diff options
Diffstat (limited to 'app-admin/syslog-ng/files')
4 files changed, 151 insertions, 383 deletions
diff --git a/app-admin/syslog-ng/files/patches/syslog-ng-fno-common.patch b/app-admin/syslog-ng/files/patches/syslog-ng-fno-common.patch deleted file mode 100644 index abec9213cd18..000000000000 --- a/app-admin/syslog-ng/files/patches/syslog-ng-fno-common.patch +++ /dev/null @@ -1,320 +0,0 @@ -diff --git a/CMakeLists.txt b/CMakeLists.txt -index e9b4183fc..1f8f16c13 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -331,8 +331,7 @@ endif() - add_custom_target(check COMMAND ${CMAKE_CTEST_COMMAND} -j $$(nproc) --output-on-failure) - - set(IMPORTANT_WARNINGS -- -Wshadow -- -fcommon) -+ -Wshadow) - - set(ACCEPTABLE_WARNINGS - -Wno-stack-protector -diff --git a/Makefile.am b/Makefile.am -index 8b24eeaed..86c090638 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -54,8 +54,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir)/modules -I$(top_builddir)/lib - - # Important warnings - AM_CFLAGS = \ -- -Wshadow \ -- -fcommon -+ -Wshadow - - # Acceptable warnings - AM_CFLAGS += \ -diff --git a/lib/logmsg/tests/test_log_message.c b/lib/logmsg/tests/test_log_message.c -index 245568ce5..e51d78b94 100644 ---- a/lib/logmsg/tests/test_log_message.c -+++ b/lib/logmsg/tests/test_log_message.c -@@ -32,6 +32,8 @@ - #include <stdlib.h> - #include <glib/gprintf.h> - -+MsgFormatOptions parse_options; -+ - typedef struct _LogMessageTestParams - { - LogMessage *message; -@@ -151,7 +153,7 @@ void - setup(void) - { - app_startup(); -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - } - - void -diff --git a/libtest/cr_template.c b/libtest/cr_template.c -index 35e47aa3f..4f0913368 100644 ---- a/libtest/cr_template.c -+++ b/libtest/cr_template.c -@@ -34,10 +34,12 @@ - - #include "msg_parse_lib.h" - -+static MsgFormatOptions parse_options; -+ - void - init_template_tests(void) - { -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - } - - void -diff --git a/libtest/msg_parse_lib.c b/libtest/msg_parse_lib.c -index ae0d1654b..b3c7cb652 100644 ---- a/libtest/msg_parse_lib.c -+++ b/libtest/msg_parse_lib.c -@@ -27,15 +27,13 @@ - - #include <criterion/criterion.h> - --MsgFormatOptions parse_options; -- - void --init_and_load_syslogformat_module(void) -+init_parse_options_and_load_syslogformat(MsgFormatOptions *parse_options) - { - configuration = cfg_new_snippet(); - cfg_load_module(configuration, "syslogformat"); -- msg_format_options_defaults(&parse_options); -- msg_format_options_init(&parse_options, configuration); -+ msg_format_options_defaults(parse_options); -+ msg_format_options_init(parse_options, configuration); - } - - void -diff --git a/libtest/msg_parse_lib.h b/libtest/msg_parse_lib.h -index d86f178c2..5a9b4277b 100644 ---- a/libtest/msg_parse_lib.h -+++ b/libtest/msg_parse_lib.h -@@ -30,9 +30,7 @@ - #include "cfg.h" - #include "logmsg/logmsg.h" - --extern MsgFormatOptions parse_options; -- --void init_and_load_syslogformat_module(void); -+void init_parse_options_and_load_syslogformat(MsgFormatOptions *parse_options); - void deinit_syslogformat_module(void); - - void assert_log_messages_equal(LogMessage *log_message_a, LogMessage *log_message_b); -diff --git a/libtest/proto_lib.c b/libtest/proto_lib.c -index b69195865..105e390b9 100644 ---- a/libtest/proto_lib.c -+++ b/libtest/proto_lib.c -@@ -23,7 +23,7 @@ - */ - - #include "proto_lib.h" --#include "msg_parse_lib.h" -+#include "cfg.h" - - #include <string.h> - #include <criterion/criterion.h> -@@ -164,7 +164,8 @@ assert_proto_server_fetch_ignored_eof(LogProtoServer *proto) - void - init_proto_tests(void) - { -- init_and_load_syslogformat_module(); -+ configuration = cfg_new_snippet(); -+ cfg_load_module(configuration, "syslogformat"); - log_proto_server_options_defaults(&proto_server_options); - } - -@@ -172,5 +173,7 @@ void - deinit_proto_tests(void) - { - log_proto_server_options_destroy(&proto_server_options); -- deinit_syslogformat_module(); -+ -+ if (configuration) -+ cfg_free(configuration); - } -diff --git a/modules/linux-kmsg-format/tests/test_linux_format_kmsg.c b/modules/linux-kmsg-format/tests/test_linux_format_kmsg.c -index 79a4b97ad..d4d0d45a9 100644 ---- a/modules/linux-kmsg-format/tests/test_linux_format_kmsg.c -+++ b/modules/linux-kmsg-format/tests/test_linux_format_kmsg.c -@@ -31,6 +31,8 @@ - - #include <criterion/criterion.h> - -+MsgFormatOptions parse_options; -+ - static LogMessage * - kmsg_parse_message(const gchar *raw_message_str) - { -diff --git a/modules/python/tests/test_python_logmsg.c b/modules/python/tests/test_python_logmsg.c -index 9a0343b07..51651ee9d 100644 ---- a/modules/python/tests/test_python_logmsg.c -+++ b/modules/python/tests/test_python_logmsg.c -@@ -30,6 +30,8 @@ - static PyObject *_python_main; - static PyObject *_python_main_dict; - -+MsgFormatOptions parse_options; -+ - static void - _py_init_interpreter(void) - { -@@ -95,7 +97,7 @@ void setup(void) - { - app_startup(); - -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - - _py_init_interpreter(); - _init_python_main(); -diff --git a/modules/stardate/tests/test_stardate.c b/modules/stardate/tests/test_stardate.c -index e48cfb6cd..7d55fc1d0 100644 ---- a/modules/stardate/tests/test_stardate.c -+++ b/modules/stardate/tests/test_stardate.c -@@ -33,6 +33,8 @@ - - #include "msg_parse_lib.h" - -+MsgFormatOptions parse_options; -+ - void - stardate_assert(const gchar *msg_str, const int precision, const gchar *expected) - { -@@ -58,6 +60,7 @@ void - setup(void) - { - app_startup(); -+ init_parse_options_and_load_syslogformat(&parse_options); - init_template_tests(); - cfg_load_module(configuration, "stardate"); - } -@@ -66,6 +69,7 @@ void - teardown(void) - { - deinit_template_tests(); -+ deinit_syslogformat_module(); - app_shutdown(); - } - -diff --git a/persist-tool/add.h b/persist-tool/add.h -index 981e0cc61..2d3524cb0 100644 ---- a/persist-tool/add.h -+++ b/persist-tool/add.h -@@ -32,8 +32,8 @@ - #include "cfg.h" - #include "persist-tool.h" - --gchar *persist_state_dir; --gchar *persist_state_name; -+extern gchar *persist_state_dir; -+extern gchar *persist_state_name; - - gint add_main(int argc, char *argv[]); - -diff --git a/persist-tool/generate.h b/persist-tool/generate.h -index 237a8ae24..34f7dfec9 100644 ---- a/persist-tool/generate.h -+++ b/persist-tool/generate.h -@@ -32,8 +32,8 @@ - #include "persist-state.h" - #include "cfg.h" - --gboolean force_generate; --gchar *generate_output_dir; -+extern gboolean force_generate; -+extern gchar *generate_output_dir; - - gint generate_main(int argc, char *argv[]); - -diff --git a/persist-tool/persist-tool.c b/persist-tool/persist-tool.c -index fd96c856d..4e4adc88f 100644 ---- a/persist-tool/persist-tool.c -+++ b/persist-tool/persist-tool.c -@@ -135,11 +135,17 @@ void persist_tool_free(PersistTool *self) - g_free(self); - } - -+gchar *persist_state_dir; -+gchar *persist_state_name; -+gboolean force_generate; -+gchar *generate_output_dir; -+ - static GOptionEntry dump_options[] = - { - { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL } - }; - -+ - static GOptionEntry add_options[] = - { - { "output-dir", 'o', 0, G_OPTION_ARG_STRING, &persist_state_dir, "The directory where persist file is located.", "<directory>" }, -diff --git a/tests/unit/test_clone_logmsg.c