--- /dev/null
+# Last Modified: Sun Sep 25 08:58:35 2011
+#include <tunables/global>
+
+# Debugging the syslogger can be difficult if it can't write to the file
+# that the kernel is logging denials to. In these cases, you can do the
+# following:
+# watch -n 1 'dmesg | tail -5'
+
+/usr/sbin/rsyslogd {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+
+ capability sys_tty_config,
+ capability dac_override,
+ capability dac_read_search,
+ capability setuid,
+ capability setgid,
+ capability sys_nice,
+ capability syslog,
+
+ # rsyslog configuration
+ /etc/rsyslog.conf r,
+ /etc/rsyslog.d/ r,
+ /etc/rsyslog.d/** r,
+ /{,var/}run/rsyslogd.pid rwk,
+ /var/spool/rsyslog/ r,
+ /var/spool/rsyslog/** rwk,
+
+ /usr/lib{,32,64}/rsyslog/*.so mr,
+
+ /dev/tty* rw,
+ /dev/xconsole rw,
+ @{PROC}/kmsg r,
+
+ /dev/log wl,
+ /var/lib/*/dev/log wl,
+ /var/spool/postfix/dev/log wl,
+
+ # 'r' is needed when using imfile
+ /var/log/** rw,
+
+ # Add these for mysql support
+ #/etc/mysql/my.cnf r,
+ #/{,var/}run/mysqld/mysqld.sock rw,
+
+ # Add thes for postgresql support
+ ##include <abstractions/openssl>
+ ##include <abstractions/ssl_certs>
+ #/{,var/}run/postgresql/.s.PGSQL.*[0-9] rw,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.sbin.rsyslogd>
+}
--- /dev/null
+# Options for rsyslogd
+# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3)
+# -r enables logging from remote machines (deprecated, only used in compat mode < 3)
+# -x disables DNS lookups on messages received with -r
+# -c compatibility mode
+# See rsyslogd(8) for more details
+RSYSLOGD_OPTIONS="-c5"
+
--- /dev/null
+/lib/init/upstart-job
\ No newline at end of file
--- /dev/null
+/lib/init/upstart-job
\ No newline at end of file
--- /dev/null
+# dmesg - save kernel messages
+#
+# This task saves the initial kernel message log.
+
+description "save kernel messages"
+
+start on runlevel [2345]
+
+task
+script
+ savelog -q -p -c 5 /var/log/dmesg
+ dmesg -s 524288 > /var/log/dmesg
+ chgrp adm /var/log/dmesg
+end script
--- /dev/null
+# rsyslog - system logging daemon
+#
+# rsyslog is an enhanced multi-threaded replacement for the traditional
+# syslog daemon, logging messages from applications
+
+description "system logging daemon"
+
+start on filesystem
+stop on runlevel [06]
+
+expect fork
+respawn
+
+pre-start script
+ /lib/init/apparmor-profile-load usr.sbin.rsyslogd
+end script
+
+script
+ . /etc/default/rsyslog
+ exec rsyslogd $RSYSLOGD_OPTIONS
+end script
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: imklog [0-9.]+, log source = /proc/kmsg started.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Kernel logging \(proc\) stopped.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] start$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] exiting on signal [0-9]+.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] rsyslogd was HUPed$
--- /dev/null
+/var/log/syslog
+{
+ rotate 7
+ daily
+ missingok
+ notifempty
+ delaycompress
+ compress
+ postrotate
+ reload rsyslog >/dev/null 2>&1 || true
+ endscript
+}
+
+/var/log/mail.info
+/var/log/mail.warn
+/var/log/mail.err
+/var/log/mail.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/auth.log
+/var/log/user.log
+/var/log/lpr.log
+/var/log/cron.log
+/var/log/debug
+/var/log/messages
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ reload rsyslog >/dev/null 2>&1 || true
+ endscript
+}
--- /dev/null
+# /etc/rsyslog.conf Configuration file for rsyslog.
+#
+# For more information see
+# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+#
+# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
+
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog # provides kernel logging support (previously done by rklogd)
+#$ModLoad immark # provides --MARK-- message capability
+
+# provides UDP syslog reception
+#$ModLoad imudp
+#$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+# Filter duplicated messages
+$RepeatedMsgReduction on
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner syslog
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+$PrivDropToUser syslog
+$PrivDropToGroup syslog
+
+#
+# Where to place spool files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
--- /dev/null
+/lib/systemd/system/rsyslog.service
\ No newline at end of file
--- /dev/null
+[Unit]
+Description=System Logging Service
+
+[Service]
+ExecStartPre=/bin/systemctl stop systemd-kmsg-syslogd.service
+ExecStart=/usr/sbin/rsyslogd -n -c5
+Sockets=syslog.socket
+StandardOutput=null
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+Thankfully, we have had so many contributions that maintaining the
+AUTHORS file would be a big task in itself. On the other hand, we
+now use git and I make sure that each author receives proper credit
+for patches I receive.
+
+So rather than trying to reproduce the git author log here (and
+often making mistakes in that), I invite you to check the git logs.
+You can also do this online at
+
+http://git.adiscon.com/?p=rsyslog.git;a=summary
+
+Rainer Gerhards
+<rgerhards@adiscon.com>
+lead rsyslog developer
--- /dev/null
+rsyslog for Debian
+==================
+
+Configuration file(s)
+---------------------
+The default configuration file for rsyslog is /etc/rsyslog.conf.
+
+Its format is based on the standard syslog.conf format. As rsyslog
+has a lot more advanced features than sysklogd, it extends this format
+with special configuration directives which all start with the '$'
+prefix. See the rsyslogd(8) and rsyslog.conf(5) man pages for further
+information or install the rsyslog-doc package which provides much
+more detailed documentation.
