1-3
%description libs
Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release}
%if %{with dynamic}
+Requires: eventlog-devel >= 0.2.12
Requires: glib2-devel >= %{glib2_ver}
-%{?with_system_libivykis:Requires: libivykis-devel >= 0.42}
Requires: pcre-devel >= 6.1
%endif
+%{?with_system_libivykis:Requires: libivykis-devel >= %{libivykis_version}}
%description devel
Header files for syslog-ng modules development.
%description devel -l pl.UTF-8
Pliki nagłówkowe do tworzenia modułów dla sysloga-ng.
+%package test-devel
+Summary: syslog-ng test library
+Summary(pl.UTF-8): Biblioteka testowa sysloga-ng
+Group: Development/Libraries
+Requires: %{name}-devel = %{version}-%{release}
+
+%description test-devel
+Test helper package for syslog-ng modules.
+
+%description test-devel -l pl.UTF-8
+Pakiet pomocniczy do testowania modułów sysloga-ng.
+
%prep
-%setup -q -n %{name}-%{name}-%{version} -a 6
+%if 1
+# release tarball
+%setup -q
+%else
+# git archive
+%setup -q -n %{name}-%{name}-%{version} -a 10
rmdir lib/ivykis
-mv ivykis-%{libivykis_version} lib/ivykis
-
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-cp -p %{SOURCE5} contrib/syslog-ng.conf.simple
+%{__mv} ivykis-%{libivykis_version} lib/ivykis
+%endif
+
+%patch -P0 -p1
+%patch -P2 -p1
+%patch -P4 -p1
+%patch -P5 -p1
+%patch -P6 -p1
+%patch -P7 -p1
+%patch -P9 -p1
%{__sed} -i -e 's|/usr/bin/awk|/bin/awk|' scl/syslogconf/convert-syslogconf.awk
+%{__sed} -i -e '1s,/usr/bin/env python3$,%{__python3},' lib/merge-grammar.py
%build
-%{__libtoolize}
-%{__aclocal} -I m4
-%{__autoconf}
-%{__autoheader}
-%{__automake}
+for i in . ; do
+cd $i
+ %{__libtoolize}
+ %{__aclocal} `[ -d m4 ] && echo '-I m4'`
+ %{__autoconf}
+ %{__autoheader}
+ %{__automake}
+cd -
+done
%configure \
+ PYTHON="%{__python3}" \
--sysconfdir=%{_sysconfdir}/syslog-ng \
--disable-silent-rules \
- --with-docbook=%{xsl_stylesheets_dir}/manpages/docbook.xsl \
- --enable-java%{!?with_java:=no} \
- --enable-java-modules%{!?with_java:=no} \
- --enable-python%{!?with_python:=no} \
-%if %{with mongodb}
- --enable-mongodb \
- --with-mongoc=system \
-%else
- --disable-mongodb \
-%endif
-%if %{with system_libivykis}
- --with-ivykis=system \
+ %{__enable_disable amqp} \
+%if %{with dynamic}
+ --enable-dynamic-linking \
%else
- --with-ivykis=internal \
+ --enable-mixed-linking \
%endif
- %{?with_system_rabbitmq:--with-librabbitmq-client=system} \
- --with-module-dir=%{moduledir} \
- --with-pidfile-dir=/var/run \
- --with-timezone-dir=%{_datadir}/zoneinfo \
- --with-python-packages=none \
- %{__enable_disable amqp} \
- --disable-cloud-auth \
+ --enable-ebpf%{!?with_bpf:=no} \
%{__enable_disable geoip2} \
+ --enable-grpc%{!?with_grpc:=no} \
--enable-http%{!?with_http:=no} \
--enable-ipv6 \
+ --enable-java%{!?with_java:=no} \
+ --enable-java-modules%{!?with_java:=no} \
--enable-json%{!?with_json:=no} \
- %{__enable_disable java kafka} \
--enable-linux-caps \
+ --enable-kafka%{!?with_kafka:=no} \
--enable-manpages \
+%if %{with mongodb}
+ --enable-mongodb \
+ --with-mongoc=system \
+%else
+ --disable-mongodb \
+%endif
+ --enable-mqtt%{!?with_mqtt:=no} \
--enable-pacct \
--enable-pcre \
+ --enable-python%{!?with_python:=no} \
--enable-redis%{!?with_redis:=no} \
--enable-riemann%{!?with_riemann:=no} \
--enable-smtp%{!?with_smtp:=no} \
--enable-spoof-source \
--enable-ssl \
- --disable-systemd \
+ --enable-systemd=no \
+ --with-systemd-journal=auto \
--enable-tcp-wrapper \
%if %{with sql}
--enable-sql \
%endif
-%if %{with dynamic}
