Peter Czanik pczanik at
Thu Apr 8 19:44:15 UTC 2010


2010-04-08 21:06 keltezéssel, Daniel J Walsh írta:
> Hash: SHA1
> On 04/08/2010 10:02 AM, Peter Czanik wrote:
>> Hello,
>> I'm helping to upgrade syslog-ng to current version in major Linux
>> distributions. I would like to ask, if you could update syslog-ng to
>> version 3.1. I'm working on the openSUSE version of syslog-ng 3.1 (
>> ), and it is also being upgraded in Debian (
>> ) and Gentoo (
>> ) and Mandriva
>> ( ).
>> For a complete list of changes, please see:
>> Major changes from the packaging point of view:
>> - addition of new utilities:
>> /usr/bin/pdbtool
>> /usr/sbin/syslog-ng-ctl
> Are these tools executed by init scripts or just by administrators?
Just by administrators. The first manages the pattern database (patterns
are not included), the second gives stats and controls debugging:

bigone112:~ # pdbtool
Syntax: pdbtool <command> [options]
Possible commands are:
    match        Match a message against the pattern database
    dump         Dump pattern datebase tree
    merge        Merge pattern databases
bigone112:~ # syslog-ng-ctl
Syntax: syslog-ng-ctl <command> [options]
Possible commands are:
    stats        Dump syslog-ng statistics
    verbose      Enable/query verbose messages
    debug        Enable/query debug messages
    trace        Enable/query trace messages

>> - apparmor (or SElinux in case of Fedora) needs some extra permissions:
>> /var/run/syslog-ng.ctl rw,
> Is this a sock_file?
Yes, it is.

>> /var/run/syslog-ng/additional-log-sockets.conf r,
Ooops, sorry, this is a SuSE related config file, where additional log
sockects from chroots are added on start by the init script.

> Why not put syslog-ng.ctl in /var/run/syslog-ng?
It is controlled by configure parameter: --with-pidfile-dir=/var/run
which also affects pid file location (see src/syslog-ng.h):
#define PATH_PIDFILE            PATH_PIDFILEDIR "/"
#define PATH_CONTROL_SOCKET     PATH_PIDFILEDIR "/syslog-ng.ctl"
Fedora seems to be a bit more flexible here, than SuSE, so one could
easily set to use /var/run/syslog-ng/ for both of these files.

>> capability sys_tty_config,
> What other processes need to read/write in these directories or sock_files?
Only syslog-ng and syslog-ng-ctl.


>> Version 3.0 also added SSL support among many other changes, but that
>> can't be enabled on openSUSE (configure arg: --disable-ssl): syslog-ng
>> is in /sbin, openssl libs are in /usr/lib, linking from /usr is not
>> allowed in /, and SSL is not available statically for security reasons.
>> As far as I can see (I have a Fedora 13 snapshot installed in vmware),
>> Fedora has the same problem.
>> Please let me know, if you need any additional help/information to get
>> syslog-ng updated for Fedora.
>> Best regards,
>> Peter Czanik
> Version: GnuPG v2.0.14 (GNU/Linux)
> Comment: Using GnuPG with Fedora -
> fY8AoIo2TyUSPXEYDiUWs5ts/U6IMh8B
> =G3LL

More information about the devel mailing list