From 5dd7ed82e788ebad2e920e0f2db7468cc6547cfe Mon Sep 17 00:00:00 2001 From: root Date: Sat, 29 Dec 2012 02:13:48 -0800 Subject: Sat Dec 29 02:10:20 PST 2012 --- extra/syslog-ng/PKGBUILD | 59 ++++++++++++++++++++++++ extra/syslog-ng/syslog-ng.conf | 92 +++++++++++++++++++++++++++++++++++++ extra/syslog-ng/syslog-ng.conf.d | 10 ++++ extra/syslog-ng/syslog-ng.install | 9 ++++ extra/syslog-ng/syslog-ng.logrotate | 7 +++ extra/syslog-ng/syslog-ng.rc | 67 +++++++++++++++++++++++++++ 6 files changed, 244 insertions(+) create mode 100644 extra/syslog-ng/PKGBUILD create mode 100644 extra/syslog-ng/syslog-ng.conf create mode 100644 extra/syslog-ng/syslog-ng.conf.d create mode 100644 extra/syslog-ng/syslog-ng.install create mode 100644 extra/syslog-ng/syslog-ng.logrotate create mode 100755 extra/syslog-ng/syslog-ng.rc (limited to 'extra/syslog-ng') diff --git a/extra/syslog-ng/PKGBUILD b/extra/syslog-ng/PKGBUILD new file mode 100644 index 000000000..336177d71 --- /dev/null +++ b/extra/syslog-ng/PKGBUILD @@ -0,0 +1,59 @@ +# $Id: PKGBUILD 173195 2012-12-12 17:17:00Z dreisner $ +# Maintainer: Dave Reisner +# Contributor: Eric BĂ©langer +# Contributor: Aaron Griffin + +pkgname=syslog-ng +pkgver=3.3.7 +pkgrel=1 +pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities" +arch=('i686' 'x86_64') +license=('GPL2') +url="http://www.balabit.com/network-security/syslog-ng/" +depends=('awk' 'eventlog' 'glib2' 'libcap' 'openssl' 'systemd') +makedepends=('flex' 'pkg-config') +optdepends=('logrotate: for rotating log files') +options=('!libtool') +backup=('etc/syslog-ng/modules.conf' + 'etc/syslog-ng/scl.conf' + 'etc/syslog-ng/syslog-ng.conf' + 'etc/conf.d/syslog-ng' + 'etc/logrotate.d/syslog-ng') +install=$pkgname.install +source=("http://www.balabit.com/downloads/files/syslog-ng/sources/$pkgver/source/${pkgname}_$pkgver.tar.gz" + syslog-ng.conf + syslog-ng.conf.d + syslog-ng.logrotate + syslog-ng.rc) +sha1sums=('06f09057c3dfb84eba381e0141f92565673ec0c8' + 'db14f4937a821e449b769c938faf2275a7ef188e' + '9b2eb6ea9e27c9f1b6c1c855be211ec3da51d3c8' + '949128fe3d7f77a7aab99048061f885bc758000c' + '94af81a84e3add6653755122cdd5080694de059d') + +build() { + cd "$pkgname-$pkgver" + + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc/syslog-ng \ + --libexecdir=/usr/lib \ + --localstatedir=/var/lib/syslog-ng \ + --datadir=/usr/share/syslog-ng \ + --with-pidfile-dir=/run \ + --disable-spoof-source \ + --enable-systemd \ + --with-systemdsystemunitdir=/usr/lib/systemd/system + + make +} + +package() { + make -C "$pkgname-$pkgver" DESTDIR="$pkgdir" install + + install -dm755 "$pkgdir/var/lib/syslog-ng" "$pkgdir/etc/syslog-ng/patterndb.d" + install -Dm644 "$srcdir/syslog-ng.conf" "$pkgdir/etc/syslog-ng/syslog-ng.conf" + install -Dm644 "$srcdir/syslog-ng.logrotate" "$pkgdir/etc/logrotate.d/syslog-ng" + install -Dm755 "$srcdir/syslog-ng.rc" "$pkgdir/etc/rc.d/syslog-ng" + install -Dm644 "$srcdir/syslog-ng.conf.d" "$pkgdir/etc/conf.d/syslog-ng" +} diff --git a/extra/syslog-ng/syslog-ng.conf b/extra/syslog-ng/syslog-ng.conf new file mode 100644 index 000000000..c79e531de --- /dev/null +++ b/extra/syslog-ng/syslog-ng.conf @@ -0,0 +1,92 @@ +@version: 3.3 +# +# /etc/syslog-ng/syslog-ng.conf +# + +options { + stats_freq (0); + flush_lines (0); + time_reopen (10); + log_fifo_size (10000); + chain_hostnames (off); + use_dns (no); + use_fqdn (no); + create_dirs (no); + keep_hostname (yes); + perm(0640); + group("log"); +}; + +source src { + unix-dgram("/run/systemd/journal/syslog"); + internal(); + file("/proc/kmsg"); +}; + +destination d_authlog { file("/var/log/auth.log"); }; +destination d_syslog { file("/var/log/syslog.log"); }; +destination d_cron { file("/var/log/crond.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kernel { file("/var/log/kernel.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_news { file("/var/log/news.log"); }; +destination d_ppp { file("/var/log/ppp.log"); }; +destination d_debug { file("/var/log/debug.log"); }; +destination d_messages { file("/var/log/messages.log"); }; +destination d_errors { file("/var/log/errors.log"); }; +destination d_everything { file("/var/log/everything.log"); }; +destination d_iptables { file("/var/log/iptables.log"); }; +destination d_acpid { file("/var/log/acpid.log"); }; +destination d_console { usertty("root"); }; + +# Log everything to tty12 +destination console_all { file("/dev/tty12"); }; + +filter f_auth { facility(auth); }; +filter f_authpriv { facility(auth, authpriv); }; +filter f_syslog { program(syslog-ng); }; +filter f_cron { facility(cron); }; +filter f_daemon { facility(daemon); }; +filter f_kernel { facility(kern) and not filter(f_iptables); }; +filter f_lpr { facility(lpr); }; +filter f_mail { facility(mail); }; +filter f_news { facility(news); }; +filter f_user { facility(user); }; +filter f_uucp { facility(uucp); }; +filter f_ppp { facility(local2); }; +filter f_debug { not facility(auth, authpriv, news, mail); }; +filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron) and not program(syslog-ng) and not filter(f_iptables); }; +filter f_everything { level(debug..emerg) and not facility(auth, authpriv); }; +filter f_emergency { level(emerg); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_crit { level(crit); }; +filter f_err { level(err); }; +filter f_iptables { match("IN=" value("MESSAGE")) and match("OUT=" value("MESSAGE")); }; +filter f_acpid { program("acpid"); }; + +log { source(src); filter(f_acpid); destination(d_acpid); }; +log { source(src); filter(f_authpriv); destination(d_authlog); }; +log { source(src); filter(f_syslog); destination(d_syslog); }; +log { source(src); filter(f_cron); destination(d_cron); }; +log { source(src); filter(f_daemon); destination(d_daemon); }; +log { source(src); filter(f_kernel); destination(d_kernel); }; +log { source(src); filter(f_lpr); destination(d_lpr); }; +log { source(src); filter(f_mail); destination(d_mail); }; +log { source(src); filter(f_news); destination(d_news); }; +log { source(src); filter(f_ppp); destination(d_ppp); }; +log { source(src); filter(f_user); destination(d_user); }; +log { source(src); filter(f_uucp); destination(d_uucp); }; +#log { source(src); filter(f_debug); destination(d_debug); }; +log { source(src); filter(f_messages); destination(d_messages); }; +log { source(src); filter(f_err); destination(d_errors); }; +log { source(src); filter(f_emergency); destination(d_console); }; +log { source(src); filter(f_everything); destination(d_everything); }; +log { source(src); filter(f_iptables); destination(d_iptables); }; + +# Log everything to tty12 +#log { source(src); destination(console_all); }; diff --git a/extra/syslog-ng/syslog-ng.conf.d b/extra/syslog-ng/syslog-ng.conf.d new file mode 100644 index 000000000..6bf1cd038 --- /dev/null +++ b/extra/syslog-ng/syslog-ng.conf.d @@ -0,0 +1,10 @@ +# +# /etc/conf.d/syslog-ng +# + +# passed to syslog-ng on config check +SYSLOG_NG_CHECKOPTS=() + +# passed to syslog-ng at startup +SYSLOG_NG_OPTS=() + diff --git a/extra/syslog-ng/syslog-ng.install b/extra/syslog-ng/syslog-ng.install new file mode 100644 index 000000000..a9365d6fe --- /dev/null +++ b/extra/syslog-ng/syslog-ng.install @@ -0,0 +1,9 @@ +#!/bin/sh + +post_upgrade() { + if [ "$(vercmp 3.3.6-3 "$2")" -eq 1 ]; then + printf '==> syslog-ng now reads from /run/systemd/journal/syslog in the\n' + printf ' default config. If you still use sysvinit/initscripts, this\n' + printf ' must be /dev/log in /etc/syslog-ng/syslog-ng.conf\n' + fi +} diff --git a/extra/syslog-ng/syslog-ng.logrotate b/extra/syslog-ng/syslog-ng.logrotate new file mode 100644 index 000000000..3509f2970 --- /dev/null +++ b/extra/syslog-ng/syslog-ng.logrotate @@ -0,0 +1,7 @@ +/var/log/messages.log /var/log/auth.log /var/log/mail.log /var/log/kernel.log /var/log/errors.log /var/log/daemon.log /var/log/user.log /var/log/iptables.log /var/log/everything.log /var/log/syslog.log /var/log/acpid.log /var/log/crond.log /var/log/lpr.log /var/log/uucp.log /var/log/news.log /var/log/ppp.log /var/log/debug.log { + missingok + sharedscripts + postrotate + /bin/kill -HUP $(cat /run/syslog-ng.pid 2>/dev/null) 2>/dev/null || true + endscript +} diff --git a/extra/syslog-ng/syslog-ng.rc b/extra/syslog-ng/syslog-ng.rc new file mode 100755 index 000000000..d48b71ed1 --- /dev/null +++ b/extra/syslog-ng/syslog-ng.rc @@ -0,0 +1,67 @@ +#!/bin/bash + +. /etc/rc.conf +. /etc/rc.d/functions +. /etc/conf.d/syslog-ng + +checkconfig() { + if ! syslog-ng -s "${SYSLOG_NG_CHECKOPTS[@]}"; then + stat_fail + exit 1 + fi +} + +pidfile=/run/syslog-ng.pid +if [[ -r $pidfile ]]; then + read -r PID < "$pidfile" + if [[ $PID && ! -d /proc/$PID ]]; then + # stale pidfile + unset PID + rm -f "$pidfile" + fi +fi + +case $1 in + start) + stat_busy "Starting Syslog-NG" + checkconfig + if [[ -z $PID ]] && /usr/sbin/syslog-ng "${SYSLOG_NG_OPTS[@]}"; then + add_daemon syslog-ng + stat_done + else + stat_fail + exit 1 + fi + ;; + stop) + stat_busy "Stopping Syslog-NG" + if [[ $PID ]] && kill $PID &>/dev/null; then + rm_daemon syslog-ng + stat_done + else + stat_fail + exit 1 + fi + ;; + reload) + stat_busy "Reloading Syslog-NG configuration and re-opening log files" + if [[ -z $PID ]]; then + stat_fail + else + checkconfig + if kill -HUP $PID &>/dev/null; then + stat_done + else + stat_fail + exit 1 + fi + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart|reload}" +esac -- cgit v1.2.3-54-g00ecf