- --enable-dynamic-linking
+ --with-default-modules=affile,afprog,afsocket,afuser,basicfuncs,csvparser,dbparser,syslogformat \
+ --with-docbook=%{xsl_stylesheets_dir}/manpages/docbook.xsl \
+%if %{with system_libivykis}
+ --with-ivykis=system \
%else
- --enable-mixed-linking
+ --with-ivykis=internal \
%endif
+ %{?with_system_rabbitmq:--with-librabbitmq-client=system} \
+ --with-module-dir=%{moduledir} \
+ --with-pidfile-dir=/var/run \
+ --with-python-packages=none \
+ --with-timezone-dir=%{_datadir}/zoneinfo
%{__make}
LD_LIBRARY_PATH=$(find $PWD -name '*.so*' -printf "%h:")
PYTHONPATH=$(pwd)/tests/functional
export LD_LIBRARY_PATH PYTHONPATH
-%{__make} check
+if ! %{__make} check; then
+ cat test-suite.log
+ exit 1
+fi
%endif
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{sysconfig,logrotate.d,rc.d/init.d} \
+install -d $RPM_BUILD_ROOT/etc/{syslog-ng/{pre,post}.conf.d,sysconfig,logrotate.d,rc.d/init.d} \
$RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/patterndb.d \
$RPM_BUILD_ROOT/var/{log,lib/%{name}/xsd}
%{__mv} $RPM_BUILD_ROOT%{_libdir}/libevtlog-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir}
ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libevtlog-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libevtlog.so
-%{__mv} $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so.* $RPM_BUILD_ROOT%{slibdir}
-ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsecret-storage.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so
-
%{__mv} $RPM_BUILD_ROOT%{_libdir}/libloggen_helper-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir}
ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libloggen_helper-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libloggen_helper.so
%{__mv} $RPM_BUILD_ROOT%{_libdir}/libloggen_plugin-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir}
ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libloggen_plugin-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libloggen_plugin.so
+
+%{__mv} $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so.* $RPM_BUILD_ROOT%{slibdir}
+ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsecret-storage.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so
%endif
%{__sed} -e 's|@@SBINDIR@@|%{_sbindir}|g' %{SOURCE1} > $RPM_BUILD_ROOT/etc/rc.d/init.d/syslog-ng
-cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf
+sed -e 's,#VERSION#,%{mver},' < %{SOURCE2} > $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf
cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/syslog-ng
-for n in cron daemon debug kernel lpr maillog messages secure shorewall spooler syslog user xferlog; do
+cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d
+cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d
+cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d
+cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/syslog-ng/post.conf.d
+cp -p %{SOURCE8} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d
+cp -p %{SOURCE9} $RPM_BUILD_ROOT/etc/syslog-ng/post.conf.d
+
+for n in cron daemon debug iptables kernel lpr maillog messages secure spooler syslog user xferlog; do
> $RPM_BUILD_ROOT/var/log/$n
done
touch $RPM_BUILD_ROOT/etc/sysconfig/%{name}
%{__rm} $RPM_BUILD_ROOT%{_sbindir}/syslog-ng-debun
%{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/syslog-ng-debun.1
+%{__rm} $RPM_BUILD_ROOT%{moduledir}/libexamples.so
%{__rm} $RPM_BUILD_ROOT%{_libdir}/*.la
%{__rm} $RPM_BUILD_ROOT%{moduledir}/*.la
