mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-01-01 13:58:06 +00:00
syslog-ng: Runtime corrections
* Ships with a working syslog-ng.conf * Stops any running syslogd upon installation Signed-off-by: Michael Lippautz <michael.lippautz@gmail.com>
This commit is contained in:
Michael Lippautz
parent
86738fa85f
commit
55fac53f40
|
|
@ -1,338 +1,155 @@
|
|||
@version: 3.2
|
||||
#
|
||||
# Configuration file for syslog-ng under Debian
|
||||
#
|
||||
# attempts at reproducing default syslog behavior
|
||||
# Syslog-ng configuration file, compatible with default Debian syslogd
|
||||
# installation. Originally written by anonymous (I can't find his name)
|
||||
# Revised, and rewrited by me (SZALAY Attila <sasa@debian.org>)
|
||||
|
||||
# the standard syslog levels are (in descending order of priority):
|
||||
# emerg alert crit err warning notice info debug
|
||||
# the aliases "error", "panic", and "warn" are deprecated
|
||||
# the "none" priority found in the original syslogd configuration is
|
||||
# only used in internal messages created by syslogd
|
||||
|
||||
|
||||
######
|
||||
# options
|
||||
|
||||
options {
|
||||
# disable the chained hostname format in logs
|
||||
# (default is enabled)
|
||||
chain_hostnames(0);
|
||||
|
||||
# the time to wait before a died connection is re-established
|
||||
# (default is 60)
|
||||
time_reopen(10);
|
||||
|
||||
# the time to wait before an idle destination file is closed
|
||||
# (default is 60)
|
||||
time_reap(360);
|
||||
|
||||
# the number of lines buffered before written to file
|
||||
# you might want to increase this if your disk isn't catching with
|
||||
# all the log messages you get or if you want less disk activity
|
||||
# (say on a laptop)
|
||||
# (default is 0)
|
||||
#sync(0);
|
||||
|
||||
# the number of lines fitting in the output queue
|
||||
log_fifo_size(2048);
|
||||
|
||||
# enable or disable directory creation for destination files
|
||||
create_dirs(yes);
|
||||
|
||||
# default owner, group, and permissions for log files
|
||||
# (defaults are 0, 0, 0600)
|
||||
#owner(root);
|
||||
group(adm);
|
||||
perm(0640);
|
||||
|
||||
# default owner, group, and permissions for created directories
|
||||
# (defaults are 0, 0, 0700)
|
||||
#dir_owner(root);
|
||||
#dir_group(root);
|
||||
dir_perm(0755);
|
||||
|
||||
# enable or disable DNS usage
|
||||
# syslog-ng blocks on DNS queries, so enabling DNS may lead to
|
||||
# a Denial of Service attack
|
||||
# (default is yes)
|
||||
use_dns(no);
|
||||
|
||||
# maximum length of message in bytes
|
||||
# this is only limited by the program listening on the /dev/log Unix
|
||||
# socket, glibc can handle arbitrary length log messages, but -- for
|
||||
# example -- syslogd accepts only 1024 bytes
|
||||
# (default is 2048)
|
||||
#log_msg_size(2048);
|
||||
# First, set some global options.
|
||||
options { long_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
|
||||
owner("root"); group("adm"); perm(0640); stats_freq(0);
|
||||
bad_hostname("^gconfd$");
|
||||
};
|
||||
|
||||
|
||||
######
|
||||
# sources
|
||||
|
||||
# all known message sources
|
||||
source s_all {
|
||||
# message generated by Syslog-NG
|
||||
internal();
|
||||
# standard Linux log source (this is the default place for the syslog()
|
||||
# function to send logs to)
|
||||
unix-stream("/dev/log");
|
||||
# messages from the kernel
|
||||
file("/proc/kmsg" log_prefix("kernel: "));
|
||||
# use the following line if you want to receive remote UDP logging messages
|
||||
# (this is equivalent to the "-r" syslogd flag)
|
||||
# udp();
|
||||
########################
|
||||
# Sources
|
||||
########################
|
||||
# This is the default behavior of sysklogd package
|
||||
# Logs may come from unix stream, but not from another machine.
|
||||
#
|
||||
source s_src { unix-dgram("/dev/log"); internal();
|
||||
file("/proc/kmsg" program_override("kernel"));
|
||||
};
