Hello community, here is the log from the commit of package rsyslog.931 for openSUSE:12.2:Update checked in at 2012-09-26 16:47:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/rsyslog.931 (Old) and /work/SRC/openSUSE:12.2:Update/.rsyslog.931.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rsyslog.931", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2012-08-23 02:41:28.555381587 +0200 +++ /work/SRC/openSUSE:12.2:Update/.rsyslog.931.new/rsyslog.changes 2012-09-26 16:47:39.000000000 +0200 @@ -0,0 +1,708 @@ +------------------------------------------------------------------- +Tue Sep 18 14:43:30 UTC 2012 - [email protected] + +- Updated to 5.10.0 [V5-stable] (bnc#753077, bnc#778769), the actual + rsyslog v5-stable series, incorporating all fixes the 5.8.x [EOL + V5-stable] and changes from 5.9.x series. It turns off rate limiting + on unix socket by default (caused problems) and fixes privilege drop. + A digest of the changes (see ChangeLog for complete list): + - added capability to specify substrings for field extraction mode + - added configuration directives to customize queue light delay marks + - permit size modifiers (k,m,g,...) in integer config parameters + Thanks to Jo Rhett for the suggestion. + - added configuration directive to disable octet-counted framing + for imtcp, directive is $InputTCPServerSupportOctetCountedFraming + for imptcp, directive is $InputPTCPServerSupportOctetCountedFraming + - added capability to use a local interface IP address as fromhost-ip + for locally originating messages. New directive $LocalHostIPIF + - improved impstats subsystem, added many new counters + - enhanced module loader to not rely on PATH_MAX + - refactored imklog linux driver, now combined with BSD driver + The Linux driver no longer supports outdated kernel symbol resolution, + which was disabled by default for very long. Also overall cleanup, + resulting in much smaller code. Linux and BSD are now covered by a + single small driver. + - $IMUXSockRateLimitInterval DEFAULT CHANGED, was 5, now 0 + The new default turns off rate limiting. This was chosen as people + experienced problems with rate-limiting activated by default. Now it + needs an explicit opt-in by setting this parameter. + Thanks to Chris Gaffney for suggesting to make it opt-in; thanks to + many unnamed others who already had complained at the time Chris made + the suggestion ;-) + - imuxsock: added capability to "annotate" messages with "trusted + information", which contains some properties obtained from the system + and as such sure to not be faked. This is inspired by the similiar + idea introduced in systemd. + - removed dependency on gcrypt for recently-enough GnuTLS + see: http://bugzilla.adiscon.com/show_bug.cgi?id=289 + - added capability to emit config error location info for warnings + otherwise, omusrmsg's warning about new config format was not + accompanied by problem location. + - added support for obtaining timestamp for kernel message from message + If the kernel time-stamps messages, time is now take from that + timestamp instead of the system time when the message was read. This + provides much better accuracy. Thanks to Lennart Poettering for + suggesting this feature and his help during implementation. + - added support for obtaining timestamp from system for imuxsock + This permits to read the time a message was submitted to the system + log socket. Most importantly, this is provided in microsecond resolution. + So we are able to obtain high precision timestampis even for messages + that were - as is usual - not formatted with them. This also simplifies + things in regard to local time calculation in chroot environments. + Many thanks to Lennart Poettering for suggesting this feature, + providing some guidance on implementing it and coordinating getting the + necessary support into the Linux kernel. + - imfile: added $InputFileMaxLinesAtOnce directive + - enhanced imfile to support input batching + - added capability for imtcp and imptcp to activate keep-alive packets + at the socket layer. This has not been added to imttcp, as the latter is + only an experimental module, and one which did not prove to be useful. + reference: http://kb.monitorware.com/post20791.html + - added support to control KEEPALIVE