%{__rm} $RPM_BUILD_ROOT%{moduledir}/loggen/*.la
-%if %{with python}
-%{__rm} -rf $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/python
-%else
-%{__rm} $RPM_BUILD_ROOT%{_bindir}/syslog-ng-update-virtualenv
-%endif
-
-%if !%{with java}
-%{__rm} -rf $RPM_BUILD_ROOT%{_datadir}/syslog-ng/include/scl/{elasticsearch,hdfs,kafka}
-%endif
-
%clean
rm -rf $RPM_BUILD_ROOT
sed -i -e "1 s#\(.*\)\$#@version: 3.0\n\1#g" /etc/syslog-ng/syslog-ng.conf
rm -f %{_var}/lib/%{name}/syslog-ng.persist
%service -q syslog-ng restart
-exit 0
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
+%post module-grpc -p /sbin/ldconfig
+%postun module-grpc -p /sbin/ldconfig
+
%files
%defattr(644,root,root,755)
%doc AUTHORS NEWS.md contrib/relogger.pl
-%doc contrib/syslog-ng.conf.{doc,simple,RedHat}
+%doc contrib/syslog-ng.conf.{doc,RedHat}
%doc contrib/{apparmor,selinux,syslog2ng}
%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}@default
%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng
%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/patterndb.d
+%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/pre.conf.d
+%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/post.conf.d
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/syslog-ng.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/dhcp.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/iptables.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/log_remote.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/log_server.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/post.conf.d/freshclam.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/post.conf.d/ppp.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/syslog-ng
%attr(754,root,root) /etc/rc.d/init.d/syslog-ng
%dir %{moduledir}
%attr(755,root,root) %{moduledir}/libcorrelation.so
%attr(755,root,root) %{moduledir}/libcryptofuncs.so
%attr(755,root,root) %{moduledir}/libcsvparser.so
+#%attr(755,root,root) %{moduledir}/libdbparser.so
%attr(755,root,root) %{moduledir}/libdisk-buffer.so
-%attr(755,root,root) %{moduledir}/libexamples.so
%if %{with geoip2}
%attr(755,root,root) %{moduledir}/libgeoip2-plugin.so
%endif
%attr(755,root,root) %{moduledir}/libhook-commands.so
%attr(755,root,root) %{moduledir}/libkvformat.so
%attr(755,root,root) %{moduledir}/liblinux-kmsg-format.so
-%attr(755,root,root) %{moduledir}/libmetrics-probe.so
-%dir %{moduledir}/loggen
-%attr(755,root,root) %{moduledir}/loggen/libloggen_socket_plugin.so
-%attr(755,root,root) %{moduledir}/loggen/libloggen_ssl_plugin.so
%attr(755,root,root) %{moduledir}/libmap-value-pairs.so
+%attr(755,root,root) %{moduledir}/libmetrics-probe.so
%attr(755,root,root) %{moduledir}/libpacctformat.so
%attr(755,root,root) %{moduledir}/libpseudofile.so
%attr(755,root,root) %{moduledir}/librate-limit-filter.so
%attr(755,root,root) %{moduledir}/libxml.so
%attr(755,root,root) %{moduledir}/libsyslogformat.so
%attr(755,root,root) %{moduledir}/libsystem-source.so
+%dir %{moduledir}/loggen
+%attr(755,root,root) %{moduledir}/loggen/libloggen_socket_plugin.so
+%attr(755,root,root) %{moduledir}/loggen/libloggen_ssl_plugin.so
%attr(755,root,root) %{_sbindir}/syslog-ng
%attr(755,root,root) %{_sbindir}/syslog-ng-ctl
%attr(755,root,root) %{_bindir}/dqtool
%attr(755,root,root) %{_bindir}/slogencrypt
%attr(755,root,root) %{_bindir}/slogkey
%attr(755,root,root) %{_bindir}/slogverify
-%attr(755,root,root) %{_bindir}/update-patterndb
-%if %{with python}
%attr(755,root,root) %{_bindir}/syslog-ng-update-virtualenv
