From 70014d1e26d9629e6c9212e2b09582916ce4cbec Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Wed, 13 Apr 2016 09:16:54 +0000 Subject: [PATCH] - PLD merge --- syslog-ng-simple.conf | 55 +++++++++----- syslog-ng.conf | 13 ++-- syslog-ng.logrotate | 1 + syslog-ng.spec | 168 ++++++++++++++++++++++++++---------------- 4 files changed, 145 insertions(+), 92 deletions(-) diff --git a/syslog-ng-simple.conf b/syslog-ng-simple.conf index 2fbce3a..f445656 100644 --- a/syslog-ng-simple.conf +++ b/syslog-ng-simple.conf @@ -1,38 +1,53 @@ @version: 3.6 # -# Syslog-ng configuration for PLD Linux +# Syslog-ng configuration for TLD Linux # -# Copyright (c) 1999 anonymous -# Copyright (c) 1999 Balazs Scheidler -# $Id$ +# See syslog-ng(8) and syslog-ng.conf(5) for more information. # -# Syslog-ng configuration file options { - long_hostnames(off); flush_lines(0); - - # The default action of syslog-ng 1.6.0 is to log a STATS line - # to the file every 10 minutes. That's pretty ugly after a while. - # Change it to every 12 hours so you get a nice daily update of - # how many messages syslog-ng missed (0). + owner(root); + group(logs); + perm(0640); + create_dirs(yes); + dir_owner(root); + dir_group(logs); + dir_perm(0750); stats_freq(43200); + time_reopen(10); + time_reap(360); + mark_freq(600); + threaded(yes); }; -source s_kernel { file ("/proc/kmsg" program_override("kernel")); }; -source s_src { unix-stream("/dev/log"); internal(); }; -# if using systemd, comment out the line above, and uncomment line below -#source s_src { unix-dgram("/run/systemd/journal/syslog"); internal(); }; +source s_sys { + file ("/proc/kmsg" program_override("kernel")); + unix-stream("/dev/log" max-connections(1000) log_iw_size(100000)); + internal(); +}; destination d_mail { file("/var/log/maillog"); }; destination d_messages { file("/var/log/messages"); }; -destination d_kernel { file("/var/log/kernel"); }; +destination d_kern { file("/var/log/kernel"); }; destination d_console_all { file("/dev/tty12"); }; +#destination d_loghost { udp("loghost" port(514)); }; + filter f_kern { facility(kern); }; filter f_mail { facility(mail); }; -log { source(s_kernel); destination(d_kernel); }; -log { source(s_src); destination(d_console_all); }; -log { source(s_src); filter(f_mail); destination(d_mail); }; -log { source(s_src); destination(d_messages); flags(fallback); }; +log { source(s_sys); filter(f_kern); destination(d_kern); }; +log { source(s_sys); filter(f_mail); destination(d_mail); }; + +# This is a catchall statement, and should catch all messages which were not +# accepted any of the previous statements. +# If using d_console_all or network logging, remove flags(fallback); +log { source(s_sys); destination(d_messages); flags(fallback); }; +#log { source(s_sys); destination(d_messages); }; + +# Log all messages to tty12 +#log { source(s_sys); destination(d_console_all); }; + +# Network syslogging +#log { source(s_sys); destination(d_loghost); }; diff --git a/syslog-ng.conf b/syslog-ng.conf index 7729515..d71993c 100644 --- a/syslog-ng.conf +++ b/syslog-ng.conf @@ -1,6 +1,7 @@ @version: 3.6 +@include "scl.conf" # -# Syslog-ng configuration for PLD Linux +# Syslog-ng configuration for TLD Linux # # See syslog-ng(8) and syslog-ng.conf(5) for more information. # @@ -21,18 +22,14 @@ options { threaded(yes); }; -source s_sys { - file ("/proc/kmsg" program_override("kernel")); - unix-stream("/dev/log" max-connections(1000) log_iw_size(100000)); -# if using systemd, comment out the line above, and uncomment line below -# unix-dgram("/run/systemd/journal/syslog"); +source