diff options
author | Parabola <dev@list.parabolagnulinux.org> | 2011-07-25 14:36:24 +0000 |
---|---|---|
committer | Parabola <dev@list.parabolagnulinux.org> | 2011-07-25 14:36:24 +0000 |
commit | c52a1a6eb4ad278a7b6d9eeeb9c7c88f73ca8d8c (patch) | |
tree | 6ea332ea2bc8d6dfbfeba417c0e0d40a4608daaa /testing/syslog-ng | |
parent | 43983783a3e8bf61896eb93a2858a14bbaf3a53b (diff) |
Mon Jul 25 14:36:20 UTC 2011
Diffstat (limited to 'testing/syslog-ng')
-rw-r--r-- | testing/syslog-ng/PKGBUILD | 66 | ||||
-rw-r--r-- | testing/syslog-ng/cap_syslog.patch | 101 | ||||
-rw-r--r-- | testing/syslog-ng/non-blocking-systemd-fds.patch | 32 | ||||
-rw-r--r-- | testing/syslog-ng/syslog-ng.conf | 92 | ||||
-rw-r--r-- | testing/syslog-ng/syslog-ng.logrotate | 7 | ||||
-rwxr-xr-x | testing/syslog-ng/syslog-ng.rc | 63 |
6 files changed, 0 insertions, 361 deletions
diff --git a/testing/syslog-ng/PKGBUILD b/testing/syslog-ng/PKGBUILD deleted file mode 100644 index 3c4bc0767..000000000 --- a/testing/syslog-ng/PKGBUILD +++ /dev/null @@ -1,66 +0,0 @@ -# $Id: PKGBUILD 131638 2011-07-13 03:09:27Z dreisner $ -# Maintainer: Dave Reisner <dreisner@archlinux.org> -# Maintainer: Eric BĂ©langer <eric@archlinux.org> -# Maintainer: Aaron Griffin <aaron@archlinux.org> - -pkgname=syslog-ng -pkgver=3.2.4 -pkgrel=3 -pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities" -arch=('i686' 'x86_64') -license=('GPL2') -groups=('base') -url="http://www.balabit.com/network-security/syslog-ng/" -depends=('glib2' 'eventlog' 'openssl' 'libcap' 'awk') -makedepends=('flex' 'pkg-config') -optdepends=('logrotate: for rotating log files') -provides=('logger') -options=('!libtool') -backup=('etc/syslog-ng/modules.conf' 'etc/syslog-ng/scl.conf' \ - 'etc/syslog-ng/syslog-ng.conf' 'etc/logrotate.d/syslog-ng') -source=(http://www.balabit.com/downloads/files/syslog-ng/sources/${pkgver}/source/${pkgname}_${pkgver}.tar.gz - non-blocking-systemd-fds.patch - syslog-ng.conf syslog-ng.logrotate syslog-ng.rc cap_syslog.patch) -md5sums=('5995f7dad0053a478b60a63f6f754203' - '25e43afe51eb2223c25168e3c3e7aaf6' - '344dddfff946300f5576b13a7e8ea19f' - '735636090be4582885974542d2a75855' - '8b4441343d859c2f01c2cf799a7e6f98' - '46e5dcff71f820d497898331a3f608fe') -sha1sums=('ff732f7223bd2bd0424d4b9028b523cf62133af1' - '73b83deae9a8b945dfb13adf331e6bf6f119b83e' - 'b9eb8c61f7cccda543fc5c97fe1d40a8d15e713f' - 'ac997b25d7d8e69e66782d3771a0e12aff55ae7f' - '4481819762fd1b6f25903016a8878e63c0058fcb' - 'f093a09626a528d23f0f2aeece018cab15a735a9') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - # fix #22555 for kernels >=2.6.38 - patch -p1 -i ../cap_syslog.patch - - # fix systemd blocking FD bug - # https://bugzilla.balabit.com/show_bug.cgi?id=125 - patch -Np1 < "$srcdir/non-blocking-systemd-fds.patch" - - ./configure --prefix=/usr --sysconfdir=/etc/syslog-ng \ - --libexecdir=/usr/lib --localstatedir=/var/lib/syslog-ng \ - --enable-tcp-wrapper \ - --with-pidfile-dir=/var/run \ - --disable-spoof-source \ - --disable-tcp-wrapper \ - --enable-systemd - - make -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - install -dm755 "${pkgdir}/var/lib/syslog-ng" "${pkgdir}/etc/syslog-ng/patterndb.d" - install -Dm644 "${srcdir}/syslog-ng.conf" "${pkgdir}/etc/syslog-ng/syslog-ng.conf" - install -Dm644 "${srcdir}/syslog-ng.logrotate" "${pkgdir}/etc/logrotate.d/syslog-ng" - install -Dm755 "${srcdir}/syslog-ng.rc" "${pkgdir}/etc/rc.d/syslog-ng" - install -Dm644 "doc/examples/syslog-ng.service" "$pkgdir/lib/systemd/system/syslog-ng.service" -} diff --git a/testing/syslog-ng/cap_syslog.patch