settings in imptcp + this has not yet been added to imtcp, but could be done on request. + - $ActionName is now also used for naming of queues in impstats + as well as in the debug output + - bugfix: do not open files with full privileges, if privs will be dropped + This make the privilege drop code more bulletproof, but breaks Ubuntu's + work-around for log files created by external programs with the wrong + user and/or group. Note that it was long said that this "functionality" + would break once we go for serious privilege drop code, so hopefully + nobody still depends on it (and, if so, they lost...). + - bugfix: pipes not opened in full priv mode when privs are to be dropped + - better handling of queue i/o errors in disk queues. This is kind of a + bugfix, but a very intrusive one, this it goes into the devel version + first. Right now, "file not found" is handled and leads to the new + emergency mode, in which disk action is stopped and the queue run + in direct mode. An error message is emited if this happens. + - added support for user-level PRI provided via systemd + - added new config directive $InputTCPFlowControl to select if tcp + received messages shall be flagged as light delayable or not. + - enhanced omhdfs to support batching mode. This permits to increase + performance, as we now call the HDFS API with much larger message + sizes and far more infrequently + - bugfix: delayble source could block action queue, even if there was a + disk queue associated with it. The root cause of this problem was that + it makes no sense to delay messages once they arrive in the action queue + – the “input” that is being held in that case is the main queue worker, + what makes no sense. Thanks to Marcin for alerting us on this problem + and providing instructions to reproduce it. + - bugfix: disk queue was not persisted on shutdown, regression of fix to + http://bugzilla.adiscon.com/show_bug.cgi?id=299 + The new code also handles the case of shutdown of blocking light and + full delayable sources somewhat smarter and permits, assuming sufficient + timouts, to persist message up to the max queue capacity. Also some nits + in debug instrumentation have been fixed. + - add small delay (50ms) after sending shutdown message. There seem to be + cases where the shutdown message is otherwise not processed, not even + on an idle system. Thanks to Marcin for bringing this problem up. + - support for resolving huge groups + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=310 + Thanks to Alec Warner for the patch + - bugfix: potential hang due to mutex deadlock + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=316 + Thanks to Andreas Piesk for reporting&analyzing this bug as well as + providing patches and other help in resolving it. bugfix: property + PROCID empty instead of proper nilvalue if not present + If it is not present, it must have the nilvalue “-” as of RFC5424 + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=332 + Thanks to John N for reporting this issue. + - bugfix: “last message repeated n times” message was missing hostname + Thanks to Zdenek Salvet for finding this bug and to Bodik for reporting + bugfix: multiple main queues with same queue file name was not detected + This lead to queue file corruption. While the root cause is a config + error, it is a bug that this important and hard to find config error + was not detected by rsyslog. + +------------------------------------------------------------------- +Mon May 7 10:31:08 UTC 2012 - [email protected] + +- Updated to 5.8.11 [V5-stable] 2012-05-03: + - bugfix: ommysql did not properly init/exit the mysql runtime + library this could lead to segfaults. Triggering condition: + multiple action instances using ommysql. Thanks to Tomas + Heinrich for reporting this problem and providing an initial + patch (which my solution is based on, I need to add more code + to clean the mess up). + - bugfix: rsyslog did not terminate when delayable inputs were + blocked due to unvailable sources. Fixes: + http://bugzilla.adiscon.com/show_bug.cgi?id=299 + Thanks to Marcin M for bringing up this problem and Andre + Lorbach for helping to reproduce and fix it. + - bugfix: active input in “light delay state” could block + rsyslog termination, at