Bug in syntax checking in 2.0-rc1
I'm using 2.0-rc1 and found the following bug in syntax checking: $ syslog-ng -d -F -f /opt/mpd/vtec/etc/syslog-ng.conf Error in configuration, unresolved destination reference; filter='d_syslog_pipe' But running: $ syslog-ng -s -f /opt/mpd/vtec/etc/syslog-ng.conf ; echo $? 0 Returns 0, i.e. "syntax is OK!" This just caused me a great deal of headaches, because I use a script to generate my syslog-ng.conf and I couldn't figure out why syslog-ng refused to startup...the script checked the syntax at the end and it returned fine! I believe that the -s switch should mean "if it returns zero, then when you fire up syslog-ng, it *will* start up and begin functioning." -- Paul Krizak 5900 E. Ben White Blvd. MS 625 Advanced Micro Devices Austin, TX 78741 Linux/Unix Systems Engineering Phone: (512) 602-8775 Microprocessor Solutions Sector
On Thu, 13 Jul 2006 18:52:23 CDT, Paul Krizak said:
$ syslog-ng -d -F -f /opt/mpd/vtec/etc/syslog-ng.conf Error in configuration, unresolved destination reference; filter='d_syslog_pipe'
The syntax is fine, it's the semantics that's screwed up here. You had a syntactically correct line that referenced a bad destination.
I believe that the -s switch should mean "if it returns zero, then when you fire up syslog-ng, it *will* start up and begin functioning."
No. The -s switch *can't* guarantee that. Consider all the ways it can fail on the way up - everything from being unable to bind port 514 for listening to not being able to exec() the binary for a destination that pipes to a program. It's even possible that if you run the -s as one user, but actually launch it as root, it will fail because it can't read its config file (consider a /etc/ syslog.conf that's on an NFS mount in a cluster, owned by a user 'syslog' and mode 640 - and the mount squashes root access to 'nobody').
Good points, Valdis. Guess I was mostly just bitter about having beaten my head on the problem assuming that the -s switch was doing more than it really did. However, I'd argue that in this one specific case, i.e. a log statement referencing a non-existent source, destination, filter, etc. that it *is* something that -s should check for. After all, this type of problem *guarantees* that syslog-ng will not be able to start up if passed this configuration file. More specifically, syslog-ng does this sanity check before starting up. Why can't it do the same sanity check when doing a syntax check? Obviously it's a bit extreme to expect that passing the -s check will guarantee startup success, but I do think that checking for undefined references in the config file is an appropriate check for -s to do. Paul Krizak 5900 E. Ben White Blvd. MS 625 Advanced Micro Devices Austin, TX 78741 Linux/Unix Systems Engineering Phone: (512) 602-8775 Microprocessor Solutions Sector Cell: (512) 791-0686 Valdis.Kletnieks@vt.edu wrote:
On Thu, 13 Jul 2006 18:52:23 CDT, Paul Krizak said:
$ syslog-ng -d -F -f /opt/mpd/vtec/etc/syslog-ng.conf Error in configuration, unresolved destination reference; filter='d_syslog_pipe'
The syntax is fine, it's the semantics that's screwed up here.
You had a syntactically correct line that referenced a bad destination.
I believe that the -s switch should mean "if it returns zero, then when you fire up syslog-ng, it *will* start up and begin functioning."
No.
The -s switch *can't* guarantee that. Consider all the ways it can fail on the way up - everything from being unable to bind port 514 for listening to not being able to exec() the binary for a destination that pipes to a program.
It's even possible that if you run the -s as one user, but actually launch it as root, it will fail because it can't read its config file (consider a /etc/ syslog.conf that's on an NFS mount in a cluster, owned by a user 'syslog' and mode 640 - and the mount squashes root access to 'nobody').
------------------------------------------------------------------------
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
I must agree. This one's bitten me a time or two as well. I would like to see the addition of "undefined reference" checking to the -s option, if possible. Thank you, Chris Whipple Sr. Security Analyst Unix Security Group The Hertz Corporation 5601 NW Expressway Oklahoma City, OK 73132, USA cwhipple@hertz.com To "Syslog-ng users' and developers' mailing list" "Paul Krizak" <syslog-ng@lists.balabit.hu> <paul.krizak@amd.com> cc Sent by: syslog-ng-bounces@lists.bala Subject bit.hu Re: [syslog-ng] Bug in syntax checking in 2.0-rc1 07/14/2006 02:50 PM Please respond to "Syslog-ng users' and developers' mailing list" <syslog-ng@lists.balabit.hu> Good points, Valdis. Guess I was mostly just bitter about having beaten my head on the problem assuming that the -s switch was doing more than it really did. However, I'd argue that in this one specific case, i.e. a log statement referencing a non-existent source, destination, filter, etc. that it *is* something that -s should check for. After all, this type of problem *guarantees* that syslog-ng will not be able to start up if passed this configuration file. More specifically, syslog-ng does this sanity check before starting up. Why can't it do the same sanity check when doing a syntax check? Obviously it's a bit extreme to expect that passing the -s check will guarantee startup success, but I do think that checking for undefined references in the config file is an appropriate check for -s to do. Paul Krizak 5900 E. Ben White Blvd. MS 625 Advanced Micro Devices Austin, TX 78741 Linux/Unix Systems Engineering Phone: (512) 602-8775 Microprocessor Solutions Sector Cell: (512) 791-0686 Valdis.Kletnieks@vt.edu wrote:
On Thu, 13 Jul 2006 18:52:23 CDT, Paul Krizak said:
$ syslog-ng -d -F -f /opt/mpd/vtec/etc/syslog-ng.conf Error in configuration, unresolved destination reference; filter='d_syslog_pipe'
The syntax is fine, it's the semantics that's screwed up here.
You had a syntactically correct line that referenced a bad destination.
I believe that the -s switch should mean "if it returns zero, then when you fire up syslog-ng, it *will* start up and begin functioning."
No.
The -s switch *can't* guarantee that. Consider all the ways it can fail on the way up - everything from being unable to bind port 514 for listening to not being able to exec() the binary for a destination that pipes to a program.
It's even possible that if you run the -s as one user, but actually launch it as root, it will fail because it can't read its config file (consider a /etc/ syslog.conf that's on an NFS mount in a cluster, owned by a user 'syslog' and mode 640 - and the mount squashes root access to 'nobody').
------------------------------------------------------------------------
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html --------------- This message (including attachments) may contain information that is privileged, confidential or protected from disclosure. If you are not the intended recipient, you are hereby notified that dissemination, disclosure, copying, distribution or use of this message or any information contained in it is strictly prohibited. If you have received this message in error, please immediately notify the sender by reply e-mail and delete this message from your computer. Although we have taken steps to ensure that this e-mail and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. ---------------
participants (3)
-
Chris Whipple
-
Paul Krizak
-
Valdis.Kletnieks@vt.edu