diff --git a/syslog-ng/.footprint b/syslog-ng/.footprint index 4754b0cbe..b9bfda1af 100644 --- a/syslog-ng/.footprint +++ b/syslog-ng/.footprint @@ -1,3 +1,7 @@ +drwxr-xr-x root/root etc/ +drwxr-xr-x root/root etc/rc.d/ +-rwxr-xr-x root/root etc/rc.d/syslog-ng +-rw-r--r-- root/root etc/syslog-ng.conf drwxr-xr-x root/root usr/ drwxr-xr-x root/root usr/bin/ -rwxr-xr-x root/root usr/bin/loggen @@ -8,3 +12,5 @@ drwxr-xr-x root/root usr/man/man8/ -rw-r--r-- root/root usr/man/man8/syslog-ng.8.gz drwxr-xr-x root/root usr/sbin/ -rwxr-xr-x root/root usr/sbin/syslog-ng +drwxr-xr-x root/root var/ +drwxr-xr-x root/root var/libexec/ diff --git a/syslog-ng/.md5sum b/syslog-ng/.md5sum index 7f30a4240..b6c2c67f7 100644 --- a/syslog-ng/.md5sum +++ b/syslog-ng/.md5sum @@ -1 +1,3 @@ -2d4232f7167c2b4f48794e4f8f80e863 syslog-ng-2.0.9.tar.gz +cde651068f464dd1fb36b9bbcd81957b syslog-ng.conf +90a0f7b832c840f7dce8da05befbc56a syslog-ng.rc +28f0d9ff2243b330e8cd6311ef9b2f12 syslog-ng_3.0.5.tar.gz diff --git a/syslog-ng/Pkgfile b/syslog-ng/Pkgfile index 33e5f4a63..d50aad22b 100644 --- a/syslog-ng/Pkgfile +++ b/syslog-ng/Pkgfile @@ -5,19 +5,24 @@ # Depends on: eventlog name=syslog-ng -version=2.0.9 +version=3.0.5 release=1 -source=(http://ftp.uni-erlangen.de/pub/mirrors/gentoo/distfiles/$name-$version.tar.gz) +source=(http://ftp.uni-erlangen.de/pub/mirrors/gentoo/distfiles/${name}_${version}.tar.gz +syslog-ng.rc syslog-ng.conf) build() { cd $name-$version ./configure \ --prefix=/usr \ - --disable-nls \ + --sysconfdir=/etc \ + --libexecdir=/var/libexec \ + --localstatedir=/var \ --mandir=/usr/man \ --enable-dynamic-linking make && make DESTDIR=$PKG install rm -rf $PKG/usr/doc + install -D -m 644 ../syslog-ng.conf $PKG/etc/syslog-ng.conf + install -D -m 755 ../syslog-ng.rc $PKG/etc/rc.d/syslog-ng } diff --git a/syslog-ng/README b/syslog-ng/README new file mode 100644 index 000000000..16808f94d --- /dev/null +++ b/syslog-ng/README @@ -0,0 +1,5 @@ +PRECAUTION + +syslog-ng currently is configured to use /etc/syslog-ng.conf as its default +configuration file. Change as you like in /etc/rc.d/syslog-ng. + diff --git a/syslog-ng/syslog-ng.conf b/syslog-ng/syslog-ng.conf new file mode 100644 index 000000000..16f153307 --- /dev/null +++ b/syslog-ng/syslog-ng.conf @@ -0,0 +1,86 @@ +@version: 3.0 +# +# /etc/syslog-ng: syslog-ng(8) configration file, based on a gentoo template +# use logger to test new rules: +# logger -p daemon.crit testmessage +# use loggen to produce log messages remotely + + +# on busy systems you may have to adjus flush_lines and suppress() to avoid +# heavy disc i/o +# to change default permissions/owner/group for newly created files add +# options like this: owner(root); group(sys); perm(0644); + +options { chain_hostnames(off); flush_lines(0); stats_freq(0); create_dirs(on); }; + +#source where to read log +source src { unix-stream("/dev/log"); internal(); }; +source kernsrc { file("/proc/kmsg"); }; + +#define templates +template t_debug { template("$DATE fac $FACILITY lvl $LEVEL prg $PROGRAM: $MSG\n"); }; + +#define destinations +destination authlog { file("/var/log/auth.log" suppress(5)); }; +destination sudo { file("/var/log/sudo.log" suppress(5)); }; +destination cron { file("/var/log/cron.log" suppress(5)); }; +destination kern { file("/var/log/kern.log" suppress(5)); }; +destination mail { file("/var/log/mail.log" suppress(5)); }; + +destination mailinfo { file("/var/log/mail.info" suppress(5)); }; +destination mailwarn { file("/var/log/mail.warn" suppress(5)); }; +destination mailerr { file("/var/log/mail.err" suppress(5)); }; + +#destination newscrit { file("/var/log/news/news.crit" suppress(5)); }; +#destination newserr { file("/var/log/news/news.err" suppress(5)); }; +#destination newsnotice { file("/var/log/news/news.notice" suppress(5)); }; + +destination debug { file("/var/log/debug" template(t_debug) suppress(5)); }; +destination messages { file("/var/log/messages" suppress(5)); }; +destination errors { file("/var/log/error.log" suppress(5)); }; +destination console { usertty("root"); }; +destination console_all { file("/dev/tty12" suppress(5)); }; +destination xconsole { pipe("/dev/xconsole" suppress(5)); }; + +#create filters +filter f_authpriv { facility(auth, authpriv); }; +filter f_cron { facility(cron); }; +filter f_kern { facility(kern); }; +filter f_mail { facility(mail); }; +#filter f_debug { not facility(auth, authpriv, mail) and not program(sudo); }; +filter f_debug { not facility(mail) and not program(sudo); }; +filter f_messages { level(info..warn) + and not facility(auth, authpriv, mail) and not program(sudo); }; +filter f_sudo { program(sudo); }; +filter f_errors { level(err..emerg); }; + +filter f_emergency { level(emerg); }; + +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_crit { level(crit); }; +filter f_err { level(err); }; + +# examples for text-matching (beware of performance issues) +#filter f_failed { match("failed"); }; +#filter f_denied { match("denied"); }; + +#connect filter and destination +log { source(src); filter(f_authpriv); destination(authlog); }; +log { source(src); filter(f_sudo); destination(sudo); }; +log { source(src); filter(f_cron); destination(cron); }; +log { source(kernsrc); filter(f_kern); destination(kern); }; +log { source(src); filter(f_mail); destination(mail); }; +log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); }; +log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); }; +log { source(src); filter(f_mail); filter(f_err); destination(mailerr); }; + +log { source(src); filter(f_debug); destination(debug); }; +log { source(src); filter(f_messages); destination(messages); }; +log { source(src); filter(f_errors); destination(errors); }; +log { source(src); filter(f_emergency); destination(console); }; + +#default log +#log { source(src); destination(console_all); }; + diff --git a/syslog-ng/syslog-ng.rc b/syslog-ng/syslog-ng.rc new file mode 100755 index 000000000..a78e61efa --- /dev/null +++ b/syslog-ng/syslog-ng.rc @@ -0,0 +1,22 @@ +#!/bin/sh +# +# /etc/rc.d/syslog-ng: start/stop syslog-ng logging daemon +# + +case $1 in +start) + /usr/sbin/syslog-ng -f /etc/syslog-ng.conf + ;; +stop) + rm -f /var/run/syslog-ng.pid + /usr/bin/killall -q /usr/sbin/syslog-ng + ;; +restart) + $0 stop + sleep 2 + $0 start + ;; +*) + echo "usage: $0 [start|stop|restart]" + ;; +esac