2265387 – Review Request: ulogd - Userspace logging daemon for netfilter

Bug 2265387 - Review Request: ulogd - Userspace logging daemon for netfilter

Summary: Review Request: ulogd - Userspace logging daemon for netfilter

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody's working on this, feel free to take it
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://www.netfilter.org/projects/ul...
Whiteboard:	Unretirement
Depends On:	2024579
Blocks:
TreeView+	depends on / blocked

Reported:	2024-02-21 19:46 UTC by Thomas Haller
Modified:	2024-07-22 20:57 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
rpmlint output 1 (rpmlint-for-ulogd-1.txt) (33.88 KB, text/plain) 2024-02-27 09:23 UTC, Thomas Haller	no flags	Details
View All

Description Thomas Haller 2024-02-21 19:46:51 UTC

SPEC: https://src.fedoraproject.org/fork/thaller/rpms/ulogd/blob/th/2.0.8/f/ulogd.spec
dist-git: https://src.fedoraproject.org/fork/thaller/rpms/ulogd/commits/th/2.0.8
SRPM: https://thaller.fedorapeople.org/ulogd/ulogd-2.0.8-1.fc41.src.rpm

Fedora Account System Username: thaller

I'd like to unretire (and maintain) ulogd(2) (https://www.netfilter.org/projects/ulogd/).
It's useful for NFLOG logging:

  - https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/4J234RZ7Q5EILLNOSFEUERJ3AAS63LDL/
  - https://github.com/firewalld/firewalld/issues/1094

Quote from commit message of https://src.fedoraproject.org/fork/thaller/rpms/ulogd/commits/th/2.0.8 :

    Update to ulogd 2.0.8 and unretire

    The ulogd package was retried in F25, 2016 as it was sysvinit-only ([1]).

    [1] https://pagure.io/fesco/issue/1605

    - Rebase to 2.0.8. Most recent upstream release from 2022-Nov-11.
      https://netfilter.org/projects/ulogd/downloads.html#ulogd-2.0.8

    - Add a systemd service file.

    - The package is inspired by Debian's ulogd2 (2.0.8-1) package. The
      point is that the Debian pacakge is maybe in use and possibly works
      well. By doing something similar, we may also do the right thing
      and Debian users may be familiar with it already.
      In particular:

      - create and use system user "ulog".

      - create /var/log/ulog directory and patch configuration to use
        files in that directory.

      - enable a certain stack in /etc/ulogd.conf.

      - add a logrotate and tmpfiles configuration.

      Note that the Debian package is called "ulogd2", while we call the
      package "ulogd". Note that "ulogd" is also the name of the package
      on openSUSE. We thus follow the latter. Also, this is really an
      unretirement of the previous "ulogd" package.

    - create and use system user "ulog". The usage of "-u ulogd" is however
      problematic, because ulogd will start creating files as root before
      changing user. A later SIGHUP fails to reopen the file.  That's why its
      use is configurable via ULOGD_ARGS in /etc/sysconfig/ulogd.

    - don't add COPYING file to each plugin subpackages.

    - drop large "ulogd.{ps,html}" documentation files. They are large,
      and don't seem to useful.

    - requires libnetfilter_log 1.0.2. Find it at
      https://src.fedoraproject.org/rpms/libnetfilter_log/pull-request/1 .


This also depends on libnetfilter_log to 1.0.2, which is currently not yet in Rawhide:
SPEC: https://src.fedoraproject.org/fork/thaller/rpms/libnetfilter_log/blob/th/release-1.0.2/f/libnetfilter_log.spec
dist-git: https://src.fedoraproject.org/rpms/libnetfilter_log/pull-request/1
SRPM: https://thaller.fedorapeople.org/ulogd/libnetfilter_log-1.0.2-1.fc41.src.rpm

Comment 1 Fedora Review Service 2024-02-21 19:49:55 UTC

Copr build:
https://copr.fedorainfracloud.org/coprs/build/7047104
(failed)

Build log:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2265387-ulogd/fedora-rawhide-x86_64/07047104-ulogd/builder-live.log.gz

Please make sure the package builds successfully at least for Fedora Rawhide.

- If the build failed for unrelated reasons (e.g. temporary network
  unavailability), please ignore it.
- If the build failed because of missing BuildRequires, please make sure they
  are listed in the "Depends On" field


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.

Comment 2 Eric Garver 2024-02-26 21:45:34 UTC

+ # SIGHUP would reopen files (for logrotate). However, that may not work with
+ # "ULOGD_ARGS=-u ulog", as we won't have permissions to reopen the files.
+ ExecReload=/bin/kill -HUP $MAINPID 

ExecReload is optional. If we expect this to not work then maybe we simply don't define it.

Comment 3 Eric Garver 2024-02-26 21:47:33 UTC

Otherwise this looks good to me. Thanks!

Comment 4 Thomas Haller 2024-02-27 09:01:20 UTC

(In reply to Eric Garver from comment #2)
> ExecReload is optional. If we expect this to not work then maybe we simply
> don't define it.

I dropped `ExecReload`.

Comment 5 Thomas Haller 2024-02-27 09:23:44 UTC

Created attachment 2019097 [details]
rpmlint output 1 (rpmlint-for-ulogd-1.txt)

generated via

  $ ( for f in $(ls -1 *spec *src.rpm x86_64/*rpm); do echo ">>>> rpmlint $f"; rpmlint "$f"; done ; for f in $(rpm -qa |grep '^ulogd' | sed 's/-2\..*//') ; do echo ">>>> rpmlint -i $f"; rpmlint -i "$f"; done ) 2>&1

Note You need to log in before you can comment on or make changes to this bug.