1 |
mr_bones_ 14/01/22 04:25:36 |
2 |
|
3 |
Added: syslog-ng.conf.gentoo.hardened syslog-ng.confd |
4 |
syslog-ng.conf.gentoo.fbsd syslog-ng.conf.gentoo |
5 |
syslog-ng.rc6 |
6 |
Log: |
7 |
add first version from the 3.5 branch, currently masked; also fix bugs #497448 and #498038 |
8 |
|
9 |
(Portage version: 2.2.7/cvs/Linux x86_64, unsigned Manifest commit) |
10 |
|
11 |
Revision Changes Path |
12 |
1.1 app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.hardened |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.hardened?rev=1.1&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.hardened?rev=1.1&content-type=text/plain |
16 |
|
17 |
Index: syslog-ng.conf.gentoo.hardened |
18 |
=================================================================== |
19 |
@version: 3.5 |
20 |
# Copyright 1999-2011 Gentoo Foundation |
21 |
# Distributed under the terms of the GNU General Public License v2 |
22 |
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.hardened,v 1.1 2014/01/22 04:25:36 mr_bones_ Exp $ |
23 |
|
24 |
# https://bugs.gentoo.org/show_bug.cgi?id=426814 |
25 |
@include "scl.conf" |
26 |
|
27 |
# |
28 |
# Syslog-ng configuration file, compatible with default hardened installations. |
29 |
# |
30 |
|
31 |
options { |
32 |
threaded(yes); |
33 |
chain_hostnames(no); |
34 |
stats_freq(43200); |
35 |
}; |
36 |
|
37 |
source src { |
38 |
unix-dgram("/dev/log"); |
39 |
internal(); |
40 |
}; |
41 |
source kernsrc { |
42 |
file("/proc/kmsg"); |
43 |
}; |
44 |
|
45 |
#source net { udp(); }; |
46 |
#log { source(net); destination(net_logs); }; |
47 |
#destination net_logs { file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); }; |
48 |
|
49 |
destination authlog { file("/var/log/auth.log"); }; |
50 |
destination _syslog { file("/var/log/syslog"); }; |
51 |
destination cron { file("/var/log/cron.log"); }; |
52 |
destination daemon { file("/var/log/daemon.log"); }; |
53 |
destination kern { file("/var/log/kern.log"); file("/dev/tty12"); }; |
54 |
destination lpr { file("/var/log/lpr.log"); }; |
55 |
destination user { file("/var/log/user.log"); }; |
56 |
destination uucp { file("/var/log/uucp.log"); }; |
57 |
#destination ppp { file("/var/log/ppp.log"); }; |
58 |
destination mail { file("/var/log/mail.log"); }; |
59 |
|
60 |
destination avc { file("/var/log/avc.log"); }; |
61 |
destination audit { file("/var/log/audit.log"); }; |
62 |
destination pax { file("/var/log/pax.log"); }; |
63 |
destination grsec { file("/var/log/grsec.log"); }; |
64 |
|
65 |
destination mailinfo { file("/var/log/mail.info"); }; |
66 |
destination mailwarn { file("/var/log/mail.warn"); }; |
67 |
destination mailerr { file("/var/log/mail.err"); }; |
68 |
|
69 |
destination newscrit { file("/var/log/news/news.crit"); }; |
70 |
destination newserr { file("/var/log/news/news.err"); }; |
71 |
destination newsnotice { file("/var/log/news/news.notice"); }; |
72 |
|
73 |
destination debug { file("/var/log/debug"); }; |
74 |
destination messages { file("/var/log/messages"); }; |
75 |
destination console { usertty("root"); }; |
76 |
destination console_all { file("/dev/tty12"); }; |
77 |
#destination loghost { udp("loghost" port(999)); }; |
78 |
|
79 |
destination xconsole { pipe("/dev/xconsole"); }; |
80 |
|
81 |
filter f_auth { facility(auth); }; |
82 |
filter f_authpriv { facility(auth, authpriv); }; |
83 |
filter f_syslog { not facility(authpriv, mail); }; |
84 |
filter f_cron { facility(cron); }; |
85 |
filter f_daemon { facility(daemon); }; |
86 |
filter f_kern { facility(kern); }; |
87 |
filter f_lpr { facility(lpr); }; |
88 |
filter f_mail { facility(mail); }; |
89 |