|
||||
|
||||
# If you wish to get logs from remote machine you should uncomment
|
||||
# this and comment the above source line.
|
||||
#
|
||||
#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); };
|
||||
|
||||
######
|
||||
# destinations
|
||||
########################
|
||||
# Destinations
|
||||
########################
|
||||
# First some standard logfile
|
||||
#
|
||||
destination d_auth { file("/var/log/auth.log"); };
|
||||
destination d_cron { file("/var/log/cron.log"); };
|
||||
destination d_daemon { file("/var/log/daemon.log"); };
|
||||
destination d_kern { file("/var/log/kern.log"); };
|
||||
destination d_lpr { file("/var/log/lpr.log"); };
|
||||
destination d_mail { file("/var/log/mail.log"); };
|
||||
destination d_syslog { file("/var/log/syslog"); };
|
||||
destination d_user { file("/var/log/user.log"); };
|
||||
destination d_uucp { file("/var/log/uucp.log"); };
|
||||
|
||||
# some standard log files
|
||||
destination df_auth { file("/var/log/auth.log"); };
|
||||
destination df_syslog { file("/var/log/syslog"); };
|
||||
destination df_cron { file("/var/log/cron.log"); };
|
||||
destination df_daemon { file("/var/log/daemon.log"); };
|
||||
destination df_kern { file("/var/log/kern.log"); };
|
||||
destination df_lpr { file("/var/log/lpr.log"); };
|
||||
destination df_mail { file("/var/log/mail.log"); };
|
||||
destination df_user { file("/var/log/user.log"); };
|
||||
destination df_uucp { file("/var/log/uucp.log"); };
|
||||
# This files are the log come from the mail subsystem.
|
||||
#
|
||||
destination d_mailinfo { file("/var/log/mail/mail.info"); };
|
||||
destination d_mailwarn { file("/var/log/mail/mail.warn"); };
|
||||
destination d_mailerr { file("/var/log/mail/mail.err"); };
|
||||
|
||||
# these files are meant for the mail system log files
|
||||
# and provide re-usable destinations for {mail,cron,...}.info,
|
||||
# {mail,cron,...}.notice, etc.
|
||||
destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
|
||||
destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
|
||||
destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
|
||||
destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
|
||||
destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
|
||||
# Logging for INN news system
|
||||
#
|
||||
destination d_newscrit { file("/var/log/news/news.crit"); };
|
||||
destination d_newserr { file("/var/log/news/news.err"); };
|
||||
destination d_newsnotice { file("/var/log/news/news.notice"); };
|
||||
|
||||
# these files are meant for the news system, and are kept separated
|
||||
# because they should be owned by "news" instead of "root"
|
||||
destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
|
||||
destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
|
||||
destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
|
||||
# Some `catch-all' logfiles.
|
||||
#
|
||||
destination d_debug { file("/var/log/debug"); };
|
||||
destination d_error { file("/var/log/error"); };
|
||||
destination d_messages { file("/var/log/messages"); };
|
||||
|
||||
# some more classical and useful files found in standard syslog configurations
|
||||
destination df_debug { file("/var/log/debug"); };
|
||||
destination df_messages { file("/var/log/messages"); };
|
||||
# The root's console.
|
||||
#
|
||||
destination d_console { usertty("root"); };
|
||||
|
||||
# pipes
|
||||
# a console to view log messages under X
|
||||
destination dp_xconsole { pipe("/dev/xconsole"); };
|
||||
# Virtual console.
|
||||
#
|
||||
destination d_console_all { file("/dev/tty10"); };
|
||||
|
||||
# consoles
|
||||
# this will send messages to everyone logged in
|
||||
destination du_all { usertty("*"); };
|
||||
# The named pipe /dev/xconsole is for the nsole' utility. To use it,
|
||||
# you must invoke nsole' with the -file' option:
|
||||
#
|
||||
# $ xconsole -file /dev/xconsole [...]
|
||||
#
|
||||
destination d_xconsole { pipe("/dev/xconsole"); };
|
||||
|
||||
# Send the messages to an other host
|
||||
#
|
||||
#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); };
|
||||
|
||||
######
|
||||
# filters
|
||||
# Debian only
|
||||
destination d_ppp { file("/var/log/ppp.log"); };
|
||||
|
||||
# all messages from the auth and authpriv facilities
|
||||
filter f_auth { facility(auth, authpriv); };