s_sys { + system(); internal(); }; # uncomment the line below if you want to setup syslog server #source s_net { udp(); }; -# if using systemd, an IP address instead of name may be required here #destination d_loghost { udp("loghost" port(514)); }; destination d_kern { file("/var/log/kernel"); }; @@ -41,7 +38,7 @@ destination d_authlog { file("/var/log/secure"); }; destination d_mail { file("/var/log/maillog"); }; destination d_uucp { file("/var/log/spooler"); }; destination d_debug { file("/var/log/debug"); }; -destination d_cron { file("/var/log/cron" owner(root) group(crontab) perm(0660)); }; +destination d_cron { file("/var/log/cron"); }; destination d_syslog { file("/var/log/syslog"); }; destination d_daemon { file("/var/log/daemon"); }; destination d_lpr { file("/var/log/lpr"); }; diff --git a/syslog-ng.logrotate b/syslog-ng.logrotate index 97b8e53..fcf6144 100644 --- a/syslog-ng.logrotate +++ b/syslog-ng.logrotate @@ -1,3 +1,4 @@ +/var/log/cron /var/log/daemon /var/log/debug /var/log/iptables diff --git a/syslog-ng.spec b/syslog-ng.spec index 390d94e..5865777 100644 --- a/syslog-ng.spec +++ b/syslog-ng.spec @@ -1,7 +1,8 @@ -# # TODO: +# - switch to LTS version??? where??? # - relies on libs in /usr which is wrong # (well, for modules bringing additional functionality it's acceptable IMO --q) + # # Conditional build: %bcond_with dynamic # link dynamically with glib, eventlog, pcre (modules are always linked dynamically) @@ -10,33 +11,35 @@ %bcond_without json # support for JSON template formatting %bcond_without mongodb # support for mongodb destination %bcond_without redis # support for Redis destination -%bcond_without riemann # support for Riemann monitoring system %bcond_without smtp # support for logging into SMTP %bcond_without geoip # support for GeoIP +%bcond_without riemann # support for Riemann monitoring system %bcond_without system_libivykis # use system libivykis %bcond_with system_rabbitmq # use system librabbitmq [not supported yet] %define glib2_ver 1:2.24.0 +%define mver 3.6 Summary: Syslog-ng - new generation of the system logger Summary(pl.UTF-8): Syslog-ng - systemowy demon logujący nowej generacji Summary(pt_BR.UTF-8): Daemon de log nova geração Name: syslog-ng Version: 3.6.4 -Release: 1 +Release: 3 License: GPL v2+ with OpenSSL exception Group: Daemons -Source0: http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/%{version}/source/%{name}_%{version}.tar.gz +Source0: https://my.balabit.com/downloads/syslog-ng/open-source-edition/%{version}/source/%{name}_%{version}.tar.gz # Source0-md5: e9f401615e92e5eb27396c995c1446ba Source1: %{name}.init Source2: %{name}.conf Source3: %{name}.logrotate -Source4: http://www.balabit.com/support/documentation/syslog-ng-ose-3.6-guides/en/syslog-ng-ose-v3.6-guide-admin/pdf/%{name}-ose-v3.6-guide-admin.pdf -# Source4-md5: 2b6bd4f0da9c4f843691409a3e16f4d7 +Source4: http://www.balabit.com/support/documentation/syslog-ng-ose-%{mver}-guides/en/syslog-ng-ose-v%{mver}-guide-admin/pdf/%{name}-ose-v%{mver}-guide-admin.pdf +# Source4-md5: bb12c18aef655096987911c4a9fe3ffa Source5: %{name}-simple.conf Patch0: %{name}-datadir.patch Patch1: cap_syslog-vserver-workaround.patch Patch2: %{name}-nolibs.patch -Patch3: man-paths.patch +Patch4: man-paths.patch +Patch5: %{name}-link.patch URL: https://www.balabit.com/network-security/syslog-ng/opensource-logging-system %{?with_geoip:BuildRequires: GeoIP-devel >= 1.5.1} BuildRequires: autoconf >= 2.59 @@ -57,6 +60,7 @@ BuildRequires: libcap-devel BuildRequires: libnet-devel >= 1:1.1.2.1-3 BuildRequires: libtool >= 2:2.0 BuildRequires: libwrap-devel +BuildRequires: libxslt-progs BuildRequires: openssl-devel >= 0.9.8 BuildRequires: pcre-devel >= 6.1 BuildRequires: pkgconfig @@ -66,9 +70,7 @@ BuildRequires: rpm >= 4.4.9-56 BuildRequires: rpmbuild(macros) >= 1.623 BuildRequires: which %if %{with tests} -%{?with_sql:BuildRequires: libdbi-drivers-sqlite3} BuildRequires: python -BuildRequires: python-modules BuildRequires: tzdata %endif %if %{without dynamic} @@ -81,9 +83,6 @@ BuildRequires: zlib-static Requires(post): fileutils Requires(post,preun): /sbin/chkconfig Requires: %{name}-libs = %{version}-%{release} -Requires: eventlog >= 0.2.12 -Requires: glib2 >= %{glib2_ver} -Requires: pcre >= 6.1 Requires: psmisc >= 20.1 %{?with_system_rabbitmq:Requires: rabbitmq-c >= 0.0.1} Requires: rc-scripts >= 0.4.3.0 @@ -96,15 +95,17 @@ Provides: service(syslog) Provides: syslogdaemon Obsoletes: syslog-ng-module-afsocket Obsoletes: syslog-ng-module-dbparser -Obsoletes: syslog-ng-systemd Conflicts: klogd Conflicts: msyslog Conflicts: rsyslog Conflicts: syslog +Conflicts: cronie < 1.5.0-3 +Conflicts: fcron < 3.1.2-5 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %define xsl_stylesheets_dir /usr/share/sgml/docbook/xsl-stylesheets +%if %{without dynamic} # syslog-ng has really crazy linking rules (see their bugzilla). # Some rules, according to syslog-ng devs, are like this: # - libsyslog-ng.so has undefined symbols for third party libraries @@ -112,12 +113,14 @@ BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) # - same applies for modules # In dynamic case tests are forcily linked with dynamic modules, which doesn't work with as-needed. %define filterout_ld -Wl,--as-needed -Wl,--no-copy-dt-needed-entries - -%if %{without dynamic} %define no_install_post_check_so 1 %define _sbindir /sbin -%define _libdir /%{_lib} +%define slibdir /%{_lib} +%else +%define slibdir %{_libdir} %endif +# or just %{_libdir}? modules seem to be always linked dynamically +%define moduledir %{slibdir}/syslog-ng %description syslog-ng is a syslogd replacement for Unix and Unix-like systems. It @@ -278,12 +281,18 @@ Pliki nagłówkowe do tworzenia modułów dla sysloga-ng. %patch0 -p1 %patch1 -p1 %patch2 -p1 -%patch3 -p1 +%patch4 -p1 +#%patch5 -p1 cp -p %{SOURCE4} doc cp -p %{SOURCE5} contrib/syslog-ng.conf.simple %{__sed} -i -e 's|/usr/bin/awk|/bin/awk|' scl/syslogconf/convert-syslogconf.awk +# timestamp paring on x32 confuses glib2 testsuite +%ifarch x32 +%{__sed} -i -e '/tests\/unit\/test_msgparse/d' tests/unit/Makefile.am +%endif + %build for i in . lib/ivykis; do cd $i @@ -312,7 +321,7 @@ done --with-ivykis=internal \ %endif %{?with_system_rabbitmq:--with-librabbitmq-client=system} \ - --with-module-dir=%{_libdir}/syslog-ng \ + --with-module-dir=%{moduledir} \ --with-pidfile-dir=/var/run \ --with-timezone-dir=%{_datadir}/zoneinfo \ --disable-systemd \ @@ -341,6 +350,7 @@ done %{__make} + %if %{with tests} LD_LIBRARY_PATH=$(find $PWD -name '*.so*' -printf "%h:") PYTHONPATH=$(pwd)/tests/functional @@ -358,17 +368,23 @@ install -d $RPM_BUILD_ROOT/etc/{sysconfig,logrotate.d,rc.d/init.d} \ pkgconfigdir=%{_pkgconfigdir} \ DESTDIR=$RPM_BUILD_ROOT +%if "%{slibdir}" != "%{_libdir}" +install -d $RPM_BUILD_ROOT%{slibdir} +%{__mv} $RPM_BUILD_ROOT%{_libdir}/libsyslog-ng-%{mver}.so.* $RPM_BUILD_ROOT%{slibdir} +ln -snf %{slibdir}/$(basename $RPM_BUILD_ROOT%{slibdir}/libsyslog-ng-%{mver}.