least for prolonged period of time + - bugfix: imptcp input name could not be set. Config directive + was accepted, but had no effect + bugfix: assigned ruleset was lost when using disk queues + This looked quite hard to diagnose for disk-assisted queues, + as the pure memory part worked well, but ruleset info was lost + for messages stored inside the disk queue. + - bugfix: hostname was not requeried on HUP + Thanks to Per Jessen for reporting this bug and Marius + Tomaschewski for his help in testing the fix. + - bugfix: inside queue.c, some thread cancel states were not + correctly reset. While this is a bug, we assume it did have + no practical effect because the reset as it was done was set + to the state the code actually had at this point. But better + fix this… +- Removed obsolete requery hostname patch + +------------------------------------------------------------------- +Thu Apr 12 09:22:38 UTC 2012 - [email protected] + +- Added upstream patchset to requery hostname on HUP (bnc#755857) +- Removed obsolete rsyslog-5.8.7-systemd-log-socket.patch +- Updated to 5.8.10 [V5-stable] 2012-04-05: + - bugfix: segfault on startup if $actionqueuefilename was missing + for disk queue config. Thanks to Tomas Heinrich for the patch. + - bugfix: segfault if disk-queue was started up with old queue file + Thanks to Tomas Heinrich for the patch. + - bugfix: memory leak in array passing output module mode + by 5.8.9 [V5-stable] 2012-03-15: + - added tool to recover disk queue if .qi file is missing + (recover_qi.pl) + Thanks to Kaiwang Chen for contributing this tool + - bugfix: stopped DA queue was never processed after a restart + due to a regression from statistics module. + - added better doc for statsobj interface. + Thanks to Kaiwang Chen for his suggestions and analysis in + regard to the stats subsystem. + by 5.8.8 [V5-stable] 2012-03-05: + - bugfix: omprog made rsyslog abort on startup if not binary to + execute was configured + - bugfix: imklog invalidly computed facility and severity + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313 + improves interop with systemd journal + +------------------------------------------------------------------- +Mon Feb 20 15:33:05 UTC 2012 - [email protected] + +- Detect if we have to use the new /run/systemd/journal/syslog + socket instead of the /dev/log under newer systemd versions. + Obsoletes listen.conf installed by systemd (bnc#747871). +- updated to 5.8.7 [V5-stable]: + - bugfix: instabilities when using RFC5424 header fields + Thanks to Kaiwang Chen for the patch + - bugfix: imuxsock did truncate part of received message if it did + not contain a proper date. The truncation occured because we + removed that part of the messages that was expected to be the date. + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=295 + - bugfix: potential abort after reading invalid X.509 certificate + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290 + Thanks to Tomas Heinrich for the patch + - bugfix: stats counter were not properly initialized on creation + - FQDN hostname for multihomed host was not always set to the correct + name if multiple aliases existed. Thanks to Tomas Heinreich for the + patch. +- updated to 5.8.6 [V5-stable]: + - bugfix: missing whitespace after property-based filter was not ++++ 511 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.rsyslog.931.new/rsyslog.changes New: ---- rsyslog-5.10.0.tar.bz2 rsyslog.changes rsyslog.conf.in rsyslog.d.remote.conf.in rsyslog.early.conf.in rsyslog.spec rsyslog.sysconfig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsyslog.spec ++++++ ++++ 644 lines (skipped) ++++++ rsyslog.conf.in ++++++ ## ## === When you're using remote logging, enable on-disk queues === ## === in rsyslog.d/remote.conf. When neccesary also set the === ## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog, === ## === e.g. when rsyslog has to receive on a specific IP only. === ## ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules ## (provided in separate rsyslog-module-* packages) are enabled, the ## configuration can't be used on a system with /usr on a remote ## filesystem, except on newer systems where initrd mounts /usr. ## [The modules are linked against libraries installed bellow of ## /usr thus also