[syslog-ng]logrotate question (not working with syslog-ng)...

syslog-ng@lists.balabit.hu syslog-ng@lists.balabit.hu
Thu, 10 Apr 2003 20:21:19 +0100 

It's perfectly possible to use logrotate on RedHat with syslog-ng... here's my
logrotate.conf
stripped of irrelevant detail:

$ cat /etc/logrotate.d/syslog-ng
/var/log/secure {
}

/var/log/maillog {
}

/var/log/spooler {
}
........
/var/log/messages {
     .......
    postrotate
        /etc/rc.d/init.d/syslog-ng reconfig
        .......
    endscript
}
$

And the corresponding tweaks to init script to allow for a reconfig option, plus
 some
extra features relating preventing syslog-ng restart when the config is broken,
emulating klogd,
and handling syslog-ng startup prior to named an ipchains
only central logging server with dns hostname lookup enabled..

$ cat /etc/rc.d/init.d/syslog-ng
#!/bin/sh
#
# syslog-ng        Starts syslog-ng
#
# chkconfig: 2345 30 99
# description: Syslog-ng is the facility by which many daemons use to log \
# messages to various system log files.  It is a good idea to always \
# run syslog-ng.

################################################################################

# Source function library.
if [ -d /etc/init.d ]; then
        . /etc/init.d/functions
else
        . /etc/rc.d/init.d/functions
fi

. /etc/sysconfig/network

if [ ${NETWORKING} = "no" ]
then
        exit 0
fi

# General security measures..
umask 077
ulimit -c 0

INIT_PROG="/usr/local/sbin/syslog-ng"    # Full path to daemon
INIT_CONF="/etc/syslog-ng/syslog-ng.conf"  # Full path to config
INIT_OPTS=""
PRINTKLEVEL=2

# Get per-service config overrides
if [ -f /etc/sysconfig/syslog-ng ]; then
        . /etc/sysconfig/syslog-ng
fi

[ -x $INIT_PROG ] || exit 1
[ -s $INIT_CONF ] || exit 1

INIT_NAME=`basename "$INIT_PROG"`

# Correct the setting of raw printk kernel logging to mimic klogd behaviour
printkset()
{
        currentprintk=`awk '{print $1}' /proc/sys/kernel/printk`
        if [ ${PRINTKLEVEL} -ne ${currentprintk} ]; then
                action "Setting kernel console default printk to ${PRINTKLEVEL}"
 dmesg -n ${PRINTKLEVEL}
        fi
}

validconfig()
{
        $INIT_PROG -s -f $INIT_CONF
        RETVAL=$?
        echo -n "Syslog-ng configuration check"
        [ $RETVAL -ne 0 ] && failure "Syslog-ng configuration check" && echo &&
exit 1
        [ $RETVAL -eq 0 ] && success "Syslog-ng configuration check" && echo
}

findsyslogchain ()
{
rulenum=`ipchains -L input --line-numbers |
         awk '{print $1,$2,$3,$5,$9}' |
         grep "DENY udp anywhere syslog" | awk '{print $1}' | sort -rn`
if [ "$rulenum" = "" ]; then
        rulenum=0
fi
#Chain input (policy ACCEPT):
#num  target     prot opt     source                destination           ports
#1    DENY       udp  ------  anywhere             anywhere              any ->
  syslog
}

isdnsrunning ()
{
        if [ -n "`/sbin/pidof named`" ]; then
                dnsrunning=1
        else
                dnsrunning=0
        fi
}

RETVAL=0

# See how we were called.
case "$1" in
  start)
        validconfig

        printkset

        isdnsrunning
        [ $dnsrunning -ne 1 ] && $0 local

        echo -n "Starting $INIT_NAME: "
        daemon --check $INIT_PROG "$INIT_PROG -f $INIT_CONF $INIT_OPTS"
        RETVAL=$?
        echo

        [ $dnsrunning -eq 1 ] && $0 remote

        [ $RETVAL -eq 0 ] && touch "/var/lock/subsys/${INIT_NAME}"

        # Warn sendmail that syslog has restarted
        /etc/rc.d/init.d/sendmail reconfig
        ;;

  stop)
        echo -n "Shutting down $INIT_NAME: "
        killproc $INIT_PROG
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f "/var/lock/subsys/${INIT_NAME}"
        ;;

  status)
        status $INIT_PROG
        #status klogd
        RETVAL=$?
        ;;

  reconfig)
        validconfig

        printkset

        isdnsrunning
        [ $dnsrunning -ne 1 ] && $0 local

        echo -n "Re-HUPing $INIT_NAME daemon"
        killproc $INIT_PROG -HUP
        RETVAL=$?
        echo

        [ $dnsrunning -eq 1 ] && $0 remote
        ;;

  restart|reload)
        $0 stop
        $0 start
        RETVAL=$?
        ;;

  local)
        findsyslogchain
        if [ "$rulenum" = "0" ]; then
                action "Disabling remote syslogging" ipchains -I input 1 -i eth+
 --proto udp --dport syslog -j DENY
                RETVAL=$?
        fi
        ;;

  remote)
        findsyslogchain
        if [ "$rulenum" != "0" ]; then
                for rule in `echo $rulenum`
                do
                        action "Enabling remote syslogging - remove ipchains
rule $rule" ipchains -D input ${rule}
                        RETVAL=$?
                done
        fi
        ;;

  validate)
        validconfig
        ;;

  printkset)
        printkset
        RETVAL=$?
        ;;

  *)
        echo "Usage: syslog
{start|stop|status|reconfig|restartlocal|remote|validate|printkset}"
        exit 1
esac

exit $RETVAL
$




************************************************************************************************
This E-mail message, including any attachments, is intended only for the person
or entity to which it is addressed, and may contain confidential information.
If you are not the intended recipient, any review, retransmission, disclosure,
copying, modification or other use of this E-mail message or attachments is
strictly forbidden.
If you have received this E-mail message in error, please contact the author and
delete the message and any attachments from your computer.
You are also advised that the views and opinions expressed in this E-mail
message and any attachments are the author's own, and may not reflect the views
and opinions of FLEXTECH Television Limited.
************************************************************************************************