-%endif
+%attr(755,root,root) %{_bindir}/update-patterndb
+%{_datadir}/syslog-ng/smart-multi-line.fsm
%dir %{_datadir}/syslog-ng/include
+%{_datadir}/syslog-ng/include/scl.conf
%dir %{_datadir}/syslog-ng/include/scl
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_datadir}/syslog-ng/include/scl.conf
%{_datadir}/syslog-ng/include/scl/apache
%{_datadir}/syslog-ng/include/scl/arr
%{_datadir}/syslog-ng/include/scl/checkpoint
%{_datadir}/syslog-ng/include/scl/cisco
+# R: basicfuncs
%{_datadir}/syslog-ng/include/scl/collectd
%{_datadir}/syslog-ng/include/scl/darwinosl
%{_datadir}/syslog-ng/include/scl/default-network-drivers
%{_datadir}/syslog-ng/include/scl/fortigate
%{_datadir}/syslog-ng/include/scl/graphite
+%{_datadir}/syslog-ng/include/scl/hdfs
+%{_datadir}/syslog-ng/include/scl/kafka
%{_datadir}/syslog-ng/include/scl/iptables
%{_datadir}/syslog-ng/include/scl/jellyfin
%{_datadir}/syslog-ng/include/scl/junos
%{_datadir}/syslog-ng/include/scl/linux-audit
-
%dir %{_datadir}/syslog-ng/include/scl/loadbalancer
%attr(755,root,root) %{_datadir}/syslog-ng/include/scl/loadbalancer/gen-loadbalancer.sh
%{_datadir}/syslog-ng/include/scl/loadbalancer/plugin.conf
-
+%{_datadir}/syslog-ng/include/scl/logscale
%{_datadir}/syslog-ng/include/scl/mariadb
%{_datadir}/syslog-ng/include/scl/mbox
%{_datadir}/syslog-ng/include/scl/nodejs
+%{_datadir}/syslog-ng/include/scl/openobserve
+%{_datadir}/syslog-ng/include/scl/opensearch
%{_datadir}/syslog-ng/include/scl/osquery
%{_datadir}/syslog-ng/include/scl/pacct
%{_datadir}/syslog-ng/include/scl/paloalto
%{_datadir}/syslog-ng/include/scl/rewrite
%{_datadir}/syslog-ng/include/scl/snmptrap
%{_datadir}/syslog-ng/include/scl/solaris
+%{_datadir}/syslog-ng/include/scl/splunk
%{_datadir}/syslog-ng/include/scl/sudo
+%{_datadir}/syslog-ng/include/scl/sumologic
%{_datadir}/syslog-ng/include/scl/websense
%{_datadir}/syslog-ng/include/scl/windowseventlog
%dir %{_datadir}/syslog-ng/include/scl/syslogconf
%attr(755,root,root) %{_datadir}/syslog-ng/include/scl/syslogconf/convert-syslogconf.awk
%{_datadir}/syslog-ng/include/scl/syslogconf/plugin.conf
%{_datadir}/syslog-ng/include/scl/system
-%{_datadir}/syslog-ng/smart-multi-line.fsm
%{_datadir}/syslog-ng/xsd
%dir %{_var}/lib/%{name}
%{_mandir}/man1/dqtool.1*
%{_mandir}/man1/loggen.1*
%{_mandir}/man1/pdbtool.1*
+%{_mandir}/man1/persist-tool.1*
%{_mandir}/man1/slogencrypt.1*
%{_mandir}/man1/slogkey.1*
%{_mandir}/man1/slogverify.1*
-%{_mandir}/man1/persist-tool.1*
-%{_mandir}/man7/secure-logging.7*
%{_mandir}/man1/syslog-ng-ctl.1*
%{_mandir}/man5/syslog-ng.conf.5*
+%{_mandir}/man7/secure-logging.7*
%{_mandir}/man8/syslog-ng.8*
%attr(640,root,logs) %ghost /var/log/cron
%attr(640,root,logs) %ghost /var/log/daemon
%attr(640,root,logs) %ghost /var/log/debug
+%attr(640,root,logs) %ghost /var/log/iptables
%attr(640,root,logs) %ghost /var/log/kernel
%attr(640,root,logs) %ghost /var/log/lpr
%attr(640,root,logs) %ghost /var/log/maillog
%attr(640,root,logs) %ghost /var/log/messages
%attr(640,root,logs) %ghost /var/log/secure
-%attr(640,root,logs) %ghost /var/log/shorewall
%attr(640,root,logs) %ghost /var/log/spooler
%attr(640,root,logs) %ghost /var/log/syslog
%attr(640,root,logs) %ghost /var/log/user
%{_datadir}/syslog-ng/include/scl/telegram
%endif
-%if %{with java}
-%files module-java
+%files module-cloudauth
%defattr(644,root,root,755)
-%attr(755,root,root) %{moduledir}/libkafka.so
-%attr(755,root,root) %{moduledir}/libmod-java.so
-%{moduledir}/java-modules
