diff options
Diffstat (limited to 'main/rsyslog')
| -rw-r--r-- | main/rsyslog/APKBUILD | 6 | ||||
| -rw-r--r-- | main/rsyslog/rsyslog.conf | 138 | ||||
| -rw-r--r-- | main/rsyslog/rsyslog.logrotate | 21 |
3 files changed, 87 insertions, 78 deletions
diff --git a/main/rsyslog/APKBUILD b/main/rsyslog/APKBUILD index e9cb99da044..c33bc445787 100644 --- a/main/rsyslog/APKBUILD +++ b/main/rsyslog/APKBUILD @@ -145,6 +145,8 @@ package() { install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname install -m644 -D "$srcdir"/$pkgname.conf "$pkgdir"/etc/$pkgname.conf + + install -m700 -d "$pkgdir"/var/lib/rsyslog } _plugin() { @@ -169,7 +171,7 @@ _plugin() { sha512sums="3d5d4f92e37ad9bf3767d5d7fc87fcb7956656f676a9495c78abd12fe9072ec8763b50543b198308a71d5d919721fb9b84b6725dd83a9d9b8a1639d81382c0dd rsyslog-8.40.0.tar.gz bcd63c8df2ac63b80f3cb51ba7f544988df6cd875f4e81020e762dff30d7537f21b72c95a4b1c08baf15f4ed5f03defbf3f061673aabada5841f45ab9f579374 rsyslog.initd -d54377ddf39197656811a84272568ea761f984e19dd04fc54f372dd04a9244e66d02b26ab33073d0344d054f031660ec611f3c7a18c266e7b68cef5e2c47f06f rsyslog.logrotate -3bcd58b222eb7f4d8a42a0643cacb6ab44790f90c9bd550678e002bc19863d5d6a7341e5e5ba0b9292f85c6c04cd5cc42d174acdc63e8ba22022620db10f2b9b rsyslog.conf +b5cbdcfa601ae8e7617289e7805fe71daa17bd03a7a30e1e1aad7a58a4ad4c1d89c9a203228f15816232ab6ab6d7a2752f7bbf4d259bbd5eccbe9728dc7e8aaa rsyslog.logrotate +9c9913b3367ac4d0b0f998ffa3aaaf136cf939ed4275f13f79d4c7336d0978007af13cb2c6f35d17ef25a53907fb064705f23c3b3a6a6fcd06ae85c3c51c7e38 rsyslog.conf 04f1c8060b9439fe25f9a4291697c577fb3d540aefcd67ed6d63d416c1dd0306fa68ae89745af2b4dc2e288d46aadd9c7a96ccfaaf3a146d9d76bd3433e3c1a5 musl-fix.patch 7be105f9a30d23b48ee46e19d31ba37ec30477935a9f7ba3929666a9abe175313dbb7caf55fbb1c6579dd5d25fe037eea84cae9065fe3f765f23569344bce5d7 queue.patch" diff --git a/main/rsyslog/rsyslog.conf b/main/rsyslog/rsyslog.conf index 6e81fc4171c..d2706daa273 100644 --- a/main/rsyslog/rsyslog.conf +++ b/main/rsyslog/rsyslog.conf @@ -1,94 +1,96 @@ -# rsyslog v5: load input modules -# If you do not load inputs, nothing happens! -# You may need to set the module load path if modules are not found. +# rsyslog configuration file +# +# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html +# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html +# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html + + +#### Global directives #### -$ModLoad immark.so # provides --MARK-- message capability -$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) -$ModLoad imklog.so # kernel logging (formerly provided by rklogd) +# Sets the directory that rsyslog uses for work files. +$WorkDirectory /var/lib/rsyslog -# default permissions for all log files. +# Sets default permissions for all log files. $FileOwner root $FileGroup adm $FileCreateMode 0640 $DirCreateMode 0755 $Umask 0022 -# Include configuration files from directory -$IncludeConfig /etc/rsyslog.d/* - -# Check config syntax on startup and abort if unclean (default off) +# Check config syntax on startup and abort if unclean (default off). #$AbortOnUncleanConfig on -# Reduce repeating messages (default off) +# Reduce repeating messages (default off). #$RepeatedMsgReduction on -# Log all kernel messages to the console. -# Logging much else clutters up the screen. -#kern.* /dev/console +# Include all config files in /etc/rsyslog.d/. +include(file="/etc/rsyslog.d/*.conf" mode="optional") + + +#### Modules #### + +# Provides --MARK-- message capability. +module(load="immark") + +# Provides support for local system logging (e.g. via logger command). +module(load="imuxsock") + +# Reads kernel messages. +module(load="imklog") + + +#### Rules #### + +# Log all kernel messages to kern.log. +kern.* /var/log/kern.log # Log anything (except mail) of level info or higher. # Don't log private authentication messages! -*.info;mail.none;authpriv.none;cron.none -/var/log/messages +# NOTE: The minus sign in front of filename disables buffer flush. +*.info;authpriv.none;cron.none;kern.none;mail.none -/var/log/messages # The authpriv file has restricted access. -authpriv.* /var/log/secure +authpriv.