Bug 713965 - [regression] broken $HOST after upgrade to 3.2.4
Summary: [regression] broken $HOST after upgrade to 3.2.4
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: syslog-ng
Version: el6
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ---
Assignee: Jose Pedro Oliveira
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-06-16 22:31 UTC by Enrico Scholz
Modified: 2011-07-12 22:24 UTC (History)
4 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2011-07-12 22:24:26 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
BalaBit 124 None None None Never

Description Enrico Scholz 2011-06-16 22:31:08 UTC
Description of problem:

recent upgrade from 3.1.4 to 3.2.4 breaks existing logging because local logsources are now expressed as 'hostname/hostname' instead of 'localhost@hostname'.  Beside the changed name, the '/' prevents creation of logfiles based on $FULLHOST.



E.g. the sample configuration

-----
@version:3.2
###################################################################
####
#### DO NOT EDIT THIS FILE!
#### This file is managed by cfengine; any manual changes will be overridden
####
###################################################################

options { flush_lines (0);
          time_reopen (10);
          log_fifo_size (16384);
          long_hostnames (off);
          use_dns (no);
          use_fqdn (no);
          create_dirs (no);
          keep_hostname (yes);
	  chain_hostnames (yes);
        };

source localhost {
        unix-stream ("/dev/log");
	file("/proc/kmsg" program_override("kernel"));
        internal();
};

destination stunnel {
	tcp("127.0.0.1" port(520));
	tcp("127.0.0.1" port(521));
};

## Common block for kernel-logging
filter f_kern           { facility(kern); };
filter f_min_emerg      { level(emerg); };
filter f_min_alert      { level(alert..emerg); };
filter f_min_crit       { level(crit..emerg);  };
filter f_min_err        { level(err..emerg);   };
filter f_min_warn       { level(warn..emerg);  };

filter f_kern_err       { filter(f_kern) and filter(f_min_warn);  };
filter f_kern_crit	{ filter(f_kern) and filter(f_min_crit); };

destination d_kern	{ file("/var/log/kernel" fsync(yes) perm(0644)); };
destination d_cons	{ file("/dev/console"); };

log			{ filter(f_kern_err);  source(localhost); destination(d_kern); };
log			{ filter(f_kern_crit); source(localhost); destination(d_cons); };
## End kernel-logging block}

log { destination(stunnel); flags(catch-all); };
-----

on a client logs to a server with

| destination d_iptables	{ file("/var/log/remote/IPTABLES/log.$FULLHOST" sync(10)); };


With 3.1.4 it wrote e.g. to 'log.localhost@walther'. Now, it fails with

| Error opening file for writing; filename='/var/log/remote/IPTABLES/log.walther/walther', error='No such file or directory (2)'


Version-Release number of selected component (if applicable):

syslog-ng-3.2.4-1.el6.x86_64

Comment 1 Jose Pedro Oliveira 2011-06-17 01:03:50 UTC
Enrico,

Thanks for the upstream bug report:

 * [regression] broken $FULLHOST after upgrade to 3.2.4
   https://bugzilla.balabit.com/show_bug.cgi?id=124

Comment 2 Jose Pedro Oliveira 2011-06-27 14:02:53 UTC
Upstream fix:

 * fixed chain-hostnames() processing
   http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=2db971fc37471e39f6a8b34595ca23833166831e

Comment 3 Jose Pedro Oliveira 2011-06-27 14:52:14 UTC
Rawhide build:

 * syslog-ng-3.2.4-6.fc16
   http://koji.fedoraproject.org/koji/buildinfo?buildID=250498

Warning: this build is for systemd systems; it also has SQL and Capabilities support enabled.

Comment 4 Fedora Update System 2011-06-27 18:08:01 UTC
syslog-ng-3.2.4-2.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/syslog-ng-3.2.4-2.el6

Comment 5 Fedora Update System 2011-06-28 15:46:31 UTC
Package syslog-ng-3.2.4-2.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing syslog-ng-3.2.4-2.el6'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/syslog-ng-3.2.4-2.el6
then log in and leave karma (feedback).

Comment 6 Fedora Update System 2011-07-12 22:24:19 UTC
syslog-ng-3.2.4-2.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.