From 6b68838efa128db7610a6b91edafb1e1da7dfe9d Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Mon, 21 Apr 2025 18:37:19 +0200 Subject: [PATCH] - updated to 4.8.1, partial PLD merge, introduced {pre,post}.conf.d --- dhcp.conf | 16 + freshclam.conf | 16 + iptables.conf | 16 + log_remote.conf | 11 + log_server.conf | 16 + pcre2.patch | 992 ------------------------------------------ ppp.conf | 16 + syslog-ng-simple.conf | 55 --- syslog-ng.conf | 73 ++-- syslog-ng.spec | 460 ++++++++++++-------- 10 files changed, 398 insertions(+), 1273 deletions(-) create mode 100644 dhcp.conf create mode 100644 freshclam.conf create mode 100644 iptables.conf create mode 100644 log_remote.conf create mode 100644 log_server.conf delete mode 100644 pcre2.patch create mode 100644 ppp.conf delete mode 100644 syslog-ng-simple.conf diff --git a/dhcp.conf b/dhcp.conf new file mode 100644 index 0000000..0e786e9 --- /dev/null +++ b/dhcp.conf @@ -0,0 +1,16 @@ +# Log DHCP requests to a separate log file + +destination d_dhcp { + file("/var/log/dhcp"); +}; + +filter f_dhcp { + program("dhcpd") or program("dnsmasq-dhcp"); +}; + +log { + source(s_sys); + filter(f_dhcp); + destination(d_dhcp); + flags(final); +}; diff --git a/freshclam.conf b/freshclam.conf new file mode 100644 index 0000000..2daf4bc --- /dev/null +++ b/freshclam.conf @@ -0,0 +1,16 @@ +# Redirect freshclam logs to a separate log file + +destination d_freshclam { + file("/var/log/freshclam.log"); +}; + +filter f_freshclam { + program(freshclam); +}; + +log { + source(s_sys); + filter(f_local6); + filter(f_freshclam); + destination(d_freshclam); +}; diff --git a/iptables.conf b/iptables.conf new file mode 100644 index 0000000..5bf2ee8 --- /dev/null +++ b/iptables.conf @@ -0,0 +1,16 @@ +# Redirect iptables logs to a separate log file + +destination d_iptables { + file("/var/log/iptables"); +}; + +filter f_iptables { + facility(kern) and match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE")); +}; + +log { + source(s_sys); + filter(f_iptables); + destination(d_iptables); + flags(final); +}; diff --git a/log_remote.conf b/log_remote.conf new file mode 100644 index 0000000..9685924 --- /dev/null +++ b/log_remote.conf @@ -0,0 +1,11 @@ +# Uncomment the following configuration if you want to send logs to a remote +# syslog server at the specified IP address and port + +#destination d_loghost { +# udp("192.168.1.100" port(514)); +#}; + +#log { +# source(s_sys); +# destination(d_loghost); +#}; diff --git a/log_server.conf b/log_server.conf new file mode 100644 index 0000000..dfab900 --- /dev/null +++ b/log_server.conf @@ -0,0 +1,16 @@ +# Uncomment the following configuration if you want to run a syslog server +# listening on a given IP address and port + +#source s_net { +# udp(ip(192.168.1.100), port(514)); +#}; + +#destination d_from_net { +# file("/var/log/network/$HOST.log" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); +#}; + +#log { +# source(s_net); +# destination(d_from_net); +# flags(final); +#}; diff --git a/pcre2.patch b/pcre2.patch deleted file mode 100644 index 8f1aa79..0000000 --- a/pcre2.patch +++ /dev/null @@ -1,992 +0,0 @@ -diff -ur syslog-ng-syslog-ng-4.2.0.orig/CMakeLists.txt syslog-ng-syslog-ng-4.2.0/CMakeLists.txt ---- syslog-ng-syslog-ng-4.2.0.orig/CMakeLists.txt 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/CMakeLists.txt 2023-07-19 02:12:21.375815517 +0200 -@@ -272,7 +272,7 @@ - include(openssl_functions) - openssl_set_defines() - --pkg_check_modules(LIBPCRE REQUIRED libpcre) -+pkg_check_modules(LIBPCRE REQUIRED libpcre2-8) - - if (WRAP_FOUND) - set(SYSLOG_NG_ENABLE_TCP_WRAPPER 1) -diff -ur syslog-ng-syslog-ng-4.2.0.orig/configure.ac syslog-ng-syslog-ng-4.2.0/configure.ac ---- syslog-ng-syslog-ng-4.2.0.orig/configure.ac 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/configure.ac 2023-07-19 02:12:21.375815517 +0200 -@@ -48,7 +48,7 @@ - IVYKIS_MIN_VERSION="0.36.1" - IVYKIS_UPDATED_VERSION="0.39" - JSON_C_MIN_VERSION="0.9" --PCRE_MIN_VERSION="6.1" -+PCRE2_MIN_VERSION="10.0" - LMC_MIN_VERSION="1.0.0" - LRMQ_MIN_VERSION="0.0.1" - LRC_MIN_VERSION="1.6.0" -@@ -1046,9 +1046,10 @@ - LIBS="$old_LIBS" - fi - --PKG_CHECK_MODULES(PCRE, libpcre >= $PCRE_MIN_VERSION,, PCRE_LIBS="") --if test -z "$PCRE_LIBS"; then -- AC_MSG_ERROR(Cannot find pcre version >= $PCRE_MIN_VERSION it is a hard dependency from syslog-ng 3.6 onwards) -+PKG_CHECK_MODULES(PCRE2, libpcre2-8 >= $PCRE2_MIN_VERSION,, PCRE2_LIBS="") -+ -+if test test -z "$PCRE2_LIBS"; then -+ AC_MSG_ERROR(Cannot find pcre2 version >= $PCRE2_MIN_VERSION which is a hard dependency from syslog-ng 3.6 onwards) - fi - - dnl *************************************************************************** -@@ -1846,7 +1847,7 @@ - python_moduledir="$moduledir"/python - python_sysconf_moduledir="${sysconfdir}/python" - --CPPFLAGS="$CPPFLAGS $GLIB_CFLAGS $EVTLOG_CFLAGS $PCRE_CFLAGS $OPENSSL_CFLAGS $LIBNET_CFLAGS $LIBDBI_CFLAGS $IVYKIS_CFLAGS $LIBCAP_CFLAGS -D_GNU_SOURCE -D_DEFAULT_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" -+CPPFLAGS="$CPPFLAGS $GLIB_CFLAGS $EVTLOG_CFLAGS $PCRE2_CFLAGS $OPENSSL_CFLAGS $LIBNET_CFLAGS $LIBDBI_CFLAGS $IVYKIS_CFLAGS $LIBCAP_CFLAGS -D_GNU_SOURCE -D_DEFAULT_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" - - ######################################################## - ## NOTES: on how syslog-ng is linked -@@ -1894,7 +1895,7 @@ - MODULE_DEPS_LIBS="\$(top_builddir)/lib/libsyslog-ng.la" - - if test "x$linking_mode" = "xdynamic"; then -- SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE_LIBS $REGEX_LIBS $DL_LIBS" -+ SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE2_LIBS $REGEX_LIBS $DL_LIBS" - - if test "x$with_ivykis" = "xinternal"; then - # when using the internal ivykis, we're linking it statically into libsyslog-ng.so -@@ -1913,8 +1914,8 @@ - # syslog-ng binary is linked with the default link command (e.g. libtool) - SYSLOGNG_LINK='$(LINK)' - else -- SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $RESOLV_LIBS $EVTLOG_NO_LIBTOOL_LIBS $SECRETSTORAGE_NO_LIBTOOL_LIBS $LD_START_STATIC -Wl,${WHOLE_ARCHIVE_OPT} $GLIB_LIBS $PCRE_LIBS $REGEX_LIBS -Wl,${NO_WHOLE_ARCHIVE_OPT} $IVYKIS_NO_LIBTOOL_LIBS $LD_END_STATIC $LIBCAP_LIBS $DL_LIBS" -- TOOL_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE_LIBS $REGEX_LIBS $IVYKIS_LIBS $DL_LIBS" -+ SYSLOGNG_DEPS_LIBS="$LIBS $BASE_LIBS $RESOLV_LIBS $EVTLOG_NO_LIBTOOL_LIBS $SECRETSTORAGE_NO_LIBTOOL_LIBS $LD_START_STATIC -Wl,${WHOLE_ARCHIVE_OPT} $GLIB_LIBS $PCRE2_LIBS $REGEX_LIBS -Wl,${NO_WHOLE_ARCHIVE_OPT} $IVYKIS_NO_LIBTOOL_LIBS $LD_END_STATIC $LIBCAP_LIBS $DL_LIBS" -+ TOOL_DEPS_LIBS="$LIBS $BASE_LIBS $GLIB_LIBS $EVTLOG_LIBS $SECRETSTORAGE_LIBS $RESOLV_LIBS $LIBCAP_LIBS $PCRE2_LIBS $REGEX_LIBS $IVYKIS_LIBS $DL_LIBS" - CORE_DEPS_LIBS="" - - # bypass libtool in case we want to do mixed linking because it -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/compat/pcre.h syslog-ng-syslog-ng-4.2.0/lib/compat/pcre.h ---- syslog-ng-syslog-ng-4.2.0.orig/lib/compat/pcre.h 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/compat/pcre.h 2023-07-19 02:12:21.376815531 +0200 -@@ -26,18 +26,8 @@ - #define COMPAT_PCRE_H_INCLUDED - - #include "compat/compat.h" --#include - --#ifndef PCRE_CONFIG_JIT --#define pcre_free_study pcre_free --#endif -- --#ifndef PCRE_STUDY_JIT_COMPILE --#define PCRE_STUDY_JIT_COMPILE 0 --#endif -- --#ifndef PCRE_NEWLINE_ANYCRLF --#define PCRE_NEWLINE_ANYCRLF 0 --#endif -+#define PCRE2_CODE_UNIT_WIDTH 8 -+#include - - #endif /* COMPAT_PCRE_H_INCLUDED */ -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/filter/tests/test_filters_regexp.c syslog-ng-syslog-ng-4.2.0/lib/filter/tests/test_filters_regexp.c ---- syslog-ng-syslog-ng-4.2.0.orig/lib/filter/tests/test_filters_regexp.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/filter/tests/test_filters_regexp.c 2023-07-19 02:12:21.376815531 +0200 -@@ -53,12 +53,6 @@ - const gchar *value; - } FilterParamRegexp; - --static gboolean --check_pcre_version_is_atleast(const gchar *version) --{ -- return strncmp(pcre_version(), version, strlen(version)) >= 0; --} -- - Test(filter, create_pcre_regexp_filter) - { - cr_assert_eq(create_pcre_regexp_filter(LM_V_PROGRAM, "((", 0), NULL); -@@ -70,8 +64,7 @@ - cr_assert_eq(create_pcre_regexp_filter(LM_V_HOST, "(?iana", 0), NULL); - cr_assert_eq(create_pcre_regexp_match("((", 0), NULL); - cr_assert_eq(create_pcre_regexp_match("(?Pa)", 0), NULL); // Begins with a digit -+ cr_assert_eq(create_pcre_regexp_match("(?P<1>a)", 0), NULL); // Begins with a digit - cr_assert_eq(create_pcre_regexp_match("(?Pa)", 0), NULL); // Begins with an illegal char - cr_assert_eq(create_pcre_regexp_match("(?Pa)", 0), NULL); // Ends with an illegal char - cr_assert_eq(create_pcre_regexp_match("\\1", 0), NULL); // Backreference -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/logmatcher.c syslog-ng-syslog-ng-4.2.0/lib/logmatcher.c ---- syslog-ng-syslog-ng-4.2.0.orig/lib/logmatcher.