b/tests/unit/test_clone_logmsg.c -index 57c0b181f..7b738b1e5 100644 ---- a/tests/unit/test_clone_logmsg.c -+++ b/tests/unit/test_clone_logmsg.c -@@ -38,6 +38,8 @@ - #include <stdlib.h> - #include <stdio.h> - -+MsgFormatOptions parse_options; -+ - void - assert_new_log_message_attributes(LogMessage *log_message) - { -@@ -69,7 +71,7 @@ void - setup(void) - { - app_startup(); -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - } - - void -diff --git a/tests/unit/test_matcher.c b/tests/unit/test_matcher.c -index a92c8e458..d43755bea 100644 ---- a/tests/unit/test_matcher.c -+++ b/tests/unit/test_matcher.c -@@ -31,6 +31,8 @@ - #include <stdlib.h> - #include <string.h> - -+MsgFormatOptions parse_options; -+ - static LogMessage * - _create_log_message(const gchar *log) - { -@@ -128,7 +130,7 @@ void - setup(void) - { - app_startup(); -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - } - - void -diff --git a/tests/unit/test_msgparse.c b/tests/unit/test_msgparse.c -index 6b9e1045f..0ed91f638 100644 ---- a/tests/unit/test_msgparse.c -+++ b/tests/unit/test_msgparse.c -@@ -49,6 +49,8 @@ struct sdata_pair - struct sdata_pair ignore_sdata_pairs[] = { { NULL, NULL } }; - struct sdata_pair empty_sdata_pairs[] = { { NULL, NULL } }; - -+MsgFormatOptions parse_options; -+ - static unsigned long - _absolute_value(signed long diff) - { -@@ -130,7 +132,7 @@ setup(void) - app_startup(); - setenv("TZ", "MET-1METDST", TRUE); - tzset(); -- init_and_load_syslogformat_module(); -+ init_parse_options_and_load_syslogformat(&parse_options); - /* Fri Feb 8 09:37:49 CET 2019 */ - fake_time(1549615069); - } diff --git a/app-admin/syslog-ng/files/patches/syslog-ng-glib-2.64-support.patch b/app-admin/syslog-ng/files/patches/syslog-ng-glib-2.64-support.patch deleted file mode 100644 index fdd98624a6ea..000000000000 --- a/app-admin/syslog-ng/files/patches/syslog-ng-glib-2.64-support.patch +++ /dev/null @@ -1,63 +0,0 @@ -diff --git a/lib/compat/glib.c b/lib/compat/glib.c -index 8b6e52447..5b8ed8891 100644 ---- a/lib/compat/glib.c -+++ b/lib/compat/glib.c -@@ -315,3 +315,18 @@ slng_g_hash_table_insert(GHashTable *hash_table, gpointer key, gpointer value) - return exists; - } - #endif -+ -+ -+#if !GLIB_CHECK_VERSION(2, 64, 0) -+gunichar -+g_utf8_get_char_validated_fixed(const gchar *p, gssize max_len) -+{ -+ // https://github.com/GNOME/glib/commit/1963821a57584b4674c20895e8a5adccd2d9effd -+ -+#undef g_utf8_get_char_validated -+ if (*p == '\0' && max_len > 0) -+ return (gunichar)-2; -+ -+ return g_utf8_get_char_validated(p, max_len); -+} -+#endif -diff --git a/lib/compat/glib.h b/lib/compat/glib.h -index a9782ed2d..0fbdbd12d 100644 ---- a/lib/compat/glib.h -+++ b/lib/compat/glib.h -@@ -109,4 +109,9 @@ gchar *g_base64_encode_fixed(const guchar *data, gsize len); - gboolean slng_g_hash_table_insert (GHashTable *hash_table, gpointer key, gpointer value); - #endif - -+#if !GLIB_CHECK_VERSION(2, 64, 0) -+#define g_utf8_get_char_validated g_utf8_get_char_validated_fixed -+gunichar g_utf8_get_char_validated_fixed (const gchar *p, gssize max_len); -+#endif -+ - #endif -diff --git a/modules/cef/tests/test-format-cef-extension.c b/modules/cef/tests/test-format-cef-extension.c -index d7f6ee3c1..f4233f96f 100644 ---- a/modules/cef/tests/test-format-cef-extension.c -+++ b/modules/cef/tests/test-format-cef-extension.c -@@ -104,7 +104,7 @@ Test(format_cef, test_null_in_value) - - configuration->template_options.on_error = ON_ERROR_DROP_MESSAGE | ON_ERROR_SILENT; - log_msg_set_value_by_name(msg, ".cef.k", "a\0b", 3); -- assert_template_format_msg("$(format-cef-extension --subkeys .cef.)", "k=a\\u0000b", msg); -+ assert_template_format_msg("$(format-cef-extension --subkeys .cef.)", "k=a\\x00b", msg); - log_msg_unref(msg); - } - -diff --git a/modules/json/tests/test_format_json.c b/modules/json/tests/test_format_json.c -index 92c61e9f1..1224ddb33 100644 ---- a/modules/json/tests/test_format_json.c -+++ b/modules/json/tests/test_format_json.c -@@ -55,7 +55,7 @@ Test(format_json, test_format_json) - assert_template_format("$(format-json MSG=$escaping)", - "{\"MSG\":\"binary stuff follows \\\"\\\\xad árvíztűrőtükörfúrógép\"}"); - assert_template_format("$(format-json MSG=$escaping2)", "{\"MSG\":\"\\\\xc3\"}"); -- assert_template_format("$(format-json MSG=$null)", "{\"MSG\":\"binary\\u0000stuff\"}"); -+ assert_template_format("$(format-json MSG=$null)", "{\"MSG\":\"binary\\\\x00stuff\"}"); - assert_template_format_with_context("$(format-json MSG=$MSG)", - "{\"MSG\":\"árvíztűrőtükörfúrógép\"}{\"MSG\":\"árvíztűrőtükörfúrógép\"}"); - assert_template_format("$(format-json --scope rfc3164)", diff --git a/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened.in-r1 b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened.in-r1 new file mode 100644 index 000000000000..fe3b6ee99a99 --- /dev/null +++ b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened.in-r1 @@ -0,0 +1,115 @@ +@version: @SYSLOGNG_VERSION@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# https://bugs.gentoo.org/426814 +@include "scl.conf" + +# +# Syslog-ng configuration file, compatible with default hardened installations. +# + +options { + threaded(yes); + chain_hostnames(no); + stats(freq(43200)); +}; + +source src { + system(); + internal(); +}; + +source kernsrc { + file("/proc/kmsg"); +}; + +#source net { udp(); }; +#log { source(net); destination(net_logs); }; +#destination net_logs { file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); }; + +destination authlog { file("/var/log/auth.log"); }; +destination _syslog { file("/var/log/syslog"); }; +destination cron { file("/var/log/cron.log"); }; +destination daemon { file("/var/log/daemon.log"); }; +destination kern { file("/var/log/kern.log"); }; +destination lpr { file("/var/log/lpr.log"); }; +destination user { file("/var/log/user.log"); }; +destination uucp { file("/var/log/uucp.log"); }; +#destination ppp { file("/var/log/ppp.log"); }; +destination mail { file("/var/log/mail.log"); }; + +destination avc { file("/var/log/avc.log"); }; +destination audit { file("/var/log/audit.log"); }; +destination pax { file("/var/log/pax.log"); }; +destination grsec { file("/var/log/grsec.log"); }; + +destination mailinfo { file("/var/log/mail.info"); }; +destination mailwarn { file("/var/log/mail.warn"); }; +destination mailerr { file("/var/log/mail.err"); }; + +destination newscrit { file("/var/log/news/news.crit"); }; +destination newserr { file("/var/log/news/news.err"); }; +destination newsnotice { file("/var/log/news/news.notice"); }; + +destination debug { file("/var/log/debug"); }; +destination messages { file("/var/log/messages"); }; +destination console { usertty("root"); }; +destination console_all { file("/dev/tty12"); }; +#destination loghost { udp("loghost" port(999)); }; + +destination xconsole { pipe("/dev/xconsole"); }; + +filter f_auth { facility(auth); }; +filter f_authpriv { facility(auth, authpriv); }; +filter f_syslog { not facility(authpriv, mail); }; +filter f_cron { facility(cron); }; +filter f_daemon { facility(daemon); }; +filter f_kern { facility(kern); }; +filter f_lpr { facility(lpr); }; +filter f_mail { facility(mail); }; +filter f_user { facility(user); }; +filter f_uucp { facility(uucp); }; +#filter f_ppp { facility(ppp); }; +filter f_news { facility(news); }; +filter f_debug { not facility(auth, authpriv, news, mail); }; +filter f_messages { level(info..warn) + and not facility(auth, authpriv, mail, news); }; +filter f_emergency { level(emerg); }; + +filter f_info { level(info); }; + +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_crit { level(crit); }; +filter f_err { level(err); }; + +filter f_avc { message(".