b/testing/syslog-ng/cap_syslog.patch deleted file mode 100644 index b6e6db6e4..000000000 --- a/testing/syslog-ng/cap_syslog.patch +++ /dev/null @@ -1,101 +0,0 @@ -diff --git a/lib/gprocess.h b/lib/gprocess.h -index cda35b0..5c449f7 100644 ---- a/lib/gprocess.h -+++ b/lib/gprocess.h -@@ -28,9 +28,14 @@ - #include "syslog-ng.h" - - #include <sys/types.h> -+#include <sys/utsname.h> - - #if ENABLE_LINUX_CAPS - # include <sys/capability.h> -+# -+# ifndef CAP_SYSLOG -+# define CAP_SYSLOG 34 -+# endif - #endif - - typedef enum -@@ -78,5 +83,8 @@ void g_process_finish(void); - - void g_process_add_option_group(GOptionContext *ctx); - -+extern int kernel_version; -+extern void get_kernel_version(void); -+#define LINUX_VERSION(x,y,z) (0x10000*(x) + 0x100*(y) + z) - - #endif -diff --git a/modules/affile/affile.c b/modules/affile/affile.c -index e145324..886fa72 100644 ---- a/modules/affile/affile.c -+++ b/modules/affile/affile.c -@@ -59,7 +59,12 @@ affile_open_file(gchar *name, gint flags, - if (privileged) - { - g_process_cap_modify(CAP_DAC_READ_SEARCH, TRUE); -- g_process_cap_modify(CAP_SYS_ADMIN, TRUE); -+ if (!kernel_version) -+ get_kernel_version(); -+ if (kernel_version < LINUX_VERSION(2, 6, 38)) -+ g_process_cap_modify(CAP_SYS_ADMIN, TRUE); -+ else -+ g_process_cap_modify(CAP_SYSLOG, TRUE); - } - else - { -diff --git a/syslog-ng/main.c b/syslog-ng/main.c -index 9880c1f..ee5031b 100644 ---- a/syslog-ng/main.c -+++ b/syslog-ng/main.c -@@ -67,6 +67,7 @@ static gboolean syntax_only = FALSE; - static gboolean display_version = FALSE; - static gchar *ctlfilename = PATH_CONTROL_SOCKET; - static gchar *preprocess_into = NULL; -+int kernel_version; - - static volatile sig_atomic_t sig_hup_received = FALSE; - static volatile sig_atomic_t sig_term_received = FALSE; -@@ -363,6 +364,20 @@ version(void) - ON_OFF_STR(ENABLE_PACCT_MODULE)); - } - -+void -+get_kernel_version(void) { -+ static struct utsname uts; -+ int x = 0, y = 0, z = 0; -+ -+ if (uname(&uts) == -1) { -+ fprintf(stderr, "Unable to retrieve kernel version.\n"); -+ exit(1); -+ } -+ -+ sscanf(uts.release, "%d.%d.%d", &x, &y, &z); -+ kernel_version = LINUX_VERSION(x, y, z); -+} -+ - int - main(int argc, char *argv[]) - { -@@ -379,9 +394,20 @@ main(int argc, char *argv[]) - * indicate readability. Enabling/disabling cap_sys_admin on every poll - * invocation seems to be too expensive. So I enable it for now. */ - -- g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," -+ if (!kernel_version) -+ get_kernel_version(); -+ if (kernel_version < LINUX_VERSION(2, 6, 34)) -+ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," - "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner=p " - "cap_sys_admin=ep"); -+ else if (kernel_version < LINUX_VERSION(2, 6, 38)) -+ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," -+ "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner," -+ "cap_sys_admin=p"); -+ else -+ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," -+ "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner," -+ "cap_syslog=p"); - ctx = g_option_context_new("syslog-ng"); - g_process_add_option_group(ctx); - msg_add_option_group(ctx); diff --git a/testing/syslog-ng/non-blocking-systemd-fds.patch b/testing/syslog-ng/non-blocking-systemd-fds.patch deleted file mode 100644 index bd056088b..000000000 --- a/testing/syslog-ng/non-blocking-systemd-fds.