filter f_user { facility(user); }; |
90 |
filter f_uucp { facility(uucp); }; |
91 |
#filter f_ppp { facility(ppp); }; |
92 |
filter f_news { facility(news); }; |
93 |
filter f_debug { not facility(auth, authpriv, news, mail); }; |
94 |
filter f_messages { level(info..warn) |
95 |
and not facility(auth, authpriv, mail, news); }; |
96 |
filter f_emergency { level(emerg); }; |
97 |
|
98 |
filter f_info { level(info); }; |
99 |
|
100 |
filter f_notice { level(notice); }; |
101 |
filter f_warn { level(warn); }; |
102 |
filter f_crit { level(crit); }; |
103 |
filter f_err { level(err); }; |
104 |
|
105 |
filter f_avc { message(".*avc: .*"); }; |
106 |
filter f_audit { message("^(\\[.*\..*\] |)audit.*") and not message(".*avc: .*"); }; |
107 |
filter f_pax { message("^(\\[.*\..*\] |)PAX:.*"); }; |
108 |
filter f_grsec { message("^(\\[.*\..*\] |)grsec:.*"); }; |
109 |
|
110 |
log { source(src); filter(f_authpriv); destination(authlog); }; |
111 |
log { source(src); filter(f_syslog); destination(_syslog); }; |
112 |
log { source(src); filter(f_cron); destination(cron); }; |
113 |
log { source(src); filter(f_daemon); destination(daemon); }; |
114 |
log { source(kernsrc); filter(f_kern); destination(kern); }; |
115 |
log { source(src); filter(f_lpr); destination(lpr); }; |
116 |
log { source(src); filter(f_mail); destination(mail); }; |
117 |
log { source(src); filter(f_user); destination(user); }; |
118 |
log { source(src); filter(f_uucp); destination(uucp); }; |
119 |
log { source(kernsrc); filter(f_pax); destination(pax); }; |
120 |
log { source(kernsrc); filter(f_grsec); destination(grsec); }; |
121 |
log { source(kernsrc); filter(f_audit); destination(audit); }; |
122 |
log { source(kernsrc); filter(f_avc); destination(avc); }; |
123 |
log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); }; |
124 |
log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); }; |
125 |
log { source(src); filter(f_mail); filter(f_err); destination(mailerr); }; |
126 |
log { source(src); filter(f_news); filter(f_crit); destination(newscrit); }; |
127 |
log { source(src); filter(f_news); filter(f_err); destination(newserr); }; |
128 |
log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); }; |
129 |
log { source(src); filter(f_debug); destination(debug); }; |
130 |
log { source(src); filter(f_messages); destination(messages); }; |
131 |
log { source(src); filter(f_emergency); destination(console); }; |
132 |
#log { source(src); filter(f_ppp); destination(ppp); }; |
133 |
log { source(src); destination(console_all); }; |
134 |
|
135 |
|
136 |
|
137 |
1.1 app-admin/syslog-ng/files/3.5/syslog-ng.confd |
138 |
|
139 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.confd?rev=1.1&view=markup |
140 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.confd?rev=1.1&content-type=text/plain |
141 |
|
142 |
Index: syslog-ng.confd |
143 |
=================================================================== |
144 |
# Config file for /etc/init.d/syslog-ng |
145 |
|
146 |
# If you are not using network logging, this entire section should be |
147 |
# commented out. Otherwise, choose one of the settings below based on |
148 |
# how you are configuring your network. |
149 |
# |
150 |
# If you are using the net.* scripts to configure your network, you should |
151 |
# set rc_need to match the interface through which your logging server |
152 |
# can be reached. |
153 |
#rc_need="net.eth0" |
154 |
# |
155 |
# If you are using an interface manager like wicd, dhcpcd in standalone |
156 |
# mode, networkmanager, etc to control your interfaces, set rc_need to |
157 |
# the name of that service. |
158 |