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/logmatcher.c 2023-07-19 02:12:21.376815531 +0200 -@@ -281,87 +281,82 @@ - typedef struct _LogMatcherPcreRe - { - LogMatcher super; -- pcre *pattern; -- pcre_extra *extra; -+ pcre2_code *pattern; - gint match_options; - gchar *nv_prefix; - gint nv_prefix_len; - } LogMatcherPcreRe; - - static gboolean --_compile_pcre_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error) -+_compile_pcre2_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error) - { - gint rc; -- const gchar *errptr; -- gint erroffset; - gint flags = 0; - - g_return_val_if_fail(error == NULL || *error == NULL, FALSE); - - if (self->super.flags & LMF_ICASE) -- flags |= PCRE_CASELESS; -+ flags |= PCRE2_CASELESS; - - if (self->super.flags & LMF_NEWLINE) - { -- if (!PCRE_NEWLINE_ANYCRLF) -+ if (!PCRE2_NEWLINE_ANYCRLF) - msg_warning("syslog-ng was compiled against an old PCRE which doesn't support the 'newline' flag"); -- flags |= PCRE_NEWLINE_ANYCRLF; -+ flags |= PCRE2_NEWLINE_ANYCRLF; - } - if (self->super.flags & LMF_UTF8) - { - gint support; -- flags |= PCRE_UTF8 | PCRE_NO_UTF8_CHECK; -- self->match_options |= PCRE_NO_UTF8_CHECK; -+ flags |= PCRE2_UTF | PCRE2_NO_UTF_CHECK; -+ self->match_options |= PCRE2_NO_UTF_CHECK; - -- pcre_config(PCRE_CONFIG_UTF8, &support); -+ pcre2_config(PCRE2_CONFIG_UNICODE, &support); - if (!support) - { -- g_set_error(error, LOG_TEMPLATE_ERROR, 0, "PCRE library is compiled without UTF8 support and utf8 flag was present"); -+ g_set_error(error, LOG_TEMPLATE_ERROR, 0, "PCRE library is compiled without unicode support and utf8 flag was present"); - return FALSE; - } - -- pcre_config(PCRE_CONFIG_UNICODE_PROPERTIES, &support); -- if (!support) -- { -- g_set_error(error, LOG_TEMPLATE_ERROR, 0, -- "PCRE library is compiled without UTF8 properties support and utf8 flag was present"); -- return FALSE; -- } - } - if (self->super.flags & LMF_DUPNAMES) - { -- if (!PCRE_DUPNAMES) -+ if (!PCRE2_DUPNAMES) - msg_warning("syslog-ng was compiled against an old PCRE which doesn't support the 'dupnames' flag"); -- flags |= PCRE_DUPNAMES; -+ flags |= PCRE2_DUPNAMES; - } - - /* compile the regexp */ -- self->pattern = pcre_compile2(re, flags, &rc, &errptr, &erroffset, NULL); -+ PCRE2_SIZE error_offset; -+ -+ self->pattern = pcre2_compile((PCRE2_SPTR) re, PCRE2_ZERO_TERMINATED, flags, &rc, &error_offset, NULL); - if (!self->pattern) - { -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); - g_set_error(error, LOG_TEMPLATE_ERROR, 0, "Failed to compile PCRE expression >>>%s<<< `%s' at character %d", -- re, errptr, erroffset); -+ re, error_message, (gint) error_offset); - return FALSE; - } - return TRUE; - } - - static gboolean --_study_pcre_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error) -+_jit_pcre2_regexp(LogMatcherPcreRe *self, const gchar *re, GError **error) - { -- const gchar *errptr; -- gint options = 0; -- -- if ((self->super.flags & LMF_DISABLE_JIT) == 0) -- options |= PCRE_STUDY_JIT_COMPILE; -+ if ((self->super.flags & LMF_DISABLE_JIT)) -+ return TRUE; - - /* optimize regexp */ -- self->extra = pcre_study(self->pattern, options, &errptr); -- if (errptr != NULL) -+ gint rc = pcre2_jit_compile(self->pattern, PCRE2_JIT_COMPLETE); -+ if (rc < 0) - { -- g_set_error(error, LOG_TEMPLATE_ERROR, 0, "Failed to optimize regular expression >>>%s<<< `%s'", -- re, errptr); -- return FALSE; -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ msg_warning("Failed to JIT compile regular expression, you might want to use flags(disable-jit)", -+ evt_tag_str("regexp", re), -+ evt_tag_str("error", (gchar *) error_message)); - } - return TRUE; - } -@@ -374,10 +369,10 @@ - g_return_val_if_fail(error == NULL || *error == NULL, FALSE); - log_matcher_store_pattern(s, re); - -- if (!_compile_pcre_regexp(self, re, error)) -+ if (!_compile_pcre2_regexp(self, re, error)) - return FALSE; - -- if (!_study_pcre_regexp(self, re, error)) -+ if (!_jit_pcre2_regexp(self, re, error)) - return FALSE; - - return TRUE; -@@ -388,8 +383,7 @@ - NVHandle source_handle; - const gchar *source_value; - gssize source_value_len; -- gint *matches; -- gint num_matches; -+ pcre2_match_data *match_data; - } LogMatcherPcreMatchResult; - - static inline void -@@ -434,11 +428,13 @@ - log_matcher_pcre_re_feed_backrefs(LogMatcherPcreRe *self, LogMessage *msg, LogMatcherPcreMatchResult *result) - { - gint i; -+ guint32 num_matches = pcre2_get_ovector_count(result->match_data); -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result->match_data); - -- for (i = 0; i < (LOGMSG_MAX_MATCHES) && i < result->num_matches; i++) -+ for (i = 0; i < (LOGMSG_MAX_MATCHES) && i < num_matches; i++) - { -- gint begin_index = result->matches[2 * i]; -- gint end_index = result->matches[2 * i + 1]; -+ gint begin_index = matches[2 * i]; -+ gint end_index = matches[2 * i + 1]; - - if (begin_index < 0 || end_index < 0) - continue; -@@ -446,11 +442,11 @@ - log_matcher_pcre_re_feed_value(self, msg, log_msg_get_match_handle(i), result, begin_index, end_index); - } - if (log_msg_is_handle_match(result->source_handle) && -- log_msg_get_match_index(result->source_handle) >= result->num_matches) -+ log_msg_get_match_index(result->source_handle) >= num_matches) - { - log_matcher_pcre_re_save_source_value_to_avoid_clobbering(result); - } -- log_msg_truncate_matches(msg, result->num_matches); -+ log_msg_truncate_matches(msg, num_matches); - } - - static void -@@ -458,18 +454,20 @@ - { - gchar *name_table = NULL; - gint i = 0; -- gint namecount = 0; -- gint name_entry_size = 0; -+ guint32 namecount = 0; -+ guint32 name_entry_size = 0; - -- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMECOUNT, &namecount); -+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMECOUNT, &namecount); - if (namecount > 0) - { -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result->match_data); -+ - gchar *tabptr; - /* Before we can access the substrings, we must extract the table for - translating names to numbers, and the size of each entry in the table. - */ -- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMETABLE, &name_table); -- pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_NAMEENTRYSIZE, &name_entry_size); -+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMETABLE, &name_table); -+ pcre2_pattern_info(self->pattern, PCRE2_INFO_NAMEENTRYSIZE, &name_entry_size); - /* Now we can scan the table and, for each entry, print the number, the name, - and the substring itself. - */ -@@ -480,8 +478,8 @@ - for (i = 0; i < namecount; i++, tabptr += name_entry_size) - { - int n = (tabptr[0] << 8) | tabptr[1]; -- gint begin_index = result->matches[2 * n]; -- gint end_index = result->matches[2 * n + 1]; -+ gint begin_index = matches[2 * n]; -+ gint end_index = matches[2 * n + 1]; - const gchar *namedgroup_name = tabptr + 2; - - if (begin_index < 0 || end_index < 0) -@@ -502,30 +500,28 @@ - LogMatcherPcreRe *self = (LogMatcherPcreRe *) s; - LogMatcherPcreMatchResult result; - gint rc; -+ gboolean res = TRUE; - - if (value_len == -1) - value_len = strlen(value); - -- if (pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_CAPTURECOUNT, &result.num_matches) < 0) -- g_assert_not_reached(); -- if (result.num_matches > LOGMSG_MAX_MATCHES) -- result.num_matches = LOGMSG_MAX_MATCHES; -- -- gsize matches_size = 3 * (result.num_matches + 1); -- result.matches = g_alloca(matches_size * sizeof(gint)); -+ result.match_data = pcre2_match_data_create_from_pattern(self->pattern, NULL); - result.source_value = value; - result.source_value_len = value_len; - result.source_handle = value_handle; - -- rc = pcre_exec(self->pattern, self->extra, -- result.source_value, result.source_value_len, -- 0, self->match_options, -- result.matches, matches_size); -+ rc = pcre2_match(self->pattern, -+ (PCRE2_SPTR) result.source_value, -+ (PCRE2_SIZE) result.source_value_len, -+ (PCRE2_SIZE) 0, -+ self->match_options, -+ result.match_data, -+ NULL); - if (rc < 0) - { - switch (rc) - { -- case PCRE_ERROR_NOMATCH: -+ case PCRE2_ERROR_NOMATCH: - break; - - default: -@@ -534,22 +530,22 @@ - evt_tag_int("error_code", rc)); - break; - } -- return FALSE; -+ res = FALSE; - } -- if (rc == 0) -+ else if (rc == 0) - { -- msg_error("Error while storing matching substrings"); -+ msg_error("Error while storing matching substrings, more than 256 capture groups encountered"); - } - else - { -- result.num_matches = rc; - if ((s->flags & LMF_STORE_MATCHES)) - { - log_matcher_pcre_re_feed_backrefs(self, msg, &result); - log_matcher_pcre_re_feed_named_substrings(self, msg, &result); - } - } -- return TRUE; -+ pcre2_match_data_free(result.match_data); -+ return res; - } - - static gchar * -@@ -559,24 +555,19 @@ - LogMatcherPcreRe *self = (LogMatcherPcreRe *) s; - LogMatcherPcreMatchResult result; - GString *new_value = NULL; -- gsize matches_size; - gint rc; - gint start_offset, last_offset; - gint options; - gboolean last_match_was_empty; - -- if (pcre_fullinfo(self->pattern, self->extra, PCRE_INFO_CAPTURECOUNT, &result.num_matches) < 0) -- g_assert_not_reached(); -- if (result.num_matches > LOGMSG_MAX_MATCHES) -- result.num_matches = LOGMSG_MAX_MATCHES; -+ result.match_data = pcre2_match_data_create_from_pattern(self->pattern, NULL); -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(result.match_data); - -- matches_size = 3 * (result.num_matches + 1); -- result.matches = g_alloca(matches_size * sizeof(gint)); - - /* we need zero initialized offsets for the last match as the - * algorithm tries uses that as the base position */ - -- result.matches[0] = result.matches[1] = result.matches[2] = 0; -+ matches[0] = matches[1] = 0; - - if (value_len == -1) - value_len = strlen(value); -@@ -596,7 +587,7 @@ - * advanced). - * - * A zero-length match can be as simple as "a*" which will be -- * returned unless PCRE_NOTEMPTY is specified. -+ * returned unless PCRE2_NOTEMPTY is specified. - * - * By supporting zero-length matches, we basically make it - * possible to insert replacement between each incoming -@@ -617,17 +608,21 @@ - * to see if a non-empty match can be found. - */ - -- options = PCRE_NOTEMPTY | PCRE_ANCHORED; -+ options = PCRE2_NOTEMPTY | PCRE2_ANCHORED; - } - else - { - options = 0; - } - -- rc = pcre_exec(self->pattern, self->extra, -- result.source_value, result.source_value_len, -- start_offset, (self->match_options | options), result.matches, matches_size); -- if (rc < 0 && rc != PCRE_ERROR_NOMATCH) -+ rc = pcre2_match(self->pattern, -+ (PCRE2_SPTR) result.source_value, -+ (PCRE2_SIZE) result.source_value_len, -+ start_offset, -+ (self->match_options | options), -+ result.match_data, -+ NULL); -+ if (rc < 0 && rc != PCRE2_ERROR_NOMATCH) - { - msg_error("Error while matching regexp", - evt_tag_int("error_code", rc)); -@@ -635,7 +630,7 @@ - } - else if (rc < 0) - { -- if ((options & PCRE_NOTEMPTY) == 0) -+ if ((options & PCRE2_NOTEMPTY) == 0) - { - /* we didn't match, even when we permitted to match the - * empty string. Nothing to find here, bail out */ -@@ -651,31 +646,31 @@ - last_match_was_empty = FALSE; - continue; - } -+ else if (rc == 0) -+ { -+ msg_error("Error while storing matching substrings, more than 256 capture groups encountered"); -+ break; -+ } - else - { -- /* if the output array was too small, truncate the number of -- captures to LOGMSG_MAX_MATCHES */ -- -- if (rc == 0) -- rc = matches_size / 3; -- -- result.num_matches = rc; - log_matcher_pcre_re_feed_backrefs(self, msg, &result); - log_matcher_pcre_re_feed_named_substrings(self, msg, &result); - - if (!new_value) - new_value = g_string_sized_new(result.source_value_len); - /* append non-matching portion */ -- g_string_append_len(new_value, &result.source_value[last_offset], result.matches[0] - last_offset); -+ g_string_append_len(new_value, &result.source_value[last_offset], matches[0] - last_offset); - /* replacement */ - log_template_append_format(replacement, msg, &DEFAULT_TEMPLATE_EVAL_OPTIONS, new_value); - -- last_match_was_empty = (result.matches[0] == result.matches[1]); -- start_offset = last_offset = result.matches[1]; -+ last_match_was_empty = (matches[0] == matches[1]); -+ start_offset = last_offset = matches[1]; - } - } - while (self->super.flags & LMF_GLOBAL && start_offset < result.source_value_len); - -+ pcre2_match_data_free(result.match_data); -+ - if (new_value) - { - /* append the last literal */ -@@ -691,8 +686,7 @@ - log_matcher_pcre_re_free(LogMatcher *s) - { - LogMatcherPcreRe *self = (LogMatcherPcreRe *) s; -- pcre_free_study(self->extra); -- pcre_free(self->pattern); -+ pcre2_code_free(self->pattern); - log_matcher_free_method(s); - } - -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.c syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.c ---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.c 2023-07-19 02:12:21.376815531 +0200 -@@ -22,69 +22,105 @@ - * COPYING for details. - */ - #include "multi-line/multi-line-pattern.h" -+#include "messages.h" - - MultiLinePattern * - multi_line_pattern_compile(const gchar *regexp, GError **error) - { - MultiLinePattern *self = g_new0(MultiLinePattern, 1); -- gint optflags = 0; - gint rc; -- const gchar *errptr; -- gint erroffset; -+ PCRE2_SIZE erroffset; - - g_return_val_if_fail(error == NULL || *error == NULL, FALSE); - self->ref_cnt = 1; - - /* compile the regexp */ -- self->pattern = pcre_compile2(regexp, 0, &rc, &errptr, &erroffset, NULL); -+ self->pattern = pcre2_compile((PCRE2_SPTR) regexp, PCRE2_ZERO_TERMINATED, 0, &rc, &erroffset, NULL); - if (!self->pattern) - { -- g_set_error(error, 0, 0, "Error while compiling multi-line regexp as a PCRE expression, error=%s, error_at=%d", errptr, -- erroffset); -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ g_set_error(error, 0, 0, -+ "Error while compiling multi-line regexp as a PCRE expression, error=%s, error_at=%" G_GSIZE_FORMAT, -+ (gchar *) error_message, erroffset); - goto error; - } - --#ifdef PCRE_STUDY_JIT_COMPILE -- optflags = PCRE_STUDY_JIT_COMPILE; --#endif -- - /* optimize regexp */ -- self->extra = pcre_study(self->pattern, optflags, &errptr); -- if (errptr != NULL) -+ rc = pcre2_jit_compile(self->pattern, PCRE2_JIT_COMPLETE); -+ if (rc < 0) - { -- g_set_error(error, 0, 0, "Error while studying multi-line regexp, error=%s", errptr); -- goto error; -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ msg_warning("multi-line-pattern: Error while JIT compiling regular expression", -+ evt_tag_str("regexp", regexp), -+ evt_tag_str("error", (gchar *) error_message)); - } - - return self; - error: - if (self->pattern) -- pcre_free(self->pattern); -+ pcre2_code_free(self->pattern); - g_free(self); - return NULL; - } - - gint --multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *matches, gint matches_num) -+multi_line_pattern_eval(MultiLinePattern *re, const guchar *str, gsize len, pcre2_match_data *match_data) - { -- gint rc; -+ return pcre2_match(re->pattern, (PCRE2_SPTR) str, (PCRE2_SIZE) len, 0, 0, match_data, NULL); -+} - -+gboolean -+multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *start, gint *end) -+{ - if (!re) -- return -1; -+ return FALSE; -+ -+ gboolean result = FALSE; -+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(re->pattern, NULL); -+ - -- rc = pcre_exec(re->pattern, re->extra, (const gchar *) str, len, 0, 0, matches, matches_num * 3); -- return rc; -+ if (multi_line_pattern_eval(re, str, len, match_data) < 0) -+ goto exit; -+ -+ guint32 num_matches = pcre2_get_ovector_count(match_data); -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data); -+ -+ if (num_matches == 0) -+ goto exit; -+ -+ *start = matches[0]; -+ *end = matches[1]; -+ result = TRUE; -+exit: -+ pcre2_match_data_free(match_data); -+ return result; - } - - gboolean - multi_line_pattern_match(MultiLinePattern *re, const guchar *str, gsize len) - { -- gint match[3]; -- if (multi_line_pattern_find(re, str, len, match, 1) < 0) -+ if (!re) - return FALSE; -- return match[0] >= 0; --} - -+ gboolean result = FALSE; -+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(re->pattern, NULL); -+ -+ if (multi_line_pattern_eval(re, str, len, match_data) < 0) -+ goto exit; -+ -+ guint32 num_matches = pcre2_get_ovector_count(match_data); -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data); -+ -+ result = num_matches > 0 && matches[0] >= 0; -+ -+exit: -+ pcre2_match_data_free(match_data); -+ return result; -+} - - MultiLinePattern * - multi_line_pattern_ref(MultiLinePattern *self) -@@ -100,9 +136,7 @@ - if (self && (--self->ref_cnt == 0)) - { - if (self->pattern) -- pcre_free(self->pattern); -- if (self->extra) -- pcre_free_study(self->extra); -+ pcre2_code_free(self->pattern); - g_free(self); - } - } -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.h syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.h ---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/multi-line-pattern.h 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/multi-line-pattern.h 2023-07-19 02:12:21.376815531 +0200 -@@ -33,11 +33,10 @@ - struct _MultiLinePattern - { - gint ref_cnt; -- pcre *pattern; -- pcre_extra *extra; -+ pcre2_code *pattern; - }; - --gint multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *matches, gint matches_num); -+gboolean multi_line_pattern_find(MultiLinePattern *re, const guchar *str, gsize len, gint *start, gint *end); - gboolean multi_line_pattern_match(MultiLinePattern *re, const guchar *str, gsize len); - MultiLinePattern *multi_line_pattern_compile(const gchar *regexp, GError **error); - MultiLinePattern *multi_line_pattern_ref(MultiLinePattern *self); -diff -ur syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/regexp-multi-line.c syslog-ng-syslog-ng-4.2.0/lib/multi-line/regexp-multi-line.c ---- syslog-ng-syslog-ng-4.2.0.orig/lib/multi-line/regexp-multi-line.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/lib/multi-line/regexp-multi-line.c 2023-07-19 02:12:21.377815546 +0200 -@@ -27,19 +27,21 @@ - static gint - _prefix_garbage_get_offset_of_garbage(RegexpMultiLine *self, const guchar *line, gsize line_len) - { -- gint match[3]; -- if (multi_line_pattern_find(self->garbage, line, line_len, match, 1) < 0) -+ gint start, end; -+ -+ if (!multi_line_pattern_find(self->garbage, line, line_len, &start, &end)) - return -1; -- return match[0]; -+ return start; - } - - static gint - _prefix_suffix_get_offset_of_garbage(RegexpMultiLine *self, const guchar *line, gsize line_len) - { -- gint match[3]; -- if (multi_line_pattern_find(self->garbage, line, line_len, match, 1) < 0) -+ gint start, end; -+ -+ if (!multi_line_pattern_find(self->garbage, line, line_len, &start, &end)) - return -1; -- return match[1]; -+ return end; - } - - static gint -diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/list-funcs.c syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/list-funcs.c ---- syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/list-funcs.