|
||||
########################
|
||||
# Filters
|
||||
########################
|
||||
# Here's come the filter options. With this rules, we can set which
|
||||
# message go where.
|
||||
|
||||
# all messages except from the auth and authpriv facilities
|
||||
filter f_syslog { not facility(auth, authpriv); };
|
||||
filter f_dbg { level(debug); };
|
||||
filter f_info { level(info); };
|
||||
filter f_notice { level(notice); };
|
||||
filter f_warn { level(warn); };
|
||||
filter f_err { level(err); };
|
||||
filter f_crit { level(crit .. emerg); };
|
||||
|
||||
# respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
|
||||
# and uucp facilities
|
||||
filter f_cron { facility(cron); };
|
||||
filter f_daemon { facility(daemon); };
|
||||
filter f_kern { facility(kern); };
|
||||
filter f_lpr { facility(lpr); };
|
||||
filter f_mail { facility(mail); };
|
||||
filter f_news { facility(news); };
|
||||
filter f_user { facility(user); };
|
||||
filter f_uucp { facility(uucp); };
|
||||
|
||||
# some filters to select messages of priority greater or equal to info, warn,
|
||||
# and err
|
||||
# (equivalents of syslogd's *.info, *.warn, and *.err)
|
||||
filter f_at_least_info { level(info..emerg); };
|
||||
filter f_at_least_notice { level(notice..emerg); };
|
||||
filter f_at_least_warn { level(warn..emerg); };
|
||||
filter f_at_least_err { level(err..emerg); };
|
||||
filter f_at_least_crit { level(crit..emerg); };
|
||||
|
||||
# all messages of priority debug not coming from the auth, authpriv, news, and
|
||||
# mail facilities
|
||||
filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
|
||||
filter f_error { level(err .. emerg) ; };
|
||||
filter f_messages { level(info,notice,warn) and
|
||||
not facility(auth,authpriv,cron,daemon,mail,news); };
|
||||
|
||||
# all messages of info, notice, or warn priority not coming form the auth,
|
||||
# authpriv, cron, daemon, mail, and news facilities
|
||||
filter f_messages {
|
||||
level(info,notice,warn)
|
||||
and not facility(auth,authpriv,cron,daemon,mail,news);
|
||||
};
|
||||
filter f_auth { facility(auth, authpriv) and not filter(f_debug); };
|
||||
filter f_cron { facility(cron) and not filter(f_debug); };
|
||||
filter f_daemon { facility(daemon) and not filter(f_debug); };
|
||||
filter f_kern { facility(kern) and not filter(f_debug); };
|
||||
filter f_lpr { facility(lpr) and not filter(f_debug); };
|
||||
filter f_local { facility(local0, local1, local3, local4, local5,
|
||||
local6, local7) and not filter(f_debug); };
|
||||
filter f_mail { facility(mail) and not filter(f_debug); };
|
||||
filter f_news { facility(news) and not filter(f_debug); };
|
||||
filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); };
|
||||
filter f_user { facility(user) and not filter(f_debug); };
|
||||
filter f_uucp { facility(uucp) and not filter(f_debug); };
|
||||
|
||||
# messages with priority emerg
|
||||
filter f_emerg { level(emerg); };
|
||||
filter f_cnews { level(notice, err, crit) and facility(news); };
|
||||
filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); };
|
||||
|
||||
# complex filter for messages usually sent to the xconsole
|
||||
filter f_xconsole {
|
||||
facility(daemon,mail)
|
||||
or level(debug,info,notice,warn)
|
||||
or (facility(news)
|
||||
and level(crit,err,notice));
|
||||
};
|
||||
filter f_ppp { facility(local2) and not filter(f_debug); };
|
||||
filter f_console { level(warn .. emerg); };
|
||||
|
||||
########################
|
||||
# Log paths
|
||||
########################
|
||||
log { source(s_src); filter(f_auth); destination(d_auth); };
|
||||
log { source(s_src); filter(f_cron); destination(d_cron); };
|
||||
log { source(s_src); filter(f_daemon); destination(d_daemon); };
|
||||
log { source(s_src); filter(f_kern); destination(d_kern); };
|
||||
log { source(s_src); filter(f_lpr); destination(d_lpr); };
|
||||
log { source(s_src); filter(f_syslog3); destination(d_syslog); };
|
||||
log { source(s_src); filter(f_user); destination(d_user); };
|
||||
log { source(s_src); filter(f_uucp); destination(d_uucp); };
|
||||
|
||||
######
|
||||
# logs
|
||||
# order matters if you use "flags(final);" to mark the end of processing in a
|
||||
# "log" statement
|
||||
log { source(s_src); filter(f_mail); destination(d_mail); };
|
||||
#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
|
||||
#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
|
||||
#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); };
|
||||
|
||||
# these rules provide the same behavior as the commented original syslogd rules
|
||||
log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); };
|
||||
log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); };
|
||||
log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); };
|
||||
#log { source(s_src); filter(f_cnews); destination(d_console_all); };
|