# rc_need="dhcpcd" |
159 |
#rc_need="networkmanager" |
160 |
# |
161 |
# If you are using newnet and configuring your interface statically with |
162 |
# the network script, you should use this setting. |
163 |
#rc_need="network" |
164 |
# |
165 |
# You can use this setting, but I do not recommend relying on it. |
166 |
#rc_need="net" |
167 |
# |
168 |
# You may also want to uncomment the following if you are using network |
169 |
# logging. |
170 |
#rc_use="stunnel" |
171 |
|
172 |
# For very customized setups these variables can be adjusted as needed |
173 |
# but for most situations they should remain commented: |
174 |
# SYSLOG_NG_CONFIGFILE=/etc/syslog-ng/syslog-ng.conf |
175 |
# SYSLOG_NG_STATEFILE_DIR=/var/lib/syslog-ng |
176 |
# SYSLOG_NG_STATEFILE=${SYSLOG_NG_STATEFILE_DIR}/syslog-ng.persist |
177 |
# SYSLOG_NG_PIDFILE_DIR=/var/run |
178 |
# SYSLOG_NG_PIDFILE=${SYSLOG_NG_PIDFILE_DIR}/syslog-ng.pid |
179 |
# SYSLOG_NG_GROUP=root |
180 |
# SYSLOG_NG_USER=root |
181 |
|
182 |
# Put any additional options for syslog-ng here. |
183 |
# See syslog-ng(8) for more information. |
184 |
|
185 |
SYSLOG_NG_OPTS="" |
186 |
|
187 |
|
188 |
|
189 |
1.1 app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.fbsd |
190 |
|
191 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.fbsd?rev=1.1&view=markup |
192 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.fbsd?rev=1.1&content-type=text/plain |
193 |
|
194 |
Index: syslog-ng.conf.gentoo.fbsd |
195 |
=================================================================== |
196 |
@version: 3.5 |
197 |
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo.fbsd,v 1.1 2014/01/22 04:25:36 mr_bones_ Exp $ |
198 |
# |
199 |
# Syslog-ng default configuration file for Gentoo FreeBSD |
200 |
# |
201 |
|
202 |
# https://bugs.gentoo.org/show_bug.cgi?id=426814 |
203 |
@include "scl.conf" |
204 |
|
205 |
options { |
206 |
threaded(yes); |
207 |
chain_hostnames(no); |
208 |
|
209 |
# The default action of syslog-ng is to log a STATS line |
210 |
# to the file every 10 minutes. That's pretty ugly after a while. |
211 |
# Change it to every 12 hours so you get a nice daily update of |
212 |
# how many messages syslog-ng missed (0). |
213 |
stats_freq(43200); |
214 |
}; |
215 |
|
216 |
source src { system(); internal(); }; |
217 |
|
218 |
destination messages { file("/var/log/messages"); }; |
219 |
|
220 |
log { source(src); destination(messages); }; |
221 |
|
222 |
|
223 |
|
224 |
1.1 app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo |
225 |
|
226 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo?rev=1.1&view=markup |
227 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo?rev=1.1&content-type=text/plain |
228 |
|
229 |
Index: syslog-ng.conf.gentoo |
230 |
=================================================================== |
231 |
@version: 3.5 |
232 |
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.conf.gentoo,v 1.1 2014/01/22 04:25:36 mr_bones_ Exp $ |
233 |
# |
234 |
# Syslog-ng default configuration file for Gentoo Linux |
235 |
|
236 |
# https://bugs.gentoo.org/show_bug.cgi?id=426814 |
237 |
@include "scl.conf" |
238 |
|
239 |
options { |
240 |
threaded(yes); |
241 |
chain_hostnames(no); |
242 |
|
243 |
# The default action of syslog-ng is to log a STATS line |
244 |
# to the file every 10 minutes. That's pretty ugly after a while. |
245 |
# Change it to every 12 hours so you get a nice daily update of |
246 |
# how many messages syslog-ng missed (0). |
247 |
stats_freq(43200); |
248 |
# The default action of syslog-ng is to log a MARK line |
249 |
# to the file every 20 minutes. That's seems high for most |
250 |