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 2f214c4f87d944aa28d53e331a67b1fd88d9840f Mon Sep 17 00:00:00 2001 -From: Balazs Scheidler <bazsi@balabit.hu> -Date: Wed, 22 Jun 2011 12:50:53 +0200 -Subject: [PATCH] systemd: make sure the acquired fd is in non-blocking mode - -The fd acquired from systemd is in blocking mode, and syslog-ng -didn't explicitly set it to non-blocking, causing syslog-ng -to stall. This patch changes that, explicitly enables -O_NONBLOCK and O_CLOEXEC on systemd acquired fds. - -Reported-By: Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> -Signed-off-by: Balazs Scheidler <bazsi@balabit.hu> ---- - modules/afsocket/afunix.c | 2 ++ - 1 files changed, 2 insertions(+), 0 deletions(-) - -diff --git a/modules/afsocket/afunix.c b/modules/afsocket/afunix.c -index cd9c205..9a4e37b 100644 ---- a/modules/afsocket/afunix.c -+++ b/modules/afsocket/afunix.c -@@ -108,6 +108,8 @@ afunix_sd_acquire_socket(AFSocketSourceDriver *s, gint *result_fd) - - if (*result_fd != -1) - { -+ g_fd_set_nonblock(*result_fd, TRUE); -+ g_fd_set_cloexec(*result_fd, TRUE); - msg_verbose("Acquired systemd socket", - evt_tag_str("filename", self->filename), - evt_tag_int("systemd-sock-fd", *result_fd), --- -1.7.5.4 - diff --git a/testing/syslog-ng/syslog-ng.conf b/testing/syslog-ng/syslog-ng.conf deleted file mode 100644 index 6e3362681..000000000 --- a/testing/syslog-ng/syslog-ng.conf +++ /dev/null @@ -1,92 +0,0 @@ -@version: 3.2 -# -# /etc/syslog-ng/syslog-ng.conf -# - -options { - stats_freq (0); - flush_lines (0); - time_reopen (10); - log_fifo_size (1000); - long_hostnames(off); - use_dns (no); - use_fqdn (no); - create_dirs (no); - keep_hostname (yes); - perm(0640); - group("log"); -}; - -source src { - unix-dgram("/dev/log"); - internal(); - file("/proc/kmsg"); -}; - -destination d_authlog { file("/var/log/auth.log"); }; -destination d_syslog { file("/var/log/syslog.log"); }; -destination d_cron { file("/var/log/crond.log"); }; -destination d_daemon { file("/var/log/daemon.log"); }; -destination d_kernel { file("/var/log/kernel.log"); }; -destination d_lpr { file("/var/log/lpr.log"); }; -destination d_user { file("/var/log/user.log"); }; -destination d_uucp { file("/var/log/uucp.log"); }; -destination d_mail { file("/var/log/mail.log"); }; -destination d_news { file("/var/log/news.log"); }; -destination d_ppp { file("/var/log/ppp.log"); }; -destination d_debug { file("/var/log/debug.log"); }; -destination d_messages { file("/var/log/messages.log"); }; -destination d_errors { file("/var/log/errors.log"); }; -destination d_everything { file("/var/log/everything.log"); }; -destination d_iptables { file("/var/log/iptables.log"); }; -destination d_acpid { file("/var/log/acpid.log"); }; -destination d_console { usertty("root"); }; - -# Log everything to tty12 -destination console_all { file("/dev/tty12"); }; - -filter f_auth { facility(auth); }; -filter f_authpriv { facility(auth, authpriv); }; -filter f_syslog { program(syslog-ng); }; -filter f_cron { facility(cron); }; -filter f_daemon { facility(daemon); }; -filter f_kernel { facility(kern) and not filter(f_iptables); }; -filter f_lpr { facility(lpr); }; -filter f_mail { facility(mail); }; -filter f_news { facility(news); }; -filter f_user { facility(user); }; -filter f_uucp { facility(uucp); }; -filter f_ppp { facility(local2); }; -filter f_debug { not facility(auth, authpriv, news, mail); }; -filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron) and not program(syslog-ng) and not filter(f_iptables); }; -filter f_everything { level(debug..emerg) and not facility(auth, authpriv); }; -filter f_emergency { level(emerg); }; -filter f_info { level(info); }; -filter f_notice { level(notice); }; -filter