From c7dedc98824f1aec760ef542e39f2289cb469f9c Mon Sep 17 00:00:00 2001 From: Christophe Trussardi Date: Sun, 11 Dec 2011 13:19:47 -0600 Subject: system/rsyslog: Added (enhanced syslogd) Signed-off-by: Robby Workman --- system/rsyslog/README | 18 +++++++ system/rsyslog/README.SLACKWARE | 24 +++++++++ system/rsyslog/config/rc.rsyslogd | 65 ++++++++++++++++++++++ system/rsyslog/config/rsyslog | 6 +++ system/rsyslog/config/rsyslog.conf | 107 +++++++++++++++++++++++++++++++++++++ system/rsyslog/doinst.sh | 31 +++++++++++ system/rsyslog/rsyslog.SlackBuild | 102 +++++++++++++++++++++++++++++++++++ system/rsyslog/rsyslog.info | 10 ++++ system/rsyslog/slack-desc | 19 +++++++ 9 files changed, 382 insertions(+) create mode 100644 system/rsyslog/README create mode 100644 system/rsyslog/README.SLACKWARE create mode 100644 system/rsyslog/config/rc.rsyslogd create mode 100644 system/rsyslog/config/rsyslog create mode 100644 system/rsyslog/config/rsyslog.conf create mode 100644 system/rsyslog/doinst.sh create mode 100644 system/rsyslog/rsyslog.SlackBuild create mode 100644 system/rsyslog/rsyslog.info create mode 100644 system/rsyslog/slack-desc diff --git a/system/rsyslog/README b/system/rsyslog/README new file mode 100644 index 0000000000..67d7542e47 --- /dev/null +++ b/system/rsyslog/README @@ -0,0 +1,18 @@ +Rsyslog is an enhanced syslogd supporting, among others, MySQL, +PostgreSQL, failover log destinations, syslog/tcp, fine grain output +format control, high precision timestamps, queued operations and the +ability to filter on any message part. It is quite compatible with +stock sysklogd and can be used as a drop-in replacement. Its advanced +features make it suitable for enterprise-class, encryption protected +syslog relay chains while at the same time being very easy to setup +for the novice user. + +Before you can run rsyslog, please see README.SLACKWARE + +You can enable a lot of optional (not-autodetected) features by +passing variables to the script (VAR=yes/no ./rsyslog.SlackBuild): +MYSQL=yes|no (default: no), requires mysql (part of stock Slackware) +PGSQL=yes|no (default: no), requires postgresql +RELP=yes|no (default: no), requires librelp +LIBDBI=yes|no (default: no), requires libdbi +GNUTLS=yes|no (default: no), requires gnutls diff --git a/system/rsyslog/README.SLACKWARE b/system/rsyslog/README.SLACKWARE new file mode 100644 index 0000000000..6095c53128 --- /dev/null +++ b/system/rsyslog/README.SLACKWARE @@ -0,0 +1,24 @@ +README.SLACKWARE for rsyslog + +The package contains the /etc/rc.d/rc.rsyslogd init script which will +start rsyslogd. + +Since rsyslog basically supersedes the klogd/syslogd daemons, the stock +Slackware sysklogd package should be removed and its leftovers cleaned up: + + 1. Remove useless logrotate configuration: + + rm /etc/logrotate.d/syslog + + 2. Make rsyslog start automatically on boot, without modifications to rc.M: + + cd /etc/rc.d && ln -sf rc.rsyslogd rc.syslog + cd /usr/sbin && ln -sf rsyslogd syslogd + +To make the transition even easier, you will find /etc/rsyslog.conf in the +proper format, which was converted from sysklogd's syslog.conf. + +/etc/rc.d/rc.rsyslogd is written to emulate syslogd. To prevent rc.inet1 +from attempting to run rc.syslog again, rc.syslogd will copy/remove the +/var/run/syslogd.pid file on successful start/stop invocations. + diff --git a/system/rsyslog/config/rc.rsyslogd b/system/rsyslog/config/rc.rsyslogd new file mode 100644 index 0000000000..f12c369168 --- /dev/null +++ b/system/rsyslog/config/rc.rsyslogd @@ -0,0 +1,65 @@ +#!