Hello, 2010-04-08 21:06 keltezéssel, Daniel J Walsh írta: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 04/08/2010 10:02 AM, Peter Czanik wrote: > >> Hello, >> >> I'm helping to upgrade syslog-ng to current version in major Linux >> distributions. I would like to ask, if you could update syslog-ng to >> version 3.1. I'm working on the openSUSE version of syslog-ng 3.1 ( >> http://download.opensuse.org/repositories/home:/czanik:/branches:/Base:/System/openSUSE_Factory/src/ >> ), and it is also being upgraded in Debian ( >> http://packages.qa.debian.org/s/syslog-ng.html ) and Gentoo ( >> http://gentoo.linuxhowtos.org/portage/app-admin/syslog-ng ) and Mandriva >> ( http://sophie.zarb.org/viewrpm/b8182fa1eee109cc655a020a2cb62f5f ). >> >> For a complete list of changes, please see: >> http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/changelog-en.txt >> http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.1.0/changelog-en.txt >> >> Major changes from the packaging point of view: >> >> - addition of new utilities: >> /usr/bin/pdbtool >> /usr/sbin/syslog-ng-ctl >> >> > Are these tools executed by init scripts or just by administrators? > Just by administrators. The first manages the pattern database (patterns are not included), the second gives stats and controls debugging: bigone112:~ # pdbtool Syntax: pdbtool <command> [options] Possible commands are: match Match a message against the pattern database dump Dump pattern datebase tree merge Merge pattern databases bigone112:~ # syslog-ng-ctl Syntax: syslog-ng-ctl <command> [options] Possible commands are: stats Dump syslog-ng statistics verbose Enable/query verbose messages debug Enable/query debug messages trace Enable/query trace messages >> - apparmor (or SElinux in case of Fedora) needs some extra permissions: >> /var/run/syslog-ng.ctl rw, >> > Is this a sock_file? > Yes, it is. >> /var/run/syslog-ng/additional-log-sockets.conf r, >> Ooops, sorry, this is a SuSE related config file, where additional log sockects from chroots are added on start by the init script. > Why not put syslog-ng.ctl in /var/run/syslog-ng? > It is controlled by configure parameter: --with-pidfile-dir=/var/run which also affects pid file location (see src/syslog-ng.h): #define PATH_PIDFILE PATH_PIDFILEDIR "/syslog-ng.pid" #define PATH_CONTROL_SOCKET PATH_PIDFILEDIR "/syslog-ng.ctl" Fedora seems to be a bit more flexible here, than SuSE, so one could easily set to use /var/run/syslog-ng/ for both of these files. >> capability sys_tty_config, >> > What other processes need to read/write in these directories or sock_files? > Only syslog-ng and syslog-ng-ctl. Bye, CzP >> Version 3.0 also added SSL support among many other changes, but that >> can't be enabled on openSUSE (configure arg: --disable-ssl): syslog-ng >> is in /sbin, openssl libs are in /usr/lib, linking from /usr is not >> allowed in /, and SSL is not available statically for security reasons. >> As far as I can see (I have a Fedora 13 snapshot installed in vmware), >> Fedora has the same problem. >> >> Please let me know, if you need any additional help/information to get >> syslog-ng updated for Fedora. >> >> Best regards, >> Peter Czanik >> >> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.14 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ > > iEYEARECAAYFAku+KUsACgkQrlYvE4MpobNBeQCfRvP3ykhSY8xaAMCL6PlOY+18 > fY8AoIo2TyUSPXEYDiUWs5ts/U6IMh8B > =G3LL > -----END PGP SIGNATURE----- > -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