installed in /usr/lib*/rsyslog because of this.] ## # # if you experience problems, check # http://www.rsyslog.com/troubleshoot for assistance # and report them at http://bugzilla.novell.com/ # # since rsyslog v3: load input modules # If you do not load inputs, nothing happens! # provides --MARK-- message capability (every 1 hour) $ModLoad immark.so $MarkMessagePeriod 3600 # provides support for local system logging (e.g. via logger command) $ModLoad imuxsock.so # reduce dupplicate log messages (last message repeated n times) $RepeatedMsgReduction on # kernel logging (may be also provided by /sbin/klogd) # see also http://www.rsyslog.com/doc-imklog.html. $ModLoad imklog.so # set log level 1 (same as in /etc/sysconfig/syslog). $klogConsoleLogLevel 1 # # Use traditional log format by default. To change a single # file to use rsyslog format (high-precision timestamps), # append ";RSYSLOG_FileFormat" to the filename. See # http://www.rsyslog.com/doc/rsyslog_conf_templates.html # for more informations. # $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # # Include config generated by /etc/init.d/syslog script # using the SYSLOGD_ADDITIONAL_SOCKET* variables in the # /etc/sysconfig/syslog file. # $IncludeConfig ADDITIONAL_SOCKETS # # Include config files, that the admin provided? : # $IncludeConfig ETC_RSYSLOG_D_GLOB ### # print most important on tty10 and on the xconsole pipe # if ( \ /* kernel up to warning except of firewall */ \ ($syslogfacility-text == 'kern') and \ ($syslogseverity <= 4 /* warning */ ) and not \ ($msg contains 'IN=' and $msg contains 'OUT=') \ ) or ( \ /* up to errors except of facility authpriv */ \ ($syslogseverity <= 3 /* errors */ ) and not \ ($syslogfacility-text == 'authpriv') \ ) \ then /dev/tty10 & |/dev/xconsole # Emergency messages to everyone logged on (wall) *.emerg :omusrmsg:* # enable this, if you want that root is informed # immediately, e.g. of logins #*.alert root # # firewall messages into separate file and stop their further processing # if ($syslogfacility-text == 'kern') and \ ($msg contains 'IN=' and $msg contains 'OUT=') \ then -/var/log/firewall & ~ # # acpid messages into separate file and stop their further processing # # => all acpid messages for debuging (uncomment if needed): #if ($programname == 'acpid' or $syslogtag == '[acpid]:') then \ # -/var/log/acpid # # => up to notice (skip info and debug) if ($programname == 'acpid' or $syslogtag == '[acpid]:') and \ ($syslogseverity <= 5 /* notice */) \ then -/var/log/acpid & ~ # # NetworkManager into separate file and stop their further processing # if ($programname == 'NetworkManager') or \ ($programname startswith 'nm-') \ then -/var/log/NetworkManager & ~ # # email-messages # mail.* -/var/log/mail mail.info -/var/log/mail.info mail.warning -/var/log/mail.warn mail.err /var/log/mail.err # # news-messages # news.crit -/var/log/news/news.crit news.err -/var/log/news/news.err news.notice -/var/log/news/news.notice # enable this, if you want to keep all news messages # in one file #news.* -/var/log/news.all # # Warnings in one file # *.=warning;*.=err -/var/log/warn *.crit /var/log/warn # # the rest in one file # *.*;mail.none;news.none -/var/log/messages # # enable this, if you want to keep all messages # in one file #*.* -/var/log/allmessages # # Some foreign boot scripts require local7 # local0,local1.* -/var/log/localmessages local2,local3.* -/var/log/localmessages local4,local5.* -/var/log/localmessages local6,local7.* -/var/log/localmessages ### ++++++ rsyslog.d.remote.conf.in ++++++ ## ## === When you're using remote logging, enable on-disk queues === ## === in rsyslog.d/remote.conf. When neccesary also set the === ## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog, === ## === e.g. when rsyslog has to receive on a specific IP only. === ## ## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules ## (provided in separate rsyslog-module-* packages) are enabled, the ## configuration can't be used on a system with /usr on a remote ## filesystem, except on newer systems where initrd mounts /usr. ## [The modules are linked against libraries installed bellow of ## /usr thus also installed in /usr/lib*/rsyslog because of this.] ## # ######### Enable On-Disk queues for remote logging ########## # # An