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libsyslog-ng.so +%endif + %{__sed} -e 's|@@SBINDIR@@|%{_sbindir}|g' %{SOURCE1} > $RPM_BUILD_ROOT/etc/rc.d/init.d/syslog-ng cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/syslog-ng -for n in daemon debug iptables kernel lpr maillog messages secure spooler syslog user xferlog; do +for n in cron daemon debug iptables kernel lpr maillog messages secure spooler syslog user xferlog; do > $RPM_BUILD_ROOT/var/log/$n done touch $RPM_BUILD_ROOT/etc/sysconfig/%{name} %{__rm} $RPM_BUILD_ROOT%{_libdir}/*.la -%{__rm} $RPM_BUILD_ROOT%{_libdir}/syslog-ng/*.la +%{__rm} $RPM_BUILD_ROOT%{moduledir}/*.la %clean rm -rf $RPM_BUILD_ROOT @@ -420,7 +436,7 @@ exit 0 %defattr(644,root,root,755) %doc AUTHORS NEWS.md debian/syslog-ng.conf* contrib/relogger.pl %doc contrib/syslog-ng.conf.{doc,simple,RedHat} -%doc contrib/{apparmor,selinux,syslog2ng} doc/syslog-ng-ose-v3.6-guide-admin.pdf +%doc contrib/{apparmor,selinux,syslog2ng} doc/syslog-ng-ose-v%{mver}-guide-admin.pdf %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name} %attr(750,root,root) %dir %{_sysconfdir}/syslog-ng %attr(750,root,root) %dir %{_sysconfdir}/syslog-ng/patterndb.d @@ -428,27 +444,27 @@ exit 0 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/syslog-ng/syslog-ng.conf %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/syslog-ng %attr(754,root,root) /etc/rc.d/init.d/syslog-ng -%dir %{_libdir}/syslog-ng -%attr(755,root,root) %{_libdir}/syslog-ng/libafamqp.so -%attr(755,root,root) %{_libdir}/syslog-ng/libaffile.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafprog.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafsocket.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafsocket-notls.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafsocket-tls.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafstomp.so -%attr(755,root,root) %{_libdir}/syslog-ng/libafuser.so -%attr(755,root,root) %{_libdir}/syslog-ng/libbasicfuncs.so -%attr(755,root,root) %{_libdir}/syslog-ng/libconfgen.so -%attr(755,root,root) %{_libdir}/syslog-ng/libcryptofuncs.so -%attr(755,root,root) %{_libdir}/syslog-ng/libcsvparser.so -%attr(755,root,root) %{_libdir}/syslog-ng/libdbparser.so -%attr(755,root,root) %{_libdir}/syslog-ng/libgraphite.so -%attr(755,root,root) %{_libdir}/syslog-ng/liblinux-kmsg-format.so -%attr(755,root,root) %{_libdir}/syslog-ng/libpacctformat.so -%attr(755,root,root) %{_libdir}/syslog-ng/libpseudofile.so -%attr(755,root,root) %{_libdir}/syslog-ng/libsyslog-ng-crypto.so -%attr(755,root,root) %{_libdir}/syslog-ng/libsyslogformat.so -%attr(755,root,root) %{_libdir}/syslog-ng/libsystem-source.so +%dir %{moduledir} +%attr(755,root,root) %{moduledir}/libafamqp.so +%attr(755,root,root) %{moduledir}/libaffile.so +%attr(755,root,root) %{moduledir}/libafprog.so +%attr(755,root,root) %{moduledir}/libafsocket.so +%attr(755,root,root) %{moduledir}/libafsocket-notls.so +%attr(755,root,root) %{moduledir}/libafsocket-tls.so +%attr(755,root,root) %{moduledir}/libafstomp.so +%attr(755,root,root) %{moduledir}/libafuser.so +%attr(755,root,root) %{moduledir}/libbasicfuncs.so +%attr(755,root,root) %{moduledir}/libconfgen.so +%attr(755,root,root) %{moduledir}/libcryptofuncs.so +%attr(755,root,root) %{moduledir}/libcsvparser.so +%attr(755,root,root) %{moduledir}/libdbparser.so +%attr(755,root,root) %{moduledir}/libgraphite.so +%attr(755,root,root) %{moduledir}/liblinux-kmsg-format.so +%attr(755,root,root) %{moduledir}/libpacctformat.so +%attr(755,root,root) %{moduledir}/libpseudofile.so +%attr(755,root,root) %{moduledir}/libsyslog-ng-crypto.so +%attr(755,root,root) %{moduledir}/libsyslogformat.so +%attr(755,root,root) %{moduledir}/libsystem-source.so %attr(755,root,root) %{_sbindir}/syslog-ng %attr(755,root,root) %{_sbindir}/syslog-ng-ctl %attr(755,root,root) %{_bindir}/loggen @@ -483,69 +499,93 @@ exit 0 %{_mandir}/man5/syslog-ng.conf.5* %{_mandir}/man8/syslog-ng.8* -%attr(640,root,root) %ghost /var/log/daemon -%attr(640,root,root) %ghost /var/log/debug -%attr(640,root,root) %ghost /var/log/iptables -%attr(640,root,root) %ghost /var/log/kernel -%attr(640,root,root) %ghost /var/log/lpr -%attr(640,root,root) %ghost /var/log/maillog -%attr(640,root,root) %ghost /var/log/messages -%attr(640,root,root) %ghost /var/log/secure -%attr(640,root,root) %ghost /var/log/spooler -%attr(640,root,root) %ghost /var/log/syslog -%attr(640,root,root) %ghost /var/log/user -%attr(640,root,root) %ghost /var/log/xferlog +%attr(640,root,logs) %ghost /var/log/cron +%attr(640,root,logs) %ghost /var/log/daemon +%attr(640,root,logs) %ghost /var/log/debug +%attr(640,root,logs) %ghost /var/log/iptables +%attr(640,root,logs) %ghost /var/log/kernel +%attr(640,root,logs) %ghost /var/log/lpr +%attr(640,root,logs) %ghost /var/log/maillog +%attr(640,root,logs) %ghost /var/log/messages +%attr(640,root,logs) %ghost /var/log/secure +%attr(640,root,logs) %ghost /var/log/spooler +%attr(640,root,logs) %ghost /var/log/syslog +%attr(640,root,logs) %ghost /var/log/user +%attr(640,root,logs) %ghost /var/log/xferlog %if %{with mongodb} %files module-afmongodb %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libafmongodb.so +%attr(755,root,root) %{moduledir}/libafmongodb.so %endif %if %{with smtp} %files module-afsmtp %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libafsmtp.so +%attr(755,root,root) %{moduledir}/libafsmtp.so %endif %if %{with sql} %files module-afsql %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libafsql.so +%attr(755,root,root) %{moduledir}/libafsql.so %endif %if %{with json} %files module-json-plugin %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libjson-plugin.so +%attr(755,root,root) %{moduledir}/libjson-plugin.so %endif %if %{with redis} %files module-redis %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libredis.so +%attr(755,root,root) %{moduledir}/libredis.so %endif %if %{with riemann} %files module-riemann %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libriemann.so +%attr(755,root,root) %{moduledir}/libriemann.so %endif - + %if %{with geoip} %files module-tfgeoip %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/syslog-ng/libtfgeoip.so +%attr(755,root,root) %{moduledir}/libtfgeoip.so %endif %files libs %defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/libsyslog-ng-*.so.* +%attr(755,root,root) %{slibdir}/libsyslog-ng-%{mver}.so.*.*.* +%attr(755,root,root) %ghost %{slibdir}/libsyslog-ng-%{mver}.so.0 %dir %{_datadir}/syslog-ng %files devel %defattr(644,root,root,755) %attr(755,root,root) %{_libdir}/libsyslog-ng.so -%{_includedir}/syslog-ng +%dir %{_includedir}/syslog-ng +%{_includedir}/syslog-ng/*.h +%{_includedir}/syslog-ng/compat +%{_includedir}/syslog-ng/control +%{_includedir}/syslog-ng/filter +%if %{without system_libivykis} +%{_includedir}/syslog-ng/ivykis +%endif +%{_includedir}/syslog-ng/logproto +%{_includedir}/syslog-ng/parser +%{_includedir}/syslog-ng/rewrite +%{_includedir}/syslog-ng/stats +%{_includedir}/syslog-ng/template +%{_includedir}/syslog-ng/transport %{_datadir}/syslog-ng/tools %{_pkgconfigdir}/syslog-ng.pc + +# test-devel ? +%if "%{_libdir}/syslog-ng" != "{moduledir}" +%dir %{_libdir}/syslog-ng +%endif +%dir %{_libdir}/syslog-ng/libtest +%{_libdir}/syslog-ng/libtest/libsyslog-ng-test.a +%{_includedir}/syslog-ng/libtest +%{_pkgconfigdir}/syslog-ng-test.pc -- 2.44.0