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/list-funcs.c 2023-07-19 02:12:21.377815546 +0200 -@@ -354,8 +354,7 @@ - StringMatchMode mode; - gchar *pattern; - GPatternSpec *glob; -- pcre *pcre; -- pcre_extra *pcre_extra; -+ pcre2_code *pcre; - } StringMatcher; - - static gboolean -@@ -369,33 +368,35 @@ - static gboolean - string_matcher_prepare_pcre(StringMatcher *self) - { -- const gchar *errptr; -- gint erroffset; -+ PCRE2_SIZE erroffset; - gint rc; - -- self->pcre = pcre_compile2(self->pattern, PCRE_ANCHORED, &rc, &errptr, &erroffset, NULL); -+ self->pcre = pcre2_compile((PCRE2_SPTR) self->pattern, PCRE2_ZERO_TERMINATED, PCRE2_ANCHORED, &rc, &erroffset, NULL); - if (!self->pcre) - { -+ PCRE2_UCHAR error_message[128]; -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ - msg_error("Error while compiling regular expression", - evt_tag_str("regular_expression", self->pattern), - evt_tag_str("error_at", &self->pattern[erroffset]), - evt_tag_int("error_offset", erroffset), -- evt_tag_str("error_message", errptr), -+ evt_tag_str("error_message", (gchar *) error_message), - evt_tag_int("error_code", rc)); - return FALSE; - } -- self->pcre_extra = pcre_study(self->pcre, PCRE_STUDY_JIT_COMPILE, &errptr); -- if (errptr) -+ -+ /* optimize regexp */ -+ rc = pcre2_jit_compile(self->pcre, PCRE2_JIT_COMPLETE); -+ if (rc < 0) - { -- msg_error("Error while optimizing regular expression", -- evt_tag_str("regular_expression", self->pattern), -- evt_tag_str("error_message", errptr)); -- pcre_free(self->pcre); -- if (self->pcre_extra) -- pcre_free_study(self->pcre_extra); -- return FALSE; -- } -+ PCRE2_UCHAR error_message[128]; - -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ msg_warning("$(list-search): Failed to JIT compile regular expression", -+ evt_tag_str("regexp", self->pattern), -+ evt_tag_str("error", (gchar *) error_message)); -+ } - return TRUE; - } - -@@ -416,8 +417,11 @@ - static gboolean - string_matcher_match_pcre(StringMatcher *self, const char *string, gsize string_len) - { -- gint rc = pcre_exec(self->pcre, self->pcre_extra, string, string_len, 0, 0, NULL, 0); -- if (rc == PCRE_ERROR_NOMATCH) -+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(self->pcre, NULL); -+ gint rc = pcre2_match(self->pcre, (PCRE2_SPTR) string, (PCRE2_SIZE) string_len, 0, 0, match_data, NULL); -+ pcre2_match_data_free(match_data); -+ -+ if (rc == PCRE2_ERROR_NOMATCH) - { - return FALSE; - } -@@ -468,9 +472,7 @@ - if (self->glob) - g_pattern_spec_free(self->glob); - if (self->pcre) -- pcre_free(self->pcre); -- if (self->pcre_extra) -- pcre_free_study(self->pcre_extra); -+ pcre2_code_free(self->pcre); - g_free(self); - } - -diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/tests/test_basicfuncs.c syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/tests/test_basicfuncs.c ---- syslog-ng-syslog-ng-4.2.0.orig/modules/basicfuncs/tests/test_basicfuncs.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/modules/basicfuncs/tests/test_basicfuncs.c 2023-07-19 02:12:21.377815546 +0200 -@@ -663,3 +663,8 @@ - { - assert_template_format(param->template, param->expected); - } -+ -+Test(basicfuncs, test_performance) -+{ -+ perftest_template("$(list-search --start-index 1 --mode pcre .az '\"foo,\",\"bar\",\"baz\"')"); -+} -diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/group-lines.c syslog-ng-syslog-ng-4.2.0/modules/correlation/group-lines.c ---- syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/group-lines.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/modules/correlation/group-lines.c 2023-07-19 02:12:21.377815546 +0200 -@@ -28,7 +28,6 @@ - #include "messages.h" - #include "grouping-parser.h" - --#include - #include - - typedef struct _GroupLinesContext -diff -ur syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/radix.c syslog-ng-syslog-ng-4.2.0/modules/correlation/radix.c ---- syslog-ng-syslog-ng-4.2.0.orig/modules/correlation/radix.c 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/modules/correlation/radix.c 2023-07-19 02:12:21.377815546 +0200 -@@ -22,13 +22,12 @@ - */ - - #include "radix.h" -+#include "compat/pcre.h" - - #include - #include - #include - --#include -- - /************************************************************** - * Parsing nodes. - **************************************************************/ -@@ -129,80 +128,80 @@ - - typedef struct _RParserPCREState - { -- pcre *re; -- pcre_extra *extra; -+ pcre2_code *re; - } RParserPCREState; - - gboolean - r_parser_pcre(gchar *str, gint *len, const gchar *param, gpointer state, RParserMatch *match) - { - RParserPCREState *self = (RParserPCREState *) state; -+ gboolean result = FALSE; - gint rc; -- gint num_matches; -- -- if (pcre_fullinfo(self->re, self->extra, PCRE_INFO_CAPTURECOUNT, &num_matches) < 0) -- g_assert_not_reached(); -- if (num_matches > LOGMSG_MAX_MATCHES) -- num_matches = LOGMSG_MAX_MATCHES; - -- gsize matches_size = 3 * (num_matches + 1); -- gint *matches = g_alloca(matches_size * sizeof(gint)); -+ pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(self->re, NULL); -+ rc = pcre2_match(self->re, (PCRE2_SPTR) str, (PCRE2_SIZE) strlen(str), 0, 0, match_data, NULL); - -- rc = pcre_exec(self->re, self->extra, str, strlen(str), 0, 0, matches, matches_size); -- -- if (rc == PCRE_ERROR_NOMATCH) -- { -- return FALSE; -- } -+ if (rc == PCRE2_ERROR_NOMATCH) -+ goto exit; - - if (rc < 0) - { - msg_error("Error while matching regexp", evt_tag_int("error_code", rc)); -- return FALSE; -+ goto exit; - } - - if (rc == 0) - { - msg_error("Error while storing matching substrings"); -- return FALSE; -+ goto exit; - } - -+ PCRE2_SIZE *matches = pcre2_get_ovector_pointer(match_data); -+ - *len = matches[1] - matches[0]; -- return TRUE; -+ result = TRUE; -+exit: -+ pcre2_match_data_free(match_data); -+ return result; - } - - gpointer - r_parser_pcre_compile_state(const gchar *expr) - { - RParserPCREState *self = g_new0(RParserPCREState, 1); -- const gchar *errptr; -- gint erroffset; -+ gsize erroffset; - gint rc; - -- self->re = pcre_compile2(expr, PCRE_ANCHORED, &rc, &errptr, &erroffset, NULL); -+ self->re = pcre2_compile((PCRE2_SPTR)expr, PCRE2_ZERO_TERMINATED, PCRE2_ANCHORED, &rc, &erroffset, NULL); - if (!self->re) - { -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ - msg_error("Error while compiling regular expression", - evt_tag_str("regular_expression", expr), - evt_tag_str("error_at", &expr[erroffset]), - evt_tag_int("error_offset", erroffset), -- evt_tag_str("error_message", errptr), -+ evt_tag_str("error_message", (gchar *) error_message), - evt_tag_int("error_code", rc)); - g_free(self); - return NULL; - } -- self->extra = pcre_study(self->re, 0, &errptr); -- if (errptr) -+ -+ /* optimize regexp */ -+ rc = pcre2_jit_compile(self->re, PCRE2_JIT_COMPLETE); -+ if (rc < 0) - { -- msg_error("Error while optimizing regular expression", -- evt_tag_str("regular_expression", expr), -- evt_tag_str("error_message", errptr)); -- pcre_free(self->re); -- if (self->extra) -- pcre_free(self->extra); -- g_free(self); -- return NULL; -+ PCRE2_UCHAR error_message[128]; -+ -+ pcre2_get_error_message(rc, error_message, sizeof(error_message)); -+ msg_warning("radix: Error while JIT compiling regular expression", -+ evt_tag_str("regular_expression", expr), -+ evt_tag_str("error_message", (gchar *) error_message), -+ evt_tag_int("error_code", rc)); - } -+ - return (gpointer) self; - } - -@@ -212,9 +211,7 @@ - RParserPCREState *self = (RParserPCREState *) s; - - if (self->re) -- pcre_free(self->re); -- if (self->extra) -- pcre_free(self->extra); -+ pcre2_code_free(self->re); - g_free(self); - } - -diff -ur syslog-ng-syslog-ng-4.2.0.orig/packaging/debian/control syslog-ng-syslog-ng-4.2.0/packaging/debian/control ---- syslog-ng-syslog-ng-4.2.0.orig/packaging/debian/control 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/packaging/debian/control 2023-07-19 02:12:21.377815546 +0200 -@@ -21,7 +21,7 @@ - libbson-dev, - libjson-c-dev | libjson0-dev, - libwrap0-dev, -- libpcre3-dev, -+ libpcre2-dev, - libcap-dev [linux-any], - libsystemd-dev (>= 209) [linux-any], - libhiredis-dev, -diff -ur syslog-ng-syslog-ng-4.2.0.orig/packaging/rhel/syslog-ng.spec syslog-ng-syslog-ng-4.2.0/packaging/rhel/syslog-ng.spec ---- syslog-ng-syslog-ng-4.2.0.orig/packaging/rhel/syslog-ng.spec 2023-05-10 16:55:07.000000000 +0200 -+++ syslog-ng-syslog-ng-4.2.0/packaging/rhel/syslog-ng.spec 2023-07-19 02:12:21.378815560 +0200 -@@ -60,7 +60,7 @@ - BuildRequires: libdbi-devel - BuildRequires: libnet-devel - BuildRequires: openssl-devel --BuildRequires: pcre-devel -+BuildRequires: pcre2-devel - BuildRequires: libuuid-devel - BuildRequires: libesmtp-devel - BuildRequires: libcurl-devel