||||
#log { source(s_src); filter(f_cother); destination(d_console_all); };
|
||||
|
||||
# auth,authpriv.* /var/log/auth.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_auth);
|
||||
destination(df_auth);
|
||||
};
|
||||
#log { source(s_src); filter(f_ppp); destination(d_ppp); };
|
||||
|
||||
# *.*;auth,authpriv.none -/var/log/syslog
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_syslog);
|
||||
destination(df_syslog);
|
||||
};
|
||||
log { source(s_src); filter(f_debug); destination(d_debug); };
|
||||
log { source(s_src); filter(f_error); destination(d_error); };
|
||||
log { source(s_src); filter(f_messages); destination(d_messages); };
|
||||
|
||||
# this is commented out in the default syslog.conf
|
||||
# cron.* /var/log/cron.log
|
||||
#log {
|
||||
# source(s_all);
|
||||
# filter(f_cron);
|
||||
# destination(df_cron);
|
||||
#};
|
||||
|
||||
# daemon.* -/var/log/daemon.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_daemon);
|
||||
destination(df_daemon);
|
||||
};
|
||||
|
||||
# kern.* -/var/log/kern.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_kern);
|
||||
destination(df_kern);
|
||||
};
|
||||
|
||||
# lpr.* -/var/log/lpr.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_lpr);
|
||||
destination(df_lpr);
|
||||
};
|
||||
|
||||
# mail.* -/var/log/mail.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_mail);
|
||||
destination(df_mail);
|
||||
};
|
||||
|
||||
# user.* -/var/log/user.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_user);
|
||||
destination(df_user);
|
||||
};
|
||||
|
||||
# uucp.* /var/log/uucp.log
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_uucp);
|
||||
destination(df_uucp);
|
||||
};
|
||||
|
||||
# mail.info -/var/log/mail.info
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_mail);
|
||||
filter(f_at_least_info);
|
||||
destination(df_facility_dot_info);
|
||||
};
|
||||
|
||||
# mail.warn -/var/log/mail.warn
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_mail);
|
||||
filter(f_at_least_warn);
|
||||
destination(df_facility_dot_warn);
|
||||
};
|
||||
|
||||
# mail.err /var/log/mail.err
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_mail);
|
||||
filter(f_at_least_err);
|
||||
destination(df_facility_dot_err);
|
||||
};
|
||||
|
||||
# news.crit /var/log/news/news.crit
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_news);
|
||||
filter(f_at_least_crit);
|
||||
destination(df_news_dot_crit);
|
||||
};
|
||||
|
||||
# news.err /var/log/news/news.err
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_news);
|
||||
filter(f_at_least_err);
|
||||
destination(df_news_dot_err);
|
||||
};
|
||||
|
||||
# news.notice /var/log/news/news.notice
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_news);
|
||||
filter(f_at_least_notice);
|
||||
destination(df_news_dot_notice);
|
||||
};
|
||||
|
||||
|
||||
# *.=debug;\
|
||||
# auth,authpriv.none;\
|
||||
# news.none;mail.none -/var/log/debug
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_debug);
|
||||
destination(df_debug);
|
||||
};
|
||||
|
||||
|
||||
# *.=info;*.=notice;*.=warn;\
|
||||
# auth,authpriv.none;\
|
||||
# cron,daemon.none;\
|
||||
# mail,news.none -/var/log/messages
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_messages);
|
||||
destination(df_messages);
|
||||
};
|
||||
|
||||
# *.emerg *
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_emerg);
|
||||
destination(du_all);
|
||||
};
|
||||
|
||||
|
||||
# daemon.*;mail.*;\
|
||||
# news.crit;news.err;news.notice;\
|
||||
# *.=debug;*.=info;\
|
||||
# *.=notice;*.=warn |/dev/xconsole
|
||||
log {
|
||||
source(s_all);
|
||||
filter(f_xconsole);
|
||||
destination(dp_xconsole);
|
||||
};
|
||||
log { source(s_src); filter(f_console); destination(d_console_all);
|
||||
destination(d_xconsole); };
|
||||
log { source(s_src); filter(f_crit); destination(d_console); };
|
||||
|
||||
# All messages send to a remote site
|
||||
#
|
||||
#log { source(s_src); destination(d_net); };
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7ec1bcc46f28b11f4722e20d9b7dd4d5"
|
|||
# update-rc.d and update-alternatives is important
|
||||
RDEPENDS_${PN} += " ${@base_conditional("ONLINE_PACKAGE_MANAGEMENT", "none", "", "update-rc.d", d)}"
|
||||
|
||||
INC_PR = "r5"
|
||||
INC_PR = "r6"
|
||||
|
||||
inherit autotools
|
||||
|
||||
|
|
@ -41,6 +41,7 @@ do_install_append() {
|
|||
CONFFILES_${PN} = "${sysconfdir}/${PN}.conf"
|
||||
|
||||
pkg_postinst_${PN} () {
|
||||
/etc/init.d/syslog stop
|
||||
update-alternatives --install ${sysconfdir}/init.d/syslog syslog-init syslog.${PN} 200
|
||||
|
||||
if test "x$D" != "x"; then
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
require syslog-ng.inc
|
||||
PR = "${INC_PR}.0"
|
||||
PR = "${INC_PR}.1"
|
||||
|
||||
SRC_URI += " \
|
||||
file://syslog-ng.conf \
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user