557060 – app-admin/syslog-ng : enhance hardened logrotate file

Bug 557060 - app-admin/syslog-ng : enhance hardened logrotate file

Summary: app-admin/syslog-ng : enhance hardened logrotate file

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-08-08 18:08 UTC by Toralf Förster
Modified:	2017-12-12 20:10 UTC (History)
CC List:	2 users (show)

See Also:	https://github.com/gentoo/gentoo/pull/6504
Package list:
Runtime testing required:	---

Attachments
syslog patch (syslog.patch,1.13 KB, patch) 2015-08-08 18:08 UTC, Toralf Förster	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Toralf Förster gentoo-dev

2015-08-08 18:08:08 UTC

Created attachment 408556 [details, diff]
syslog patch

according to https://forums.gentoo.org/viewtopic.php?p=7792952#7792952 the attached patch could help IMO

Comment 1 Toralf Förster gentoo-dev

2015-08-10 13:40:59 UTC

Hhm, seems not to be the right patch I fedar, still got toda<:
/var/log/syslog:Aug  9 20:10:03 t44 syslog-ng[29682]: Internal error, duplicate configuration elements refer to the same persistent config; name='afsocket_sd_connections(dgram,AF_UNIX(/dev/log))'

Comment 2 Toralf Förster gentoo-dev

2015-09-13 17:17:45 UTC

I think , that this line is obsolet nowadays :

unix-dgram("/dev/log");

(

Comment 3 kfm 2017-02-25 04:04:08 UTC

At this point, the current 'hardened' sample configuration file does not have any syntax issues.

# syslog-ng -V | head -n1
syslog-ng 3.7.3
# syslog-ng -s -f /usr/portage/app-admin/syslog-ng/files/3.7/syslog-ng.conf.gentoo.hardened; echo $?
0
# syslog-ng -s -f <(bzcat /usr/share/doc/syslog-ng-3.7.3/syslog-ng.conf.gentoo.hardened.bz2); echo $?
0

However, you're right that the "src" stanza should be revamped. Specifically, all configuration files - be they samples or not - should favour the use of system(), whose behaviour is documented here:

https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-source-system.html

Gentoo's default syslog-ng.conf was updated some time ago, but the sample files under /usr/share/doc were not.

Comment 4 Larry the Git Cow gentoo-dev

2017-12-12 20:10:12 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36c4716ec165d1565d72943504af8b4e386d99cd

commit 36c4716ec165d1565d72943504af8b4e386d99cd
Author:     Tomas Mozes <hydrapolic@gmail.com>
AuthorDate: 2017-12-10 05:58:01 +0000
Commit:     Patrice Clement <monsieurp@gentoo.org>
CommitDate: 2017-12-12 20:09:15 +0000

    app-admin/syslog-ng: version bump to 3.13.2.
    
    Closes: https://bugs.gentoo.org/557060
    Closes: https://bugs.gentoo.org/640136
    Closes: https://bugs.gentoo.org/640458
    Closes: https://github.com/gentoo/gentoo/pull/6504

 app-admin/syslog-ng/Manifest                       |   1 +
 .../syslog-ng/files/3.13/syslog-ng.conf.gentoo     |  36 +++++
 .../files/3.13/syslog-ng.conf.gentoo.fbsd          |  24 +++
 .../files/3.13/syslog-ng.conf.gentoo.hardened      | 115 ++++++++++++++
 app-admin/syslog-ng/files/3.13/syslog-ng.confd     |  42 ++++++
 app-admin/syslog-ng/files/3.13/syslog-ng.rc        |  58 +++++++
 app-admin/syslog-ng/syslog-ng-3.13.2.ebuild        | 167 +++++++++++++++++++++
 7 files changed, 443 insertions(+)