/bin/sh +# Start/stop/restart the system logging daemons. +# +# Written for Slackware Linux by Patrick J. Volkerding . +# Modded for rsyslogd by Chris Elvidge Sept 2005 +# slightly modified by ponce Oct 2010 +# rsyslogd_reload added by Christophe Trussardi Sept 2011 +# + +pidfile1=/var/run/rsyslogd.pid # native rsyslogd pid file +pidfile2=/var/run/syslogd.pid # spoof the "old" syslogd file + +create_xconsole() +{ + if [ ! -e /dev/xconsole ]; then + mknod -m 640 /dev/xconsole p + else + chmod 0640 /dev/xconsole + fi + chown 0:0 /dev/xconsole +} + +rsyslogd_start() { + if [ -x /usr/sbin/rsyslogd ]; then + echo "Starting rsyslogd daemon: " + echo "/usr/sbin/rsyslogd -c5 -i $pidfile1" + /usr/sbin/rsyslogd -c5 -i "$pidfile1" + cp "$pidfile1" "$pidfile2" + fi +} + +rsyslogd_stop() { + killall rsyslogd 2> /dev/null + /usr/bin/rm $pidfile1 2> /dev/null + /usr/bin/rm $pidfile2 2> /dev/null +} + +rsyslogd_restart() { + rsyslogd_stop + sleep 1 + rsyslogd_start +} + +rsyslogd_reload() { + echo "Reloading rsyslogd daemon: " + [ -f "$pidfile1" ] && /bin/kill -HUP $(cat $pidfile1) +} + +case "$1" in +'start') + create_xconsole + rsyslogd_start + ;; +'stop') + rsyslogd_stop + ;; +'restart') + rsyslogd_restart + ;; +'reload') + rsyslogd_reload + ;; +*) + echo "usage $0 start|stop|restart|reload" +esac diff --git a/system/rsyslog/config/rsyslog b/system/rsyslog/config/rsyslog new file mode 100644 index 0000000000..5b9fd1366a --- /dev/null +++ b/system/rsyslog/config/rsyslog @@ -0,0 +1,6 @@ +/var/log/cron /var/log/debug /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler /var/log/syslog { + sharedscripts + postrotate + /bin/kill -HUP $(cat /var/run/rsyslogd.pid 2>/dev/null) 2>/dev/null || true + endscript +} diff --git a/system/rsyslog/config/rsyslog.conf b/system/rsyslog/config/rsyslog.conf new file mode 100644 index 0000000000..26c6a744d7 --- /dev/null +++ b/system/rsyslog/config/rsyslog.conf @@ -0,0 +1,107 @@ +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/doc/rsyslog/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging +$ModLoad imklog # provides kernel logging support (previously done by rklogd) +$ModLoad immark # provides --MARK-- message capability + +# ######### Receiving Messages from Remote Hosts ########## +# TCP Syslog Server: +# provides TCP syslog reception and GSS-API (if compiled to support it) +#$ModLoad imtcp # load module +#$InputTCPServerRun 514 # start up TCP listener at port 514 + +# UDP Syslog Server: +#$ModLoad imudp # provides UDP syslog reception +#$UDPServerRun 514 # start a UDP syslog server at standard port 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Use traditional Slackware console log level +# +$klogConsoleLogLevel 3 + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup root +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Include all config files in /etc/rsyslog.d/ +# +#$IncludeConfig /etc/rsyslog.d/*.conf + + +############### +#### RULES #### +############### + +# Uncomment this to see kernel messages on the console. +#kern.* /dev/console + +# Log anything 'info' or higher, but lower than 'warn'. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.info;*.!warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/messages + +# Log anything 'warn' or higher. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/syslog + +# Debugging information is logged here. +*.=debug -/var/log/debug + +# Private authentication message logging: +authpriv.* -/var/log/secure + +# Cron related logs: +cron.* -/var/log/cron + +# Mail related logs: +mail.* -/var/log/maillog + +# Emergency level messages go to all users: +*.emerg * + +# This log is for news and uucp errors: +uucp,news.crit -/var/log/spooler + +# Uncomment these if you'd like INN to keep logs on everything. +# You won't need this if you don't run INN (the InterNetNews daemon). +#news.=crit -/var/log/news/news.crit +#news.=err -/var/log/news/news.err +#news.notice -/var/log/news/news.notice + +# ########## Remote Logging (we use TCP for reliable delivery) ########## +# An on-disk queue is created for this action. If the remote host is +# down, messages are spooled to disk and sent when it is up again. +#$WorkDirectory /rsyslog/spool # where to place spool files +#$ActionQueueFileName uniqName # unique name prefix for spool files +#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) +#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +#$ActionQueueType LinkedList # run asynchronously +#$ActionResumeRetryCount -1 # infinite