diff --git a/ppp.conf b/ppp.conf new file mode 100644 index 0000000..fab5507 --- /dev/null +++ b/ppp.conf @@ -0,0 +1,16 @@ +# Redirect freshclam logs to a separate log file + +destination d_ppp { + file("/var/log/ppp"); +}; + +filter f_ppp { + program(pppd) or program(chat); +}; + +log { + source(s_sys); + filter(f_daemon); + filter(f_ppp); + destination(d_ppp); +}; diff --git a/syslog-ng-simple.conf b/syslog-ng-simple.conf deleted file mode 100644 index bb2b948..0000000 --- a/syslog-ng-simple.conf +++ /dev/null @@ -1,55 +0,0 @@ -@version: 4.8 -# -# Syslog-ng configuration for TLD Linux -# -# See syslog-ng(8) and syslog-ng.conf(5) for more information. -# - -options { - flush_lines(0); - owner(root); - group(logs); - perm(0640); - create_dirs(yes); - dir_owner(root); - dir_group(logs); - dir_perm(0750); - stats(freq(43200)); - time_reopen(10); - time_reap(360); - mark_freq(600); - threaded(yes); -}; - -source s_sys { - file ("/proc/kmsg" program_override("kernel")); - - unix-stream("/dev/log" max-connections(1000) log_iw_size(100000)); - internal(); -}; - -destination d_mail { file("/var/log/maillog"); }; -destination d_messages { file("/var/log/messages"); }; -destination d_kern { file("/var/log/kernel"); }; -destination d_console_all { file("/dev/tty12"); }; - -# if using systemd, an IP address instead of name may be required here -#destination d_loghost { udp("loghost" port(514)); }; - -filter f_kern { facility(kern); }; -filter f_mail { facility(mail); }; - -log { source(s_sys); filter(f_kern); destination(d_kern); }; -log { source(s_sys); filter(f_mail); destination(d_mail); }; - -# This is a catchall statement, and should catch all messages which were not -# accepted any of the previous statements. -# If using d_console_all or network logging, remove flags(fallback); -log { source(s_sys); destination(d_messages); flags(fallback); }; -#log { source(s_sys); destination(d_messages); }; - -# Log all messages to tty12 -#log { source(s_sys); destination(d_console_all); }; - -# Network syslogging -#log { source(s_sys); destination(d_loghost); }; diff --git a/syslog-ng.conf b/syslog-ng.conf index ca9c554..2bed76c 100644 --- a/syslog-ng.conf +++ b/syslog-ng.conf @@ -1,4 +1,4 @@ -@version: 4.8 +@version: #VERSION# @include "scl.conf" # # Syslog-ng configuration for TLD Linux @@ -7,32 +7,26 @@ # options { - flush_lines(0); - owner(root); - group(logs); - perm(0640); - create_dirs(yes); - dir_owner(root); - dir_group(logs); - dir_perm(0750); - stats(freq(3600)); - time_reopen(10); - time_reap(360); - mark_freq(600); - threaded(yes); + flush_lines(0); + owner(root); + group(logs); + perm(0640); + create_dirs(yes); + dir_owner(root); + dir_group(logs); + dir_perm(0750); + stats(freq(3600)); + time_reopen(10); + time_reap(360); + mark_freq(600); + threaded(yes); }; source s_sys { - system(); - internal(); + system(); + internal(); }; -# uncomment the line below and change ip/port if you want to run syslog server -#source s_net { udp(ip(192.168.1.100),port(514)); }; - -# uncomment the line bellow if you want to send logs to syslog server -#destination d_loghost { udp("loghost" port(514)); }; - destination d_kern { file("/var/log/kernel"); }; destination d_messages { file("/var/log/messages"); }; destination d_authlog { file("/var/log/secure"); }; @@ -44,20 +38,13 @@ destination d_syslog { file("/var/log/syslog"); }; destination d_daemon { file("/var/log/daemon"); }; destination d_lpr { file("/var/log/lpr"); }; destination d_user { file("/var/log/user"); }; -destination d_ppp { file("/var/log/ppp"); }; destination d_ftp { file("/var/log/xferlog"); }; destination d_audit { file("/var/log/audit"); }; -destination d_freshclam { file("/var/log/freshclam.log"); }; -destination d_shorewall { file("/var/log/shorewall"); }; destination d_console { usertty("root"); }; destination d_xconsole { pipe("/dev/xconsole"); }; destination d_newscrit { file("/var/log/news/news.crit" owner(news) group(news)); }; destination d_newserr { file("/var/log/news/news.err" owner(news) group(news)); }; destination d_newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); }; -destination d_dhcp { file("/var/log/dhcp"); }; - -# uncomment the line below if you want to run syslog server -#destination d_from_net { file("/var/log/$HOST.log" owner(root) group(root) perm(0644) dir_perm(0700) create_dirs(yes)); }; # Filters for standard syslog(3) facilities #filter f_audit { facility(audit); }; @@ -91,23 +78,9 @@ filter p_alert { level(alert); }; filter p_crit { level(crit); }; filter p_emergency { level(emerg); }; -# Additional filters for specific programs/use -filter f_freshclam { program(freshclam); }; -filter f_ppp { program(pppd) or program(chat); }; -filter f_shorewall { facility(kern) and match("Shorewall:" value("MESSAGE")); }; -filter f_dhcp { program("dhcpd") or program("dnsmasq-dhcp"); }; - -# uncomment the line below if you want to run syslog server -#log { source(s_net); destination(d_from_net); flags(final); }; - -# uncomment the line bellow if you want to send logs to syslog server -#log { source(s_sys); destination(d_loghost); }; - -# log shorewall to separate log file by default -log { source(s_sys); filter(f_shorewall); destination(d_shorewall); flags(final); }; - -# log dhcp daemons to separate log file by default -log { source(s_sys); filter(f_dhcp); destination(d_dhcp); flags(final); }; +# Include custom configurations that should be loaded before the system default +# log rules. +@include "/etc/syslog-ng/pre.conf.d/*.conf" log { source(s_sys); filter(f_authpriv); destination(d_authlog); }; log { source(s_sys); filter(f_cron); destination(d_cron); }; @@ -131,6 +104,10 @@ log { source(s_sys); filter(f_daemon); filter(f_ppp); destination(d_ppp); }; log { source(s_sys); filter(f_local6); filter(f_freshclam); destination(d_freshclam); }; log { source(s_sys); filter(p_emergency); destination(d_console); }; -# This is a catchall statement, and should catch all messages which were not -# accepted any of the previous statements. +# Include custom configurations that should be loaded after the system default +# log rules. +@include "/etc/syslog-ng/post.conf.d/*.conf" + +# This is a catchall statement and should catch any messages that were not +# accepted by any of the previous log statements. log { source(s_sys); destination(d_messages); flags(fallback); }; diff --git a/syslog-ng.spec b/syslog-ng.spec index ed67762..5dd4d25 100644 --- a/syslog-ng.spec +++ b/syslog-ng.spec @@ -1,22 +1,23 @@ -# TODO: -# - switch to LTS version??? where??? -# - relies on libs in /usr which is wrong -# (well, for modules bringing additional functionality it's acceptable IMO --q) -# - package python module +# NOTE: only core functionality is available without /usr; +# some non-trivial extension modules rely in libraries/daemons existing in /usr. # # Conditional build: %bcond_with dynamic # link dynamically with glib, eventlog, pcre (modules are always linked dynamically) %bcond_without sql # support for logging to SQL DB -%bcond_with tests # do not perform "make check" +%bcond_without tests # do not perform "make check" +%bcond_with bpf # loading eBPF programs support (generates some data from current kernel) +%bcond_without grpc # support for GRPC protocols %bcond_without http # support for HTTP destination %bcond_without json # support for JSON template formatting %bcond_without mongodb # support for mongodb destination +%bcond_without mqtt # support for MQTT protocol %bcond_without redis # support for Redis destination %bcond_without smtp # support for logging into SMTP %bcond_without geoip2 # support for GeoIP2 +%bcond_without kafka # support for Apache Kafka protocol %bcond_without riemann # support for Riemann monitoring system %bcond_without amqp # AMQP support -%bcond_with python # python module +%bcond_without python # python module %bcond_with java # java modules and support %bcond_without system_libivykis # use system libivykis %bcond_without system_rabbitmq # use system librabbitmq @@ -26,7 +27,7 @@ %endif # as in git submodule -%define libivykis_version 0.42.4 +%define libivykis_version 0.43.2 %define glib2_ver 1:2.32.0 %define mver 4.8 @@ -34,56 +35,75 @@ Summary: Syslog-ng - new generation of the system logger Summary(pl.UTF-8): Syslog-ng - systemowy demon logujący nowej generacji Summary(pt_BR.UTF-8): Daemon de log nova geração Name: syslog-ng -Version: 4.8.0 -Release: 1 +Version: 4.8.1 +Release: 0.1 License: GPL v2+ with OpenSSL exception Group: Daemons -Source0: https://github.com/balabit/syslog-ng/archive/%{name}-%{version}.tar.gz -# Source0-md5: 11711fb6c942ef52e89f114054854f54 +#Source0Download: https://github.com/syslog-ng/syslog-ng/releases +Source0: https://github.com/syslog-ng/syslog-ng/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz +# Source0-md5: 6a5852343f9a34449c3812b474728aa7 Source1: %{name}.init Source2: %{name}.conf Source3: %{name}.logrotate -Source5: %{name}-simple.conf -Source6: https://github.com/buytenh/ivykis/archive/v%{libivykis_version}/ivykis-%{libivykis_version}.tar.gz -# Source6-md5: e09caeb95a01a541ec40d3b757dada12 +Source4: log_server.conf +Source5: log_remote.conf +Source6: dhcp.conf +Source7: freshclam.conf +Source8: iptables.conf +Source9: ppp.conf +%if 0 +# for git archives (release tarballs include ivykis) +#Source10Download: https://github.com/buytenh/ivykis/releases +#Source10: https://github.com/buytenh/ivykis/archive/v%{libivykis_version}/ivykis-%{libivykis_version}.tar.gz +Source10: https://downloads.sourceforge.net/libivykis/ivykis-%{libivykis_version}.tar.gz +# Source10-md5: df51c6d5c52bef1c82ea33eddc997792 +%endif Patch0: %{name}-datadir.patch -Patch1: %{name}-nolibs.patch -Patch2: man-paths.patch -Patch3: %{name}-link.patch -Patch4: no_shared_ivykis.patch -Patch5: bison.patch -Patch6: shebang.patch +Patch2: %{name}-nolibs.patch +Patch4: man-paths.patch +Patch5: %{name}-link.patch +Patch6: no_shared_ivykis.patch Patch7: 32bit.patch -Patch8: glib-static.patch + +Patch9: glib-static.patch URL: https://syslog-ng.org/ BuildRequires: autoconf >= 2.59 BuildRequires: automake BuildRequires: bison >= 3.7.6 +%if %{with tests} +BuildRequires: criterion-devel >= 2.3.3-5 +%endif %{?with_http:BuildRequires: curl-devel} -BuildRequires: docbook-style-xsl -%{?with_tests:BuildRequires: findutils} +BuildRequires: docbook-style-xsl-nons +BuildRequires: eventlog-devel >= 0.2.12 BuildRequires: flex BuildRequires: glib2-devel >= %{glib2_ver} +%{?with_java:BuildRequires: gradle >= 3.4} +%{?with_grpc:BuildRequires: grpc-devel >= 1.16.1} %{?with_redis:BuildRequires: hiredis-devel >= 0.11.0} %{?with_java:BuildRequires: jdk >= 1.8} %{?with_json:BuildRequires: json-c-devel >= 0.13} -%{?with_java:BuildRequires: gradle >= 3.4} -%{?with_mongodb:BuildRequires: libbson-devel} +# bpftool +%{?with_bpf:BuildRequires: kernel-tools >= 4.15} +%{?with_bpf:BuildRequires: libbpf-devel >= 1.0.1} BuildRequires: libcap-devel %{?with_sql:BuildRequires: libdbi-devel >= 0.9.0} %{?with_smtp:BuildRequires: libesmtp-devel} %{?with_system_libivykis:BuildRequires: libivykis-devel >= %{libivykis_version}} -%{?with_mongodb:BuildRequires: mongo-c-driver-devel} %{?with_geoip2:BuildRequires: libmaxminddb-devel} BuildRequires: libnet-devel >= 1:1.1.2.1-3 -%{?with_java:BuildRequires: librdkafka-devel >= 1.1.0} +%{?with_kafka:BuildRequires: librdkafka-devel >= 1.1.0} BuildRequires: libtool >= 2:2.0 BuildRequires: libwrap-devel BuildRequires: libxslt-progs BuildRequires: lz4-devel >= r131-5 +%{?with_mongodb:BuildRequires: mongo-c-driver-devel >= 1.0.0} +BuildRequires: net-snmp-devel BuildRequires: openssl-devel >= 0.9.8 +%{?with_mqtt:BuildRequires: paho-mqtt-devel} BuildRequires: pcre2-8-devel >= 10.0 BuildRequires: pkgconfig +%{?with_grpc:BuildRequires: protobuf-devel >= 3.12.0} %{?with_system_rabbitmq:BuildRequires: rabbitmq-c-devel >= 0.5.3} %{?with_riemann:BuildRequires: riemann-c-client-devel >= 1.6.0} BuildRequires: rpm >= 4.4.9-56 @@ -92,12 +112,15 @@ BuildRequires: which %if %{with tests} BuildRequires: GeoIP-db-Country BuildRequires: pylint -BuildRequires: python -BuildRequires: python-pep8 -BuildRequires: python-ply +BuildRequires: python3 +%{?with_python:BuildRequires: python3-devel >= 1:3.2} +BuildRequires: python3-pep8 +BuildRequires: python3-ply +BuildRequires: python3-pytest-mock BuildRequires: tzdata %endif %if %{without dynamic} +BuildRequires: eventlog-static >= 0.2.12 BuildRequires: glib2-static >= %{glib2_ver} %{?with_system_libivykis:BuildRequires: libivykis-static >= %{libivykis_version}} BuildRequires: pcre-static >= 6.1 @@ -107,18 +130,18 @@ Requires(post): fileutils Requires(post,preun): /sbin/chkconfig Requires: %{name}-libs = %{version}-%{release} Requires: psmisc >= 20.1 -%{?with_system_rabbitmq:Requires: rabbitmq-c >= 0.0.1} +%{?with_system_rabbitmq:Requires: rabbitmq-c >= 0.5.3} Requires: rc-scripts >= 0.4.3.0 # for afsocket Requires: libnet >= 1:1.1.2.1-7 +# for afsocket and dbparser Requires: openssl >= 0.9.8 Provides: service(klogd) Provides: service(syslog) Provides: syslogdaemon -Obsoletes: syslog-ng-module-afsocket -Obsoletes: syslog-ng-module-dbparser -Obsoletes: syslog-ng-module-tfgeoip -Obsoletes: syslog-ng-systemd +Obsoletes: syslog-ng-module-afsocket < 3.3.1-4 +Obsoletes: syslog-ng-module-dbparser < 3.3.1-4 +Obsoletes: syslog-ng-systemd < 3.3.4-3 Conflicts: klogd Conflicts: msyslog Conflicts: rsyslog @@ -173,7 +196,7 @@ Summary: MongoDB destination support module for syslog-ng Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazie MongoDB Group: Libraries Requires: %{name} = %{version}-%{release} -Requires: libmongo-client >= 0.1.8 +Requires: mongo-c-driver >= 1.0.0 %description module-afmongodb MongoDB destination support module for syslog-ng. @@ -199,7 +222,7 @@ Summary: SQL destination support module for syslog-ng Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazach SQL Group: Libraries Requires: %{name} = %{version}-%{release} -Requires: libdbi >= 0.8.3-2 +Requires: libdbi >= 0.9.0 Requires: openssl >= 0.9.8 %description module-afsql @@ -221,19 +244,33 @@ HTTP destination support module for syslog-ng (via libcurl). %description module-http -l pl.UTF-8 Moduł sysloga-ng do obsługi zapisu logów poprzez HTTP (via libcurl). -%package module-java -Summary: Java destination support module for syslog-ng -Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów przy pomocy Java +%package module-cloudauth +Summary: Cloud Authentication support for syslog-ng: pubsub +Summary(pl.UTF-8): Moduł sysloga-ng do uwierzytelniania chmurowego na potrzeby pubsub Group: Libraries Requires: %{name} = %{version}-%{release} -Requires: librdkafka >= 1.1.0 -Requires: %{name}-module-json-plugin = %{version}-%{release} -%description module-java -Java destination support module for syslog-ng +%description module-cloudauth +Cloud Authentication support for syslog-ng, currently used for Google +PubSub. + +%description module-cloudauth -l pl.UTF-8 +Moduł sysloga-ng do obsługi uwierzytelniania w chmurze, używany przez +Google PubSub. + +%package module-grpc +Summary: GRPC modules for syslog-ng: bigquery, loki, otel +Summary(pl.UTF-8): Moduły GRPC dla sysloga-ng: bigquery, loki, otel +Group: Libraries +Requires: %{name} = %{version}-%{release} + +%description module-grpc +GRPC protocols support for syslog-ng, currently: bigquery, loki and +otel. -%description module-java -l pl.UTF-8 -Moduł sysloga-ng do obsługi zapisu logów przy pomocy Java +%description module-grpc -l pl.UTF-8 +Obsługa protokołów GRPC dla sysloga-ng, obecnie: bigquery, loki i +otel. %package module-json-plugin Summary: JSON formatting template function for syslog-ng @@ -241,7 +278,7 @@ Summary(pl.UTF-8): Moduł sysloga-ng do obsługi szablonów z formatowaniem JSON Group: Libraries Requires: %{name} = %{version}-%{release} Requires: json-c >= 0.9 -Obsoletes: syslog-ng-module-tfjson +Obsoletes: syslog-ng-module-tfjson < 3.4.2 %description module-json-plugin JSON formatting template function for syslog-ng. @@ -249,24 +286,50 @@ JSON formatting template function for syslog-ng. %description module-json-plugin -l pl.UTF-8 Moduł sysloga-ng do obsługi szablonów z formatowaniem JSON. -%package module-python -Summary: Python destination support module for syslog-ng -Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów przy pomocy pythona +%package module-kafka +Summary: Apache Kafka destination support module for syslog-ng +Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów poprzez protokół Apache Kafka Group: Libraries Requires: %{name} = %{version}-%{release} -Requires: python3 +Requires: librdkafka >= 1.1.0 + +%description module-kafka +Apache Kafka destination support module for syslog-ng. + +%description module-kafka -l pl.UTF-8 +Moduł sysloga-ng do obsługi zapisu logów poprzez protokół Apache +Kafka. + +%package module-mqtt +Summary: MQTT protocol support module for syslog-ng +Summary(pl.UTF-8): Moduł sysloga-ng do obsługi protokołu MQTT +Group: Libraries +Requires: %{name} = %{version}-%{release} + +%description module-mqtt +MQTT protocol support module for syslog-ng. + +%description module-mqtt -l pl.UTF-8 +Moduł sysloga-ng do obsługi protokołu MQTT. + +%package module-python +Summary: Python support module for syslog-ng +Summary(pl.UTF-8): Moduł obsługi Pythona dla sysloga-ng +Group: Librares +Requires: %{name} = %{version}-%{release} %description module-python -Python destination support module for syslog-ng +Python support module for syslog-ng. %description module-python -l pl.UTF-8 -Moduł sysloga-ng do obsługi zapisu logów przy pomocy pythona +Moduł obsługi Pythona dla sysloga-ng. %package module-redis Summary: Redis destination support module for syslog-ng Summary(pl.UTF-8): Moduł sysloga-ng do obsługi zapisu logów w bazie Redis Group: Libraries Requires: %{name} = %{version}-%{release} +Requires: hiredis >= 0.11.0 %description module-redis Redis destination support module for syslog-ng (via libhiredis). @@ -293,10 +356,11 @@ Summary: Shared library for syslog-ng Summary(pl.UTF-8): Biblioteka współdzielona sysloga-ng Group: Libraries %if %{with dynamic} +Requires: eventlog >= 0.2.12 Requires: glib2 >= %{glib2_ver} -%{?with_system_libivykis:Requires: libivykis >= 0.42} Requires: pcre >= 6.1 %endif +%{?with_system_libivykis:Requires: libivykis >= %{libivykis_version}} Conflicts: syslog-ng < 3.3.1-3 %description libs @@ -311,10 +375,11 @@ Summary(pl.UTF-8): Pliki nagłówkowe do tworzenia modułów dla sysloga-ng Group: Development/Libraries Requires: %{name}-libs = %{version}-%{release} %if %{with dynamic} +Requires: eventlog-devel >= 0.2.12 Requires: glib2-devel >= %{glib2_ver} -%{?with_system_libivykis:Requires: libivykis-devel >= 0.42} Requires: pcre-devel >= 6.1 %endif +%{?with_system_libivykis:Requires: libivykis-devel >= %{libivykis_version}} %description devel Header files for syslog-ng modules development. @@ -322,80 +387,105 @@ Header files for syslog-ng modules development. %description devel -l pl.UTF-8 Pliki nagłówkowe do tworzenia modułów dla sysloga-ng. +%package test-devel +Summary: syslog-ng test library +Summary(pl.UTF-8): Biblioteka testowa sysloga-ng +Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} + +%description test-devel +Test helper package for syslog-ng modules. + +%description test-devel -l pl.UTF-8 +Pakiet pomocniczy do testowania modułów sysloga-ng. + %prep -%setup -q -n %{name}-%{name}-%{version} -a 6 +%if 1 +# release tarball +%setup -q +%else +# git archive +%setup -q -n %{name}-%{name}-%{version} -a 10 rmdir lib/ivykis -mv ivykis-%{libivykis_version} lib/ivykis - -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -cp -p %{SOURCE5} contrib/syslog-ng.conf.simple +%{__mv} ivykis-%{libivykis_version} lib/ivykis +%endif + +%patch -P0 -p1 +%patch -P2 -p1 +%patch -P4 -p1 +%patch -P5 -p1 +%patch -P6 -p1 +%patch -P7 -p1 +%patch -P9 -p1 %{__sed} -i -e 's|/usr/bin/awk|/bin/awk|' scl/syslogconf/convert-syslogconf.awk +%{__sed} -i -e '1s,/usr/bin/env python3$,%{__python3},' lib/merge-grammar.py %build -%{__libtoolize} -%{__aclocal} -I m4 -%{__autoconf} -%{__autoheader} -%{__automake} +for i in . ; do +cd $i + %{__libtoolize} + %{__aclocal} `[ -d m4 ] && echo '-I m4'` + %{__autoconf} + %{__autoheader} + %{__automake} +cd - +done %configure \ + PYTHON="%{__python3}" \ --sysconfdir=%{_sysconfdir}/syslog-ng \ --disable-silent-rules \ - --with-docbook=%{xsl_stylesheets_dir}/manpages/docbook.xsl \ - --enable-java%{!?with_java:=no} \ - --enable-java-modules%{!?with_java:=no} \ - --enable-python%{!?with_python:=no} \ -%if %{with mongodb} - --enable-mongodb \ - --with-mongoc=system \ -%else - --disable-mongodb \ -%endif -%if %{with system_libivykis} - --with-ivykis=system \ + %{__enable_disable amqp} \ +%if %{with dynamic} + --enable-dynamic-linking \ %else - --with-ivykis=internal \ + --enable-mixed-linking \ %endif - %{?with_system_rabbitmq:--with-librabbitmq-client=system} \ - --with-module-dir=%{moduledir} \ - --with-pidfile-dir=/var/run \ - --with-timezone-dir=%{_datadir}/zoneinfo \ - --with-python-packages=none \ - %{__enable_disable amqp} \ - --disable-cloud-auth \ + --enable-ebpf%{!?with_bpf:=no} \ %{__enable_disable geoip2} \ + --enable-grpc%{!?with_grpc:=no} \ --enable-http%{!?with_http:=no} \ --enable-ipv6 \ + --enable-java%{!?with_java:=no} \ + --enable-java-modules%{!?with_java:=no} \ --enable-json%{!?with_json:=no} \ - %{__enable_disable java kafka} \ --enable-linux-caps \ + --enable-kafka%{!?with_kafka:=no} \ --enable-manpages \ +%if %{with mongodb} + --enable-mongodb \ + --with-mongoc=system \ +%else + --disable-mongodb \ +%endif + --enable-mqtt%{!?with_mqtt:=no} \ --enable-pacct \ --enable-pcre \ + --enable-python%{!?with_python:=no} \ --enable-redis%{!?with_redis:=no} \ --enable-riemann%{!?with_riemann:=no} \ --enable-smtp%{!?with_smtp:=no} \ --enable-spoof-source \ --enable-ssl \ - --disable-systemd \ + --enable-systemd=no \ + --with-systemd-journal=auto \ --enable-tcp-wrapper \ %if %{with sql} --enable-sql \ %endif -%if %{with dynamic} - --enable-dynamic-linking + --with-default-modules=affile,afprog,afsocket,afuser,basicfuncs,csvparser,dbparser,syslogformat \ + --with-docbook=%{xsl_stylesheets_dir}/manpages/docbook.xsl \ +%if %{with system_libivykis} + --with-ivykis=system \ %else - --enable-mixed-linking + --with-ivykis=internal \ %endif + %{?with_system_rabbitmq:--with-librabbitmq-client=system} \ + --with-module-dir=%{moduledir} \ + --with-pidfile-dir=/var/run \ + --with-python-packages=none \ + --with-timezone-dir=%{_datadir}/zoneinfo %{__make} @@ -403,12 +493,15 @@ cp -p %{SOURCE5} contrib/syslog-ng.conf.simple LD_LIBRARY_PATH=$(find $PWD -name '*.so*' -printf "%h:") PYTHONPATH=$(pwd)/tests/functional export LD_LIBRARY_PATH PYTHONPATH -%{__make} check +if ! %{__make} check; then + cat test-suite.log + exit 1 +fi %endif %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT/etc/{sysconfig,logrotate.d,rc.d/init.d} \ +install -d $RPM_BUILD_ROOT/etc/{syslog-ng/{pre,post}.conf.d,sysconfig,logrotate.d,rc.d/init.d} \ $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/patterndb.d \ $RPM_BUILD_ROOT/var/{log,lib/%{name}/xsd} @@ -424,21 +517,28 @@ ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsyslog-ng-%{mver}.so. %{__mv} $RPM_BUILD_ROOT%{_libdir}/libevtlog-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir} ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libevtlog-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libevtlog.so -%{__mv} $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so.* $RPM_BUILD_ROOT%{slibdir} -ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsecret-storage.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so - %{__mv} $RPM_BUILD_ROOT%{_libdir}/libloggen_helper-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir} ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libloggen_helper-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libloggen_helper.so %{__mv} $RPM_BUILD_ROOT%{_libdir}/libloggen_plugin-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir} ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libloggen_plugin-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libloggen_plugin.so + +%{__mv} $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so.* $RPM_BUILD_ROOT%{slibdir} +ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsecret-storage.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libsecret-storage.so %endif %{__sed} -e 's|@@SBINDIR@@|%{_sbindir}|g' %{SOURCE1} > $RPM_BUILD_ROOT/etc/rc.d/init.d/syslog-ng -cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf +sed -e 's,#VERSION#,%{mver},' < %{SOURCE2} > $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/syslog-ng -for n in cron daemon debug kernel lpr maillog messages secure shorewall spooler syslog user xferlog; do +cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d +cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d +cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d +cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/syslog-ng/post.conf.d +cp -p %{SOURCE8} $RPM_BUILD_ROOT/etc/syslog-ng/pre.conf.d +cp -p %{SOURCE9} $RPM_BUILD_ROOT/etc/syslog-ng/post.conf.d + +for n in cron daemon debug iptables kernel lpr maillog messages secure spooler syslog user xferlog; do > $RPM_BUILD_ROOT/var/log/$n done touch $RPM_BUILD_ROOT/etc/sysconfig/%{name} @@ -446,20 +546,11 @@ ln -s "%{name}" $RPM_BUILD_ROOT/etc/sysconfig/%{name}@default %{__rm} $RPM_BUILD_ROOT%{_sbindir}/syslog-ng-debun %{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/syslog-ng-debun.1 +%{__rm} $RPM_BUILD_ROOT%{moduledir}/libexamples.so %{__rm} $RPM_BUILD_ROOT%{_libdir}/*.la %{__rm} $RPM_BUILD_ROOT%{moduledir}/*.la %{__rm} $RPM_BUILD_ROOT%{moduledir}/loggen/*.la -%if %{with python} -%{__rm} -rf $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/python -%else -%{__rm} $RPM_BUILD_ROOT%{_bindir}/syslog-ng-update-virtualenv -%endif - -%if !%{with java} -%{__rm} -rf $RPM_BUILD_ROOT%{_datadir}/syslog-ng/include/scl/{elasticsearch,hdfs,kafka} -%endif - %clean rm -rf $RPM_BUILD_ROOT @@ -501,21 +592,31 @@ sed -i -e 's#match("IN\=\[A-Za-z0-9\]\* OUT=\[A-Za-z0-9\]\*");#match("IN=[A-Za-z sed -i -e "1 s#\(.*\)\$#@version: 3.0\n\1#g" /etc/syslog-ng/syslog-ng.conf rm -f %{_var}/lib/%{name}/syslog-ng.persist %service -q syslog-ng restart -exit 0 %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig +%post module-grpc -p /sbin/ldconfig +%postun module-grpc -p /sbin/ldconfig + %files %defattr(644,root,root,755) %doc AUTHORS NEWS.md contrib/relogger.pl -%doc contrib/syslog-ng.conf.{doc,simple,RedHat} +%doc contrib/syslog-ng.conf.{doc,RedHat} %doc contrib/{apparmor,selinux,syslog2ng} %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name} %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}@default %attr(750,root,root) %dir %{_sysconfdir}/syslog-ng %attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/patterndb.d +%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/pre.conf.d +%attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/post.conf.d %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/syslog-ng.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/dhcp.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/iptables.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/log_remote.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/pre.conf.d/log_server.