diff options
Diffstat (limited to 'system/rsyslog/config')
-rw-r--r-- | system/rsyslog/config/rc.rsyslogd | 65 | ||||
-rw-r--r-- | system/rsyslog/config/rsyslog | 6 | ||||
-rw-r--r-- | system/rsyslog/config/rsyslog.conf | 107 |
3 files changed, 178 insertions, 0 deletions
diff --git a/system/rsyslog/config/rc.rsyslogd b/system/rsyslog/config/rc.rsyslogd new file mode 100644 index 0000000000..f12c369168 --- /dev/null +++ b/system/rsyslog/config/rc.rsyslogd @@ -0,0 +1,65 @@ +#!/bin/sh +# Start/stop/restart the system logging daemons. +# +# Written for Slackware Linux by Patrick J. Volkerding <volkerdi@slackware.com>. +# Modded for rsyslogd by Chris Elvidge <chris@lowe.ae> Sept 2005 +# slightly modified by ponce <matteo.bernardini@sns.it> Oct 2010 +# rsyslogd_reload added by Christophe Trussardi <chris@teria.org> Sept 2011 +# + +pidfile1=/var/run/rsyslogd.pid # native rsyslogd pid file +pidfile2=/var/run/syslogd.pid # spoof the "old" syslogd file + +create_xconsole() +{ + if [ ! -e /dev/xconsole ]; then + mknod -m 640 /dev/xconsole p + else + chmod 0640 /dev/xconsole + fi + chown 0:0 /dev/xconsole +} + +rsyslogd_start() { + if [ -x /usr/sbin/rsyslogd ]; then + echo "Starting rsyslogd daemon: " + echo "/usr/sbin/rsyslogd -c5 -i $pidfile1" + /usr/sbin/rsyslogd -c5 -i "$pidfile1" + cp "$pidfile1" "$pidfile2" + fi +} + +rsyslogd_stop() { + killall rsyslogd 2> /dev/null + /usr/bin/rm $pidfile1 2> /dev/null + /usr/bin/rm $pidfile2 2> /dev/null +} + +rsyslogd_restart() { + rsyslogd_stop + sleep 1 + rsyslogd_start +} + +rsyslogd_reload() { + echo "Reloading rsyslogd daemon: " + [ -f "$pidfile1" ] && /bin/kill -HUP $(cat $pidfile1) +} + +case "$1" in +'start') + create_xconsole + rsyslogd_start + ;; +'stop') + rsyslogd_stop + ;; +'restart') + rsyslogd_restart + ;; +'reload') + rsyslogd_reload + ;; +*) + echo "usage $0 start|stop|restart|reload" +esac diff --git a/system/rsyslog/config/rsyslog b/system/rsyslog/config/rsyslog new file mode 100644 index 0000000000..5b9fd1366a --- /dev/null +++ b/system/rsyslog/config/rsyslog @@ -0,0 +1,6 @@ +/var/log/cron /var/log/debug /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler /var/log/syslog { + sharedscripts + postrotate + /bin/kill -HUP $(cat /var/run/rsyslogd.pid 2>/dev/null) 2>/dev/null || true + endscript +} diff --git a/system/rsyslog/config/rsyslog.conf b/system/rsyslog/config/rsyslog.conf new file mode 100644 index 0000000000..26c6a744d7 --- /dev/null +++ b/system/rsyslog/config/rsyslog.conf @@ -0,0 +1,107 @@ +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/doc/rsyslog/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging +$ModLoad imklog # provides kernel logging support (previously done by rklogd) +$ModLoad immark # provides --MARK-- message capability + +# ######### Receiving Messages from Remote Hosts ########## +# TCP Syslog Server: +# provides TCP syslog reception and GSS-API (if compiled to support it) +#$ModLoad imtcp # load module +#$InputTCPServerRun 514 # start up TCP listener at port 514 + +# UDP Syslog Server: +#$ModLoad imudp # provides UDP syslog reception +#$UDPServerRun 514 # start a UDP syslog server at standard port 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Use traditional Slackware console log level +# +$klogConsoleLogLevel 3 + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup root +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Include all config files in /etc/rsyslog.d/ +# +#$IncludeConfig /etc/rsyslog.d/*.conf + + +############### +#### RULES #### +############### + +# Uncomment this to see kernel messages on the console. +#kern.* /dev/console + +# Log anything 'info' or higher, but lower than 'warn'. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.info;*.!warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/messages + +# Log anything 'warn' or higher. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/syslog + +# Debugging information is logged here. +*.=debug -/var/log/debug + +# Private authentication message logging: +authpriv.* -/var/log/secure + +# Cron related logs: +cron.* -/var/log/cron + +# Mail related logs: +mail.* -/var/log/maillog + +# Emergency level messages go to all users: +*.emerg * + +# This log is for news and uucp errors: +uucp,news.crit -/var/log/spooler + +# Uncomment these if you'd like INN to keep logs on everything. +# You won't need this if you don't run INN (the InterNetNews daemon). +#news.=crit -/var/log/news/news.crit +#news.=err -/var/log/news/news.err +#news.notice -/var/log/news/news.notice + +# ########## Remote Logging (we use TCP for reliable delivery) ########## +# An on-disk queue is created for this action. If the remote host is +# down, messages are spooled to disk and sent when it is up again. +#$WorkDirectory /rsyslog/spool # where to place spool files +#$ActionQueueFileName uniqName # unique name prefix for spool files +#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) +#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +#$ActionQueueType LinkedList # run asynchronously +#$ActionResumeRetryCount -1 # infinite retries if host is down +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @@remote-host:514 |