+
+The Debian default configuration for rsyslog uses:
+
+ $IncludeConfig /etc/rsyslog.d/*.conf
+
+That means, all configuration files in /etc/rsyslog.d/ with a .conf file
+extension are read by rsyslog. This way the rsyslog configuration can be
+extended easily (either by package maintainers or local administrators).
+
+
+Command line arguments, modules and compatibility levels
+--------------------------------------------------------
+With version 3, rsyslog became much more modular. A lot of
+functionality has been moved into loadable modules, e.g. udp reception,
+which must be loaded explicitly.
+To keep compatibility with sysklogd, rsyslog introduced the concept of
+compatibility modes, which can be selected with the -c command line
+argument. E.g. with -c0, rsyslog becomes command line compatible with
+sysklogd and loads a default set of modules automatically.
+
+The default in Debian is -c3, i.e. command line arguments like -r or
+-m 0 have no effect and instead have to be configured via special
+configuration directives in rsyslog.conf.
+
+The options that are passed to rsyslog can be changed easily by
+modifying the RSYSLOGD_OPTIONS variable in /etc/default/rsyslog.
+
+If you have an existing, customized syslog.conf, it is recommended that
+you migrate your custom logging rules to rsyslog.conf or into a separate
+configuration file in /etc/rsyslog.d (in most cases it should be as
+simple as copy&paste).
+
+To read more about this topic please see
+/usr/share/doc/rsyslog-doc/html/v3compatibility.html or
+http://www.rsyslog.com/doc-v3compatibility.html.
+
+
+Log rotation
+------------
+Rsyslog uses the logrotate(8) utilitiy to rotate the standard Debian
+log files. The configuration file can be found at
+/etc/logrotate.d/rsyslog.
+
+The rotation cycle starts with .1, as this is the logrotate default.
+In contrast to sysklogd, which starts with .0.
+
+When upgrading from sysklogd, the postinst script will automatically
+rotate the existing standard Debian log files, if it is safe to do so
+(i.e. only if .0 is newer than .1).
+
+
+Forwarding messages to sysklogd
+-------------------------------
+If you are forwarding messages from a rsyslog client to a sysklogd
+server, it can lead to doubled hostnames in the syslog message on the
+server side. The reason is a limitation in sysklogd which does not parse
+the hostname in the syslog header (as defined by RFC 3164). See Debian
+bug #514051 for more details.
+
+A simple workaround in rsyslog is, to define a custom template, which
+does not include the hostname:
+
+ $template sysklogd,"<%PRI%>%TIMESTAMP% %syslogtag%%msg%"
+ *.* @remote-host;sysklogd
+
+This creates a template called "sysklogd" and assigns it to the forward
+rule when logging to "remote-host".
+
+
+ -- Michael Biebl <biebl@debian.org> Sat, 07 Feb 2009 18:54:37 +0100
--- /dev/null
+This package was debianized by Michael Biebl <biebl@debian.org> on
+Wed, 18 Jul 2007 16:22:23 +0200.
+
+It was downloaded from http://www.rsyslog.com
+
+Upstream Authors:
+
+ Rainer Gerhards <rgerhards@adiscon.com>, Adiscon GmbH
+ Michael Meckelein <mmeckelein@hq.adiscon.com>, Adiscon GmbH
+
+Copyright:
+
+ Copyright (C) 1995,1996 Dr. G.W. Wettstein <greg@wind.rmcc.com>
+ Copyright (C) 1996 Enjellic Systems Development
+ Copyright (C) 1995 Martin Schulze <Martin.Schulze@Linux.DE>
+ Copyright (C) 2003-2007 Rainer Gerhards and Adiscon GmbH
+
+License:
+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this package; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+On Debian systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
+
+The Debian packaging is (C) 2007, Michael Biebl <biebl@debian.org> and
+is licensed under the GPL, see above.
+
--- /dev/null
+rsyslog: init.d-script-missing-dependency-on-remote_fs /etc/init.d/rsyslog: required-stop
--- /dev/null
+# Default rules for rsyslog.
+#
+# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
+
+#
+# First some standard log files. Log by facility.
+#
+auth,authpriv.* /var/log/auth.log
+*.*;auth,authpriv.none -/var/log/syslog
+#cron.* /var/log/cron.log
+#daemon.* -/var/log/daemon.log
+kern.* -/var/log/kern.log
+#lpr.* -/var/log/lpr.log
+mail.* -/var/log/mail.log
+#user.* -/var/log/user.log
+
+#
+# Logging for the mail system. Split it up so that
+# it is easy to write scripts to parse these files.
+#
+#mail.info -/var/log/mail.info
+#mail.warn -/var/log/mail.warn
+mail.err /var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+news.crit /var/log/news/news.crit
+news.err /var/log/news/news.err
+news.notice -/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+#*.=debug;\
+# auth,authpriv.none;\
+# news.none;mail.none -/var/log/debug
+#*.=info;*.=notice;*.=warn;\
+# auth,authpriv.none;\
+# cron,daemon.none;\
+# mail,news.none -/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg :omusrmsg:*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+# news.=crit;news.=err;news.=notice;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn /dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
+# you must invoke `xconsole' with the `-file' option:
+#
+# $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+# busy site..
+#
+daemon.*;mail.*;\
+ news.err;\
+ *.=debug;*.=info;\
+ *.=notice;*.=warn |/dev/xconsole
projects / contrib / pines / genasys.git / commitdiff