f_warn { level(warn); }; -filter f_crit { level(crit); }; -filter f_err { level(err); }; -filter f_iptables { match("IN=" value("MESSAGE")) and match("OUT=" value("MESSAGE")); }; -filter f_acpid { program("acpid"); }; - -log { source(src); filter(f_acpid); destination(d_acpid); }; -log { source(src); filter(f_authpriv); destination(d_authlog); }; -log { source(src); filter(f_syslog); destination(d_syslog); }; -log { source(src); filter(f_cron); destination(d_cron); }; -log { source(src); filter(f_daemon); destination(d_daemon); }; -log { source(src); filter(f_kernel); destination(d_kernel); }; -log { source(src); filter(f_lpr); destination(d_lpr); }; -log { source(src); filter(f_mail); destination(d_mail); }; -log { source(src); filter(f_news); destination(d_news); }; -log { source(src); filter(f_ppp); destination(d_ppp); }; -log { source(src); filter(f_user); destination(d_user); }; -log { source(src); filter(f_uucp); destination(d_uucp); }; -#log { source(src); filter(f_debug); destination(d_debug); }; -log { source(src); filter(f_messages); destination(d_messages); }; -log { source(src); filter(f_err); destination(d_errors); }; -log { source(src); filter(f_emergency); destination(d_console); }; -log { source(src); filter(f_everything); destination(d_everything); }; -log { source(src); filter(f_iptables); destination(d_iptables); }; - -# Log everything to tty12 -#log { source(src); destination(console_all); }; diff --git a/testing/syslog-ng/syslog-ng.logrotate b/testing/syslog-ng/syslog-ng.logrotate deleted file mode 100644 index e0e6929f2..000000000 --- a/testing/syslog-ng/syslog-ng.logrotate +++ /dev/null @@ -1,7 +0,0 @@ -/var/log/messages.log /var/log/auth.log /var/log/mail.log /var/log/kernel.log /var/log/errors.log /var/log/daemon.log /var/log/user.log /var/log/iptables.log /var/log/everything.log /var/log/syslog.log /var/log/acpid.log /var/log/crond.log /var/log/lpr.log /var/log/uucp.log /var/log/news.log /var/log/ppp.log /var/log/debug.log { - missingok - sharedscripts - postrotate - /bin/kill -HUP `cat /var/run/syslog-ng.pid 2>/dev/null` 2> /dev/null || true - endscript -} diff --git a/testing/syslog-ng/syslog-ng.rc b/testing/syslog-ng/syslog-ng.rc deleted file mode 100755 index bb5320b2c..000000000 --- a/testing/syslog-ng/syslog-ng.rc +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash - -. /etc/rc.conf -. /etc/rc.d/functions - -checkconfig() { - syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf - if [ $? -gt 0 ]; then - stat_busy "Configuration error. Please fix your config file (/etc/syslog-ng/syslog-ng.conf)." - stat_fail - exit 0 - fi -} - -PID=`pidof -o %PPID /usr/sbin/syslog-ng` -case "$1" in - start) - stat_busy "Starting Syslog-NG" - checkconfig - [ -z "$PID" ] && /usr/sbin/syslog-ng - if [ $? -gt 0 ]; then - stat_fail - else - add_daemon syslog-ng - stat_done - fi - ;; - stop) - stat_busy "Stopping Syslog-NG" - [ ! -z "$PID" ] && kill $PID &> /dev/null - if [ $? -gt 0 ]; then - stat_fail - else - rm -f /var/run/syslog-ng.pid -# Removing stale syslog-ng.persist file. Its new location, as of 2.0.6-1, is /var/lib/syslog-ng/ - rm -f /var/syslog-ng.persist - rm_daemon syslog-ng - stat_done - fi - ;; - reload) - stat_busy "Reloading Syslog-NG configuration and re-opening log files" - if [ -z "$PID" ]; then - stat_fail - else - checkconfig - kill -HUP $PID &> /dev/null - if [ $? -gt 0 ]; then - stat_fail - else - stat_done - fi - fi - ;; - restart) - $0 stop - sleep 1 - $0 start - ;; - *) - echo "usage: $0 {start|stop|restart|reload}" -esac -exit 0 |