692726 – app-admin/syslog-ng - improve config directory support

Bug 692726 - app-admin/syslog-ng - improve config directory support

Summary: app-admin/syslog-ng - improve config directory support

Status:	UNCONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Tomáš Mózes

URL:
Whiteboard:
Keywords:	PATCH

Depends on:
Blocks:

Reported:	2019-08-22 11:29 UTC by Sergey S. Starikoff
Modified:	2019-08-22 14:38 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sergey S. Starikoff 2019-08-22 11:29:30 UTC

Please improve support of config directory, commonly provided in solution of bug #426814 to better fit user-defined configurations.

For now, users of customised configurations of recommended syslog servers cant't neither accept new config keeping needed config, nor skip update keeping operable system logger.

I'm not enough familiar with ebuilding, so for first time I'll provide not patches, but description.

Current Gentoo build of app-admin/syslog-ng supposes usage of /etc/syslog-ng/scl/* (where «scl» means «syslog-ng config library») directories as config directory root.
But don't create these direcories.

Enterprise Linux branch uses /etc/syslog-ng/conf.d/ as config directory.

Related projects (rsyslog and logrotate) creates config directory in /etc's root (/etc/logrotate.d/ and so long).
I find right to follow this logic.

1. Update scl.conf to use proper config directory:
# diff -Naur scl.conf.orig scl.conf
--- scl.conf.orig	2019-08-16 11:31:20.861167106 +0300
+++ scl.conf	2019-08-16 11:31:48.575521948 +0300
@@ -25,6 +25,6 @@
 # `include-path`, then includes all SCL supplied plugins.
 #
 
-@include 'scl/*/*.conf'
+@include '/etc/syslog-ng.d/*.conf'
 
 @define java-module-dir "`module-install-dir`/java-modules"


2. Create conf.d directory

3. Update config examples:
# diff -Naur syslog-ng.conf.gentoo.hardened.orig syslog-ng.conf.gentoo.hardened.sample
--- syslog-ng.conf.gentoo.hardened.orig	2019-08-16 11:34:03.939486578 +0300
+++ syslog-ng.conf.gentoo.hardened.sample	2019-08-22 10:25:25.022327704 +0300
@@ -1,28 +1,6 @@
-@version: 3.22
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-
-# https://bugs.gentoo.org/426814
-@include "scl.conf"
-
-#
-# Syslog-ng configuration file, compatible with default hardened installations.
-#
-
-options {
-	threaded(yes);
-	chain_hostnames(no);
-	stats_freq(43200);
-};
-
-source src {
-    system();
-    internal();
-};
-
-source kernsrc {
-    file("/proc/kmsg");
-};
+# # Gentoo Hardened syslog-ng config
 
 #source net { udp(); };
 #log { source(net); destination(net_logs); };
@@ -93,15 +71,15 @@
 log { source(src); filter(f_syslog); destination(_syslog); };
 log { source(src); filter(f_cron); destination(cron); };
 log { source(src); filter(f_daemon); destination(daemon); };
-log { source(kernsrc); filter(f_kern); destination(kern); destination(console_all); };
+log { source(src); filter(f_kern); destination(kern); destination(console_all); };
 log { source(src); filter(f_lpr); destination(lpr); };
 log { source(src); filter(f_mail); destination(mail); };
 log { source(src); filter(f_user); destination(user); };
 log { source(src); filter(f_uucp); destination(uucp); };
-log { source(kernsrc); filter(f_pax); destination(pax); };
-log { source(kernsrc); filter(f_grsec); destination(grsec); };
-log { source(kernsrc); filter(f_audit); destination(audit); };
-log { source(kernsrc); filter(f_avc); destination(avc); };
+log { source(src); filter(f_pax); destination(pax); };
+log { source(src); filter(f_grsec); destination(grsec); };
+log { source(src); filter(f_audit); destination(audit); };
+log { source(src); filter(f_avc); destination(avc); };
 log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
 log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
 log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
@@ -112,4 +90,5 @@
 log { source(src); filter(f_messages); destination(messages); };
 log { source(src); filter(f_emergency); destination(console); };
 #log { source(src); filter(f_ppp); destination(ppp); };
-log { source(src); destination(console_all); };
+# console_all is written in core config /etc/syslog-ng/syslog-ng.conf
+#log { source(src); destination(console_all); flags(final);};

EOF


And all other intalled samples in the same way.

4. Properly name them and install into config directory instead of /usr/share/doc/syslog-ng-${PV}/

5. Add README, reminding to use proper logrotate script.

6. Also note, that some time ago (in 3.17 or even earlier) system() source driver of Linux build of syslog-ng includes kernel messages, so we need not to separately parse /proc/kmsg.

The last issue is in namespace collision for 'messages' log. It's was voluntary redefined in default syslog-ng.conf file changing from classic messages log file, defined for example in Hardened config to all.log.
So, to make it compatible with usage of user configs without editing of /etc/syslog-ng/syslog-ng.conf I suggest to make config directory feature USE flag enabled (for example «scl»).
When this USE is off — keep the present behaviour. Maybe dropping scl.conf inclusion and file itself.
When this USE is enabled — patch default config changing «messages» to «all.log» and making it cmmented by default.