retries if host is down +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @@remote-host:514 diff --git a/system/rsyslog/doinst.sh b/system/rsyslog/doinst.sh new file mode 100644 index 0000000000..8ebf0b9fc1 --- /dev/null +++ b/system/rsyslog/doinst.sh @@ -0,0 +1,31 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + rm $NEW + fi +} +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.rsyslogd.new +config etc/rsyslog.conf.new +config etc/logrotate.d/rsyslog.new +config var/log/messages.new ; rm -f var/log/messages.new +config var/log/syslog.new ; rm -f var/log/syslog.new +config var/log/debug.new ; rm -f var/log/debug.new +config var/log/secure.new ; rm -f var/log/secure.new +config var/log/cron.new ; rm -f var/log/cron.new +config var/log/maillog.new ; rm -f var/log/maillog.new +config var/log/spooler.new ; rm -f var/log/spooler.new + diff --git a/system/rsyslog/rsyslog.SlackBuild b/system/rsyslog/rsyslog.SlackBuild new file mode 100644 index 0000000000..addc4d6be2 --- /dev/null +++ b/system/rsyslog/rsyslog.SlackBuild @@ -0,0 +1,102 @@ +#!/bin/sh +# +# Slackware build script for rsyslog +# Written by Christophe Trussardi (chris at teria dot org) +# + +PRGNAM=rsyslog +VERSION=${VERSION:-5.8.6} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i486 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +[ "${MYSQL:-no}" = "no" ] || mysql_option="--enable-mysql" +[ "${PGSQL:-no}" = "no" ] || pgsql_option="--enable-pgsql" +[ "${LIBDBI:-no}" = "no" ] || libdbi_option="--enable-libdbi" +[ "${GNUTLS:-no}" = "no" ] || gnutls_option="--enable-gnutls" +[ "${RELP:-no}" = "no" ] || relp_option="--enable-relp" + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PRGNAM-$VERSION \ + --build=$ARCH-slackware-linux \ + $mysql_option $pgsql_option $libdbi_option $gnutls_option $relp_option + +make +make install-strip DESTDIR=$PKG + +mkdir -p $PKG/etc/rc.d/ +cat $CWD/config/rsyslog.conf > $PKG/etc/rsyslog.conf.new +cat $CWD/config/rc.rsyslogd > $PKG/etc/rc.d/rc.rsyslogd.new +chmod 0755 $PKG/etc/rc.d/rc.rsyslogd.new + +mkdir -p $PKG/etc/logrotate.d/ +cat $CWD/config/rsyslog > $PKG/etc/logrotate.d/rsyslog.new + +# Create log files in such a way that they won't clobber existing ones +mkdir -p $PKG/var/log +for i in cron debug maillog messages secure spooler syslog; do + touch $PKG/var/log/$i.new ; +done + +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION/html +cp -a \ + AUTHORS COPYING COPYING.LESSER ChangeLog INSTALL NEWS README \ + $PKG/usr/doc/$PRGNAM-$VERSION +cp -a doc/*.{jpg,html,png} $PKG/usr/doc/$PRGNAM-$VERSION/html +chmod -R 0644 $PKG/usr/doc/$PRGNAM-$VERSION/* +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/system/rsyslog/rsyslog.info b/system/rsyslog/rsyslog.info new file mode 100644 index 0000000000..0dea99773c --- /dev/null +++ b/system/rsyslog/rsyslog.info @@ -0,0 +1,10 @@ +PRGNAM="rsyslog" +VERSION="5.8.6" +HOMEPAGE="http://www.rsyslog.com/" +DOWNLOAD="http://www.rsyslog.com/files/download/rsyslog/rsyslog-5.8.6.tar.gz" +MD5SUM="c46db0496066b82faf735bd4222208d7" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +MAINTAINER="Christophe Trussardi" +EMAIL="chris@teria.org" +APPROVED="rworkman" diff --git a/system/rsyslog/slack-desc b/system/rsyslog/slack-desc new file mode 100644 index 0000000000..3243f5a087 --- /dev/null +++ b/system/rsyslog/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-------------------------------------------------| +rsyslog: Rsyslog (enhanced syslogd) +rsyslog: +rsyslog: Rsyslog is an enhanced syslogd supporting, among others, MySQL, +rsyslog: PostgreSQL, failover log destinations, syslog/tcp, fine grain +rsyslog: output format control, high precision timestamps, queued +rsyslog: operations and the ability to filter on any message part. Its +rsyslog: advanced features make it suitable for enterprise-class, +rsyslog: encryption protected syslog relay chains while at the same time +rsyslog: being very easy to setup for the novice user. +rsyslog: +rsyslog: Homepage: http://www.rsyslog.com/ -- cgit v1.2.3