* /var/log/auth.log # Log all the mail messages in one place. -mail.* -/var/log/maillog +mail.* -/var/log/mail.log + +# Log cron stuff. +cron.* -/var/log/cron.log -# Log cron stuff -cron.* -/var/log/cron +# Everybody gets emergency messages. +*.emerg :omusrmsg:* -# Everybody gets emergency messages -*.emerg :omusrmsg:* +# Save boot messages also to boot.log. +local7.* /var/log/boot.log -# Save news errors of level crit and higher in a special file. -uucp,news.crit -/var/log/spooler +# Log all kernel messages to the console. +# Logging much else clutters up the screen. +#kern.* /dev/console -# Save boot messages also to boot.log -local7.* /var/log/boot.log -# More configuration examples: -# -# Remote Logging (we use TCP for reliable delivery) +### Examples #### + +# Send all logs to remote syslog via UDP. # An on-disk queue is created for this action. If the remote host is # down, messages are spooled to disk and sent when it is up again. -#$WorkDirectory /var/spool/rsyslog # where to place spool files -#$ActionQueueFileName uniqName # unique name prefix for spool files -#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) -#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown -#$ActionQueueType LinkedList # run asynchronously -#$ActionResumeRetryCount -1 # infinety retries if host is down -#$ActionResumeInterval 30 # retry interval -# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional -#*.* @@remote-host - -# Remote Logging with TCP + SSL/TLS -#$DefaultNetstreamDriver gtls -#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem -#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_CLIENT.cert.pem -#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_CLIENT.key.pem -#$ActionSendStreamDriverAuthMode x509/name # enable peer authentication -#$ActionSendStreamDriverPermittedPeer foo # authorize to send encrypted data to server foo -#$ActionSendStreamDriverMode 1 # run driver in TLS-only mode - -# ######### Receiving Messages from Remote Hosts ########## -# TCP Syslog Server: -#$ModLoad imtcp # provides TCP syslog reception -#$TCPServerRun 10514 # start a TCP syslog server at port 10514 - -# TCP + SSL/TLS Syslog Server: -#$ModLoad imtcp # provides TCP syslog reception -#$DefaultNetstreamDriver gtls # use gnuTLS for data encryption -#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem -#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_SERVER.cert.pem -#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_SERVER.key.pem -#$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode -#$InputTCPServerStreamDriverAuthMode x509/name # enable peer authentication -#$InputTCPServerStreamDriverPermittedPeer bar # authorize client named bar (one line per client) -#$TCPServerRun 10514 # start a TCP syslog server at port 10514 - -# UDP Syslog Server: -#$ModLoad imudp.so # provides UDP syslog reception -#$UDPServerRun 514 # start a UDP syslog server at standard port 514 - +#*.* action( +# type="omfwd" +# target="192.168.0.1" +# port="514" +# protocol="udp" +# queue.filename="fwdRule1" # unique name prefix for spool files +# queue.type="LinkedList" +# queue.maxDiskSpace="256m" +# queue.saveOnShutdown="on" +# action.resumeRetryCount="-1" +# action.resumeInterval="30" +#) + +# Receive messages from remote host via UDP +# for parameters see http://www.rsyslog.com/doc/imudp.html +#module(load="imudp") # needs to be done just once +#input( +# type="imudp" +# port="514" +#) diff --git a/main/rsyslog/rsyslog.logrotate b/main/rsyslog/rsyslog.logrotate index 86095def1c2..6a3d01a7401 100644 --- a/main/rsyslog/rsyslog.logrotate +++ b/main/rsyslog/rsyslog.logrotate @@ -1,9 +1,14 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/files/5-stable/rsyslog.logrotate,v 1.1 2010/10/21 07:38:29 dev-zero Exp $ -/var/log/messages /var/log/secure /var/log/maillog /var/log/cron /var/log/spooler /var/log/boot.log { - sharedscripts - postrotate - /etc/init.d/rsyslog reload &>/dev/null || true - endscript +/var/log/auth.log +/var/log/boot.log +/var/log/cron.log +/var/log/kern.log +/var/log/mail.log +/var/log/messages +{ + notifempty + compress + sharedscripts + postrotate + /etc/init.d/rsyslog --ifstarted reload >/dev/null + endscript } |