# people so turn it down to once an hour. Set it to zero |
251 |
# if you don't want the functionality at all. |
252 |
mark_freq(3600); |
253 |
}; |
254 |
|
255 |
source src { system(); internal(); }; |
256 |
|
257 |
destination messages { file("/var/log/messages"); }; |
258 |
|
259 |
# By default messages are logged to tty12... |
260 |
destination console_all { file("/dev/tty12"); }; |
261 |
# ...if you intend to use /dev/console for programs like xconsole |
262 |
# you can comment out the destination line above that references /dev/tty12 |
263 |
# and uncomment the line below. |
264 |
#destination console_all { file("/dev/console"); }; |
265 |
|
266 |
log { source(src); destination(messages); }; |
267 |
log { source(src); destination(console_all); }; |
268 |
|
269 |
|
270 |
|
271 |
1.1 app-admin/syslog-ng/files/3.5/syslog-ng.rc6 |
272 |
|
273 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.rc6?rev=1.1&view=markup |
274 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.rc6?rev=1.1&content-type=text/plain |
275 |
|
276 |
Index: syslog-ng.rc6 |
277 |
=================================================================== |
278 |
#!/sbin/runscript |
279 |
# Copyright 1999-2014 Gentoo Foundation |
280 |
# Distributed under the terms of the GNU General Public License v2 |
281 |
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/3.5/syslog-ng.rc6,v 1.1 2014/01/22 04:25:36 mr_bones_ Exp $ |
282 |
|
283 |
SYSLOG_NG_CONFIGFILE=${SYSLOG_NG_CONFIGFILE:-/etc/syslog-ng/${RC_SVCNAME}.conf} |
284 |
SYSLOG_NG_STATEFILE_DIR=${SYSLOG_NG_STATEFILE_DIR:-/var/lib/syslog-ng} |
285 |
SYSLOG_NG_STATEFILE=${SYSLOG_NG_STATEFILE:-${SYSLOG_NG_STATEFILE_DIR}/syslog-ng.persist} |
286 |
SYSLOG_NG_PIDFILE_DIR=${SYSLOG_NG_PIDFILE_DIR:-/var/run} |
287 |
SYSLOG_NG_PIDFILE=${SYSLOG_NG_PIDFILE:-${SYSLOG_NG_PIDFILE_DIR}/${RC_SVCNAME}.pid} |
288 |
|
289 |
SYSLOG_NG_GROUP=${SYSLOG_NG_GROUP:-root} |
290 |
SYSLOG_NG_USER=${SYSLOG_NG_USER:-root} |
291 |
|
292 |
command="/usr/sbin/syslog-ng" |
293 |
command_args="--persist-file \"${SYSLOG_NG_STATEFILE}\" --cfgfile \"${SYSLOG_NG_CONFIGFILE}\" --pidfile \"${SYSLOG_NG_PIDFILE}\" ${SYSLOG_NG_OPTS}" |
294 |
extra_commands="checkconfig" |
295 |
extra_started_commands="reload" |
296 |
pidfile="${SYSLOG_NG_PIDFILE}" |
297 |
start_stop_daemon_args="--user \"${SYSLOG_NG_USER}\":\"${SYSLOG_NG_GROUP}\"" |
298 |
description="Syslog-ng is a syslog replacement with advanced filtering features." |
299 |
description_checkconfig="Check the configuration file that will be used by \"start\"" |
300 |
description_reload="Reload the configuration without exiting" |
301 |
required_files="${SYSLOG_NG_CONFIGFILE}" |
302 |
required_dirs="${SYSLOG_NG_PIDFILE_DIR}" |
303 |
|
304 |
depend() { |
305 |
use clock |
306 |
need hostname localmount |
307 |
after bootmisc |
308 |
provide logger |
309 |
} |
310 |
|
311 |
checkconfig() { |
312 |
ebegin "Checking your configfile (${SYSLOG_NG_CONFIGFILE})" |
313 |
syslog-ng -s -f "${SYSLOG_NG_CONFIGFILE}" |
314 |
eend $? "Configuration error. Please fix your configfile (${SYSLOG_NG_CONFIGFILE})" |
315 |
} |
316 |
|
317 |
start_pre() { |
318 |
checkconfig || return 1 |
319 |
checkpath \ |
320 |
-d \ |
321 |
--mode 0700 \ |
322 |
--owner "${SYSLOG_NG_OWNER}:${SYSLOG_NG_GROUP}" \ |
323 |
"${SYSLOG_NG_STATEFILE_DIR}" |
324 |
} |
325 |
|
326 |
stop_pre() { |
327 |
[ "$RC_CMD" = restart ] && sleep 1 |
328 |
return 0 |
329 |
} |
330 |
|
331 |
reload() { |
332 |
checkconfig || return 1 |
333 |
ebegin "Reloading configuration and re-opening log files" |
334 |
start-stop-daemon --signal HUP --pidfile "${pidfile}" |
335 |
eend $? |
336 |
} |