syslog-ng
Peter Czanik
pczanik at fang.fa.gau.hu
Thu Apr 8 19:44:15 UTC 2010
Hello,
2010-04-08 21:06 keltezéssel, Daniel J Walsh írta:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/08/2010 10:02 AM, Peter Czanik wrote:
>
>> Hello,
>>
>> I'm helping to upgrade syslog-ng to current version in major Linux
>> distributions. I would like to ask, if you could update syslog-ng to
>> version 3.1. I'm working on the openSUSE version of syslog-ng 3.1 (
>> http://download.opensuse.org/repositories/home:/czanik:/branches:/Base:/System/openSUSE_Factory/src/
>> ), and it is also being upgraded in Debian (
>> http://packages.qa.debian.org/s/syslog-ng.html ) and Gentoo (
>> http://gentoo.linuxhowtos.org/portage/app-admin/syslog-ng ) and Mandriva
>> ( http://sophie.zarb.org/viewrpm/b8182fa1eee109cc655a020a2cb62f5f ).
>>
>> For a complete list of changes, please see:
>> http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/changelog-en.txt
>> http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.1.0/changelog-en.txt
>>
>> Major changes from the packaging point of view:
>>
>> - addition of new utilities:
>> /usr/bin/pdbtool
>> /usr/sbin/syslog-ng-ctl
>>
>>
> Are these tools executed by init scripts or just by administrators?
>
Just by administrators. The first manages the pattern database (patterns
are not included), the second gives stats and controls debugging:
bigone112:~ # pdbtool
Syntax: pdbtool <command> [options]
Possible commands are:
match Match a message against the pattern database
dump Dump pattern datebase tree
merge Merge pattern databases
bigone112:~ # syslog-ng-ctl
Syntax: syslog-ng-ctl <command> [options]
Possible commands are:
stats Dump syslog-ng statistics
verbose Enable/query verbose messages
debug Enable/query debug messages
trace Enable/query trace messages
>> - apparmor (or SElinux in case of Fedora) needs some extra permissions:
>> /var/run/syslog-ng.ctl rw,
>>
> Is this a sock_file?
>
Yes, it is.
>> /var/run/syslog-ng/additional-log-sockets.conf r,
>>
Ooops, sorry, this is a SuSE related config file, where additional log
sockects from chroots are added on start by the init script.
> Why not put syslog-ng.ctl in /var/run/syslog-ng?
>
It is controlled by configure parameter: --with-pidfile-dir=/var/run
which also affects pid file location (see src/syslog-ng.h):
#define PATH_PIDFILE PATH_PIDFILEDIR "/syslog-ng.pid"
#define PATH_CONTROL_SOCKET PATH_PIDFILEDIR "/syslog-ng.ctl"
Fedora seems to be a bit more flexible here, than SuSE, so one could
easily set to use /var/run/syslog-ng/ for both of these files.
>> capability sys_tty_config,
>>
> What other processes need to read/write in these directories or sock_files?
>
Only syslog-ng and syslog-ng-ctl.
Bye,
CzP
>> Version 3.0 also added SSL support among many other changes, but that
>> can't be enabled on openSUSE (configure arg: --disable-ssl): syslog-ng
>> is in /sbin, openssl libs are in /usr/lib, linking from /usr is not
>> allowed in /, and SSL is not available statically for security reasons.
>> As far as I can see (I have a Fedora 13 snapshot installed in vmware),
>> Fedora has the same problem.
>>
>> Please let me know, if you need any additional help/information to get
>> syslog-ng updated for Fedora.
>>
>> Best regards,
>> Peter Czanik
>>
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAku+KUsACgkQrlYvE4MpobNBeQCfRvP3ykhSY8xaAMCL6PlOY+18
> fY8AoIo2TyUSPXEYDiUWs5ts/U6IMh8B
> =G3LL
> -----END PGP SIGNATURE-----
>
More information about the devel
mailing list