on-disk queue is created for this action. If the remote host is # down, messages are spooled to disk and sent when it is up again. # #$WorkDirectory RSYSLOG_SPOOL_DIR # where to place spool files #$ActionQueueFileName uniqName # unique name prefix for spool files #$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) #$ActionQueueSaveOnShutdown on # save messages to disk on shutdown #$ActionQueueType LinkedList # run asynchronously #$ActionResumeRetryCount -1 # infinite retries if host is down # ######### Sending Messages to Remote Hosts ########## # Remote Logging using TCP for reliable delivery # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional #*.* @@remote-host # Remote Logging using UDP # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional #*.* @remote-host # ######### Receiving Messages from Remote Hosts ########## # TCP Syslog Server: # provides TCP syslog reception and GSS-API (if compiled to support it) #$ModLoad imtcp.so # load module ##$UDPServerAddress 10.10.0.1 # force to listen on this IP only, ## # needs SYSLOG_REQUIRES_NETWORK=yes. #$InputTCPServerRun <port> # Starts a TCP server on selected port # UDP Syslog Server: #$ModLoad imudp.so # provides UDP syslog reception ##$UDPServerAddress 10.10.0.1 # force to listen on this IP only, ## # needs SYSLOG_REQUIRES_NETWORK=yes. #$UDPServerRun 514 # start a UDP syslog server at standard port 514 ########### Encrypting Syslog Traffic with TLS ########## # -- TLS Syslog Server: ## make gtls driver the default #$DefaultNetstreamDriver gtls # ## certificate files #$DefaultNetstreamDriverCAFile ETC_RSYSLOG_D_DIR/ca.pem #$DefaultNetstreamDriverCertFile ETC_RSYSLOG_D_DIR/server_cert.pem #$DefaultNetstreamDriverKeyFile ETC_RSYSLOG_D_DIR/server_key.pem # #$ModLoad imtcp # load TCP listener # #$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode #$InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated #$InputTCPServerRun 10514 # start up listener at port 10514 # # -- TLS Syslog Client: ## certificate files - just CA for a client #$DefaultNetstreamDriverCAFile ETC_RSYSLOG_D_DIR/ca.pem # ## set up the action #$DefaultNetstreamDriver gtls # use gtls netstream driver #$ActionSendStreamDriverMode 1 # require TLS for the connection #$ActionSendStreamDriverAuthMode anon # server is NOT authenticated #*.* @@(o)server.example.net:10514 # send (all) messages ++++++ rsyslog.early.conf.in ++++++ ## ## NOTE: This config file is obsolete and will be dropped in ## further package versions. Even while early syslog ## start, the /etc/rsyslog.conf file is used now. ## See rsyslog.conf and remote.conf for more details. ## ## We still ship the file, because systemd does not ## provide a way to execute syslog-service-generator. ## $IncludeConfig ETC_RSYSLOG_CONF ### ++++++ rsyslog.sysconfig ++++++ ## Type: list(@RSYSLOGD_VERSION@) ## Default: "@RSYSLOGD_VERSION@" ## Config: "" ## ServiceRestart: syslog # # The native version compatibility level of the current rsyslogd. # # Note, that this variable is read-only -- please do not change it! # Instead, please adopt the RSYSLOGD_COMPAT_VERSION variable. # # This variable will be updated while every installation/upgrade of # the rsyslog daemon package. # RSYSLOGD_NATIVE_VERSION="@RSYSLOGD_VERSION@" ## Type: integer(0:@RSYSLOGD_VERSION@) ## Default: "" ## Config: "" ## ServiceRestart: syslog # # Version compatibility level to run rsyslogd with (-c parameter). # Set to the desired version number rsyslogd shall be compatible with. # # Default is to run in native mode if the currently installed rsyslog # daemon version. # # Note: Changes to this variable may need adoption of the config file # or break features used in the /etc/init.d/syslog script by default. # RSYSLOGD_COMPAT_VERSION="" ## Type: string ## Default: "" ## Config: "" ## ServiceRestart: syslog # # Parameters for rsyslogd, except of the version compatibility (-c) # and the config file (-f), because they're used by sysconfig and # earlysysconfig init scripts. # # See also the RSYSLOGD_COMPAT_VERSION variable in this file, the # documentation provided in /usr/share/doc/packages/rsyslog/doc by # the rsyslog-doc package and the rsyslogd(8) and rsyslog.conf(5) # manual pages. # RSYSLOGD_PARAMS="" -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