-%{_datadir}/syslog-ng/include/scl/elasticsearch
-%{_datadir}/syslog-ng/include/scl/hdfs
-%{_datadir}/syslog-ng/include/scl/kafka
-%endif
+%attr(755,root,root) %{moduledir}/libcloud_auth.so
+%{_datadir}/syslog-ng/include/scl/google/google-pubsub.conf
+
+%files module-grpc
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libgrpc-protos.so.*.*.*
+%ghost %{_libdir}/libgrpc-protos.so.0
+%{_libdir}/libgrpc-protos.so
+%attr(755,root,root) %{moduledir}/libbigquery.so
+%attr(755,root,root) %{moduledir}/libloki.so
+%attr(755,root,root) %{moduledir}/libotel.so
%if %{with json}
%files module-json-plugin
%defattr(644,root,root,755)
%attr(755,root,root) %{moduledir}/libjson-plugin.so
+# all below configs require json-plugin
%{_datadir}/syslog-ng/include/scl/cee
-%{_datadir}/syslog-ng/include/scl/cim
+# R: basicfuncs http json-plugin
%{_datadir}/syslog-ng/include/scl/discord
+%{_datadir}/syslog-ng/include/scl/cim
+# R: http json-plugin
+%{_datadir}/syslog-ng/include/scl/elasticsearch
%{_datadir}/syslog-ng/include/scl/ewmm
-%{_datadir}/syslog-ng/include/scl/google
%{_datadir}/syslog-ng/include/scl/graylog2
%{_datadir}/syslog-ng/include/scl/loggly
%{_datadir}/syslog-ng/include/scl/logmatic
-%{_datadir}/syslog-ng/include/scl/logscale
%{_datadir}/syslog-ng/include/scl/netskope
-%{_datadir}/syslog-ng/include/scl/openobserve
-%{_datadir}/syslog-ng/include/scl/opensearch
+# R: basicfuncs http json-plugin
%{_datadir}/syslog-ng/include/scl/slack
-%{_datadir}/syslog-ng/include/scl/splunk
-%{_datadir}/syslog-ng/include/scl/sumologic
+%endif
+
+%if %{with kafka}
+%files module-kafka
+%defattr(644,root,root,755)
+%attr(755,root,root) %{moduledir}/libkafka.so
+%endif
+
+%if %{with mqtt}
+%files module-mqtt
+%defattr(644,root,root,755)
+%attr(755,root,root) %{moduledir}/libmqtt.so
%endif
%if %{with python}
%attr(755,root,root) %{_libdir}/libsecret-storage.so
%attr(755,root,root) %{_libdir}/libsyslog-ng.so
%{_libdir}/libsyslog-ng-native-connector.a
-%dir %{_includedir}/syslog-ng
-%{_includedir}/syslog-ng/*.h
-%{_includedir}/syslog-ng/ack-tracker
-%{_includedir}/syslog-ng/compat
-%{_includedir}/syslog-ng/control
-%{_includedir}/syslog-ng/debugger
-%{_includedir}/syslog-ng/filter
-%{_includedir}/syslog-ng/filterx
-%{_includedir}/syslog-ng/healthcheck
-%if %{without system_libivykis}
-%{_includedir}/syslog-ng/ivykis
-%endif
-%{_includedir}/syslog-ng/logmsg
-%{_includedir}/syslog-ng/logproto
-%{_includedir}/syslog-ng/logthrdest
-%{_includedir}/syslog-ng/logthrsource
-%{_includedir}/syslog-ng/metrics
-%{_includedir}/syslog-ng/modules
-%{_includedir}/syslog-ng/multi-line
-%{_includedir}/syslog-ng/parser
-%{_includedir}/syslog-ng/rewrite
-%{_includedir}/syslog-ng/scanner
-%{_includedir}/syslog-ng/signal-slot-connector
-%{_includedir}/syslog-ng/stats
-%{_includedir}/syslog-ng/str-repr
-%{_includedir}/syslog-ng/template
-%{_includedir}/syslog-ng/timeutils
-%{_includedir}/syslog-ng/transport
-%{_includedir}/syslog-ng/value-pairs
+%{_includedir}/syslog-ng
+%exclude %{_includedir}/syslog-ng/libtest
%{_datadir}/syslog-ng/tools
%{_pkgconfigdir}/syslog-ng.pc
%{_pkgconfigdir}/syslog-ng-native-connector.pc
+
+%if %{with tests}
+%files test-devel
+%defattr(644,root,root,755)
+%if "%{_libdir}/syslog-ng" != "{moduledir}"
+%dir %{_libdir}/syslog-ng
+%endif
+%dir %{_libdir}/syslog-ng/libtest
+%{_libdir}/syslog-ng/libtest/libsyslog-ng-test.a
+%{_includedir}/syslog-ng/libtest
+%{_pkgconfigdir}/syslog-ng-test.pc
+%endif
TLD / packages / syslog-ng.git / commitdiff