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/post.conf.d/freshclam.conf +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/post.conf.d/ppp.conf %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/syslog-ng %attr(754,root,root) /etc/rc.d/init.d/syslog-ng %dir %{moduledir} @@ -537,8 +638,8 @@ exit 0 %attr(755,root,root) %{moduledir}/libcorrelation.so %attr(755,root,root) %{moduledir}/libcryptofuncs.so %attr(755,root,root) %{moduledir}/libcsvparser.so +#%attr(755,root,root) %{moduledir}/libdbparser.so %attr(755,root,root) %{moduledir}/libdisk-buffer.so -%attr(755,root,root) %{moduledir}/libexamples.so %if %{with geoip2} %attr(755,root,root) %{moduledir}/libgeoip2-plugin.so %endif @@ -546,11 +647,8 @@ exit 0 %attr(755,root,root) %{moduledir}/libhook-commands.so %attr(755,root,root) %{moduledir}/libkvformat.so %attr(755,root,root) %{moduledir}/liblinux-kmsg-format.so -%attr(755,root,root) %{moduledir}/libmetrics-probe.so -%dir %{moduledir}/loggen -%attr(755,root,root) %{moduledir}/loggen/libloggen_socket_plugin.so -%attr(755,root,root) %{moduledir}/loggen/libloggen_ssl_plugin.so %attr(755,root,root) %{moduledir}/libmap-value-pairs.so +%attr(755,root,root) %{moduledir}/libmetrics-probe.so %attr(755,root,root) %{moduledir}/libpacctformat.so %attr(755,root,root) %{moduledir}/libpseudofile.so %attr(755,root,root) %{moduledir}/librate-limit-filter.so @@ -563,6 +661,9 @@ exit 0 %attr(755,root,root) %{moduledir}/libxml.so %attr(755,root,root) %{moduledir}/libsyslogformat.so %attr(755,root,root) %{moduledir}/libsystem-source.so +%dir %{moduledir}/loggen +%attr(755,root,root) %{moduledir}/loggen/libloggen_socket_plugin.so +%attr(755,root,root) %{moduledir}/loggen/libloggen_ssl_plugin.so %attr(755,root,root) %{_sbindir}/syslog-ng %attr(755,root,root) %{_sbindir}/syslog-ng-ctl %attr(755,root,root) %{_bindir}/dqtool @@ -572,35 +673,38 @@ exit 0 %attr(755,root,root) %{_bindir}/slogencrypt %attr(755,root,root) %{_bindir}/slogkey %attr(755,root,root) %{_bindir}/slogverify -%attr(755,root,root) %{_bindir}/update-patterndb -%if %{with python} %attr(755,root,root) %{_bindir}/syslog-ng-update-virtualenv -%endif +%attr(755,root,root) %{_bindir}/update-patterndb +%{_datadir}/syslog-ng/smart-multi-line.fsm %dir %{_datadir}/syslog-ng/include +%{_datadir}/syslog-ng/include/scl.conf %dir %{_datadir}/syslog-ng/include/scl -%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_datadir}/syslog-ng/include/scl.conf %{_datadir}/syslog-ng/include/scl/apache %{_datadir}/syslog-ng/include/scl/arr %{_datadir}/syslog-ng/include/scl/checkpoint %{_datadir}/syslog-ng/include/scl/cisco +# R: basicfuncs %{_datadir}/syslog-ng/include/scl/collectd %{_datadir}/syslog-ng/include/scl/darwinosl %{_datadir}/syslog-ng/include/scl/default-network-drivers %{_datadir}/syslog-ng/include/scl/fortigate %{_datadir}/syslog-ng/include/scl/graphite +%{_datadir}/syslog-ng/include/scl/hdfs +%{_datadir}/syslog-ng/include/scl/kafka %{_datadir}/syslog-ng/include/scl/iptables %{_datadir}/syslog-ng/include/scl/jellyfin %{_datadir}/syslog-ng/include/scl/junos %{_datadir}/syslog-ng/include/scl/linux-audit - %dir %{_datadir}/syslog-ng/include/scl/loadbalancer %attr(755,root,root) %{_datadir}/syslog-ng/include/scl/loadbalancer/gen-loadbalancer.sh %{_datadir}/syslog-ng/include/scl/loadbalancer/plugin.conf - +%{_datadir}/syslog-ng/include/scl/logscale %{_datadir}/syslog-ng/include/scl/mariadb %{_datadir}/syslog-ng/include/scl/mbox %{_datadir}/syslog-ng/include/scl/nodejs +%{_datadir}/syslog-ng/include/scl/openobserve +%{_datadir}/syslog-ng/include/scl/opensearch %{_datadir}/syslog-ng/include/scl/osquery %{_datadir}/syslog-ng/include/scl/pacct %{_datadir}/syslog-ng/include/scl/paloalto @@ -611,7 +715,9 @@ exit 0 %{_datadir}/syslog-ng/include/scl/rewrite %{_datadir}/syslog-ng/include/scl/snmptrap %{_datadir}/syslog-ng/include/scl/solaris +%{_datadir}/syslog-ng/include/scl/splunk %{_datadir}/syslog-ng/include/scl/sudo +%{_datadir}/syslog-ng/include/scl/sumologic %{_datadir}/syslog-ng/include/scl/websense %{_datadir}/syslog-ng/include/scl/windowseventlog %dir %{_datadir}/syslog-ng/include/scl/syslogconf @@ -619,7 +725,6 @@ exit 0 %attr(755,root,root) %{_datadir}/syslog-ng/include/scl/syslogconf/convert-syslogconf.awk %{_datadir}/syslog-ng/include/scl/syslogconf/plugin.conf %{_datadir}/syslog-ng/include/scl/system -%{_datadir}/syslog-ng/smart-multi-line.fsm %{_datadir}/syslog-ng/xsd %dir %{_var}/lib/%{name} @@ -627,24 +732,24 @@ exit 0 %{_mandir}/man1/dqtool.1* %{_mandir}/man1/loggen.1* %{_mandir}/man1/pdbtool.1* +%{_mandir}/man1/persist-tool.1* %{_mandir}/man1/slogencrypt.1* %{_mandir}/man1/slogkey.1* %{_mandir}/man1/slogverify.1* -%{_mandir}/man1/persist-tool.1* -%{_mandir}/man7/secure-logging.7* %{_mandir}/man1/syslog-ng-ctl.1* %{_mandir}/man5/syslog-ng.conf.5* +%{_mandir}/man7/secure-logging.7* %{_mandir}/man8/syslog-ng.8* %attr(640,root,logs) %ghost /var/log/cron %attr(640,root,logs) %ghost /var/log/daemon %attr(640,root,logs) %ghost /var/log/debug +%attr(640,root,logs) %ghost /var/log/iptables %attr(640,root,logs) %ghost /var/log/kernel %attr(640,root,logs) %ghost /var/log/lpr %attr(640,root,logs) %ghost /var/log/maillog %attr(640,root,logs) %ghost /var/log/messages %attr(640,root,logs) %ghost /var/log/secure -%attr(640,root,logs) %ghost /var/log/shorewall %attr(640,root,logs) %ghost /var/log/spooler %attr(640,root,logs) %ghost /var/log/syslog %attr(640,root,logs) %ghost /var/log/user @@ -675,36 +780,50 @@ exit 0 %{_datadir}/syslog-ng/include/scl/telegram %endif -%if %{with java} -%files module-java +%files module-cloudauth %defattr(644,root,root,755) -%attr(755,root,root) %{moduledir}/libkafka.so -%attr(755,root,root) %{moduledir}/libmod-java.so -%{moduledir}/java-modules -%{_datadir}/syslog-ng/include/scl/elasticsearch -%{_datadir}/syslog-ng/include/scl/hdfs -%{_datadir}/syslog-ng/include/scl/kafka -%endif +%attr(755,root,root) %{moduledir}/libcloud_auth.so +%{_datadir}/syslog-ng/include/scl/google/google-pubsub.conf + +%files module-grpc +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libgrpc-protos.so.*.*.* +%ghost %{_libdir}/libgrpc-protos.so.0 +%{_libdir}/libgrpc-protos.so +%attr(755,root,root) %{moduledir}/libbigquery.so +%attr(755,root,root) %{moduledir}/libloki.so +%attr(755,root,root) %{moduledir}/libotel.so %if %{with json} %files module-json-plugin %defattr(644,root,root,755) %attr(755,root,root) %{moduledir}/libjson-plugin.so +# all below configs require json-plugin %{_datadir}/syslog-ng/include/scl/cee -%{_datadir}/syslog-ng/include/scl/cim +# R: basicfuncs http json-plugin %{_datadir}/syslog-ng/include/scl/discord +%{_datadir}/syslog-ng/include/scl/cim +# R: http json-plugin +%{_datadir}/syslog-ng/include/scl/elasticsearch %{_datadir}/syslog-ng/include/scl/ewmm -%{_datadir}/syslog-ng/include/scl/google %{_datadir}/syslog-ng/include/scl/graylog2 %{_datadir}/syslog-ng/include/scl/loggly %{_datadir}/syslog-ng/include/scl/logmatic -%{_datadir}/syslog-ng/include/scl/logscale %{_datadir}/syslog-ng/include/scl/netskope -%{_datadir}/syslog-ng/include/scl/openobserve -%{_datadir}/syslog-ng/include/scl/opensearch +# R: basicfuncs http json-plugin %{_datadir}/syslog-ng/include/scl/slack -%{_datadir}/syslog-ng/include/scl/splunk -%{_datadir}/syslog-ng/include/scl/sumologic +%endif + +%if %{with kafka} +%files module-kafka +%defattr(644,root,root,755) +%attr(755,root,root) %{moduledir}/libkafka.so +%endif + +%if %{with mqtt} +%files module-mqtt +%defattr(644,root,root,755) +%attr(755,root,root) %{moduledir}/libmqtt.so %endif %if %{with python} @@ -748,35 +867,20 @@ exit 0 %attr(755,root,root) %{_libdir}/libsecret-storage.so %attr(755,root,root) %{_libdir}/libsyslog-ng.so %{_libdir}/libsyslog-ng-native-connector.a -%dir %{_includedir}/syslog-ng -%{_includedir}/syslog-ng/*.h -%{_includedir}/syslog-ng/ack-tracker -%{_includedir}/syslog-ng/compat -%{_includedir}/syslog-ng/control -%{_includedir}/syslog-ng/debugger -%{_includedir}/syslog-ng/filter -%{_includedir}/syslog-ng/filterx -%{_includedir}/syslog-ng/healthcheck -%if %{without system_libivykis} -%{_includedir}/syslog-ng/ivykis -%endif -%{_includedir}/syslog-ng/logmsg -%{_includedir}/syslog-ng/logproto -%{_includedir}/syslog-ng/logthrdest -%{_includedir}/syslog-ng/logthrsource -%{_includedir}/syslog-ng/metrics -%{_includedir}/syslog-ng/modules -%{_includedir}/syslog-ng/multi-line -%{_includedir}/syslog-ng/parser -%{_includedir}/syslog-ng/rewrite -%{_includedir}/syslog-ng/scanner -%{_includedir}/syslog-ng/signal-slot-connector -%{_includedir}/syslog-ng/stats -%{_includedir}/syslog-ng/str-repr -%{_includedir}/syslog-ng/template -%{_includedir}/syslog-ng/timeutils -%{_includedir}/syslog-ng/transport -%{_includedir}/syslog-ng/value-pairs +%{_includedir}/syslog-ng +%exclude %{_includedir}/syslog-ng/libtest %{_datadir}/syslog-ng/tools %{_pkgconfigdir}/syslog-ng.pc %{_pkgconfigdir}/syslog-ng-native-connector.pc + +%if %{with tests} +%files test-devel +%defattr(644,root,root,755) +%if "%{_libdir}/syslog-ng" != "{moduledir}" +%dir %{_libdir}/syslog-ng +%endif +%dir %{_libdir}/syslog-ng/libtest +%{_libdir}/syslog-ng/libtest/libsyslog-ng-test.a +%{_includedir}/syslog-ng/libtest +%{_pkgconfigdir}/syslog-ng-test.pc +%endif -- 2.49.0