*avc: .*"); }; +filter f_audit { message("^(\\[.*\..*\] |)audit.*") and not message(".*avc: .*"); }; +filter f_pax { message("^(\\[.*\..*\] |)PAX:.*"); }; +filter f_grsec { message("^(\\[.*\..*\] |)grsec:.*"); }; + +log { source(src); filter(f_authpriv); destination(authlog); }; +log { source(src); filter(f_syslog); destination(_syslog); }; +log { source(src); filter(f_cron); destination(cron); }; +log { source(src); filter(f_daemon); destination(daemon); }; +log { source(kernsrc); filter(f_kern); destination(kern); destination(console_all); }; +log { source(src); filter(f_lpr); destination(lpr); }; +log { source(src); filter(f_mail); destination(mail); }; +log { source(src); filter(f_user); destination(user); }; +log { source(src); filter(f_uucp); destination(uucp); }; +log { source(kernsrc); filter(f_pax); destination(pax); }; +log { source(kernsrc); filter(f_grsec); destination(grsec); }; +log { source(kernsrc); filter(f_audit); destination(audit); }; +log { source(kernsrc); filter(f_avc); destination(avc); }; +log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); }; +log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); }; +log { source(src); filter(f_mail); filter(f_err); destination(mailerr); }; +log { source(src); filter(f_news); filter(f_crit); destination(newscrit); }; +log { source(src); filter(f_news); filter(f_err); destination(newserr); }; +log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); }; +log { source(src); filter(f_debug); destination(debug); }; +log { source(src); filter(f_messages); destination(messages); }; +log { source(src); filter(f_emergency); destination(console); }; +#log { source(src); filter(f_ppp); destination(ppp); }; +log { source(src); destination(console_all); }; diff --git a/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.in-r1 b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.in-r1 new file mode 100644 index 000000000000..9940491ec78f --- /dev/null +++ b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.in-r1 @@ -0,0 +1,36 @@ +@version: @SYSLOGNG_VERSION@ +# +# Syslog-ng default configuration file for Gentoo Linux + +# https://bugs.gentoo.org/426814 +@include "scl.conf" + +options { + threaded(yes); + chain_hostnames(no); + + # The default action of syslog-ng is to log a STATS line + # to the file every 10 minutes. That's pretty ugly after a while. + # Change it to every 12 hours so you get a nice daily update of + # how many messages syslog-ng missed (0). + stats(freq(43200)); + # The default action of syslog-ng is to log a MARK line + # to the file every 20 minutes. That's seems high for most + # people so turn it down to once an hour. Set it to zero + # if you don't want the functionality at all. + mark_freq(3600); +}; + +source src { system(); internal(); }; + +destination messages { file("/var/log/messages"); }; + +# By default messages are logged to tty12... +destination console_all { file("/dev/tty12"); }; +# ...if you intend to use /dev/console for programs like xconsole +# you can comment out the destination line above that references /dev/tty12 +# and uncomment the line below. +#destination console_all { file("/dev/console"); }; + +log { source(src); destination(messages); }; +log { source(src); destination(console_all); }; |