[syslog-ng] Bug in syntax checking in 2.0-rc1

Paul Krizak paul.krizak at amd.com
Fri Jul 14 21:50:07 CEST 2006 

Good points, Valdis.

Guess I was mostly just bitter about having beaten my head on the 
problem assuming that the -s switch was doing more than it really did.

However, I'd argue that in this one specific case, i.e. a log statement 
referencing a non-existent source, destination, filter, etc. that it 
*is* something that -s should check for.  After all, this type of 
problem *guarantees* that syslog-ng will not be able to start up if 
passed this configuration file.  More specifically, syslog-ng does this 
sanity check before starting up.  Why can't it do the same sanity check 
when doing a syntax check?

Obviously it's a bit extreme to expect that passing the -s check will 
guarantee startup success, but I do think that checking for undefined 
references in the config file is an appropriate check for -s to do.

Paul Krizak                         5900 E. Ben White Blvd. MS 625
Advanced Micro Devices              Austin, TX  78741
Linux/Unix Systems Engineering      Phone: (512) 602-8775
Microprocessor Solutions Sector     Cell:  (512) 791-0686


Valdis.Kletnieks at vt.edu wrote:
> On Thu, 13 Jul 2006 18:52:23 CDT, Paul Krizak said:
>> $ syslog-ng -d -F -f /opt/mpd/vtec/etc/syslog-ng.conf
>> Error in configuration, unresolved destination reference; 
>> filter='d_syslog_pipe'
> 
> The syntax is fine, it's the semantics that's screwed up here.
> 
> You had a syntactically correct line that referenced a bad destination.
> 
>> I believe that the -s switch should mean "if it returns zero, then when 
>> you fire up syslog-ng, it *will* start up and begin functioning."
> 
> No.
> 
> The -s switch *can't* guarantee that.  Consider all the ways it can
> fail on the way up - everything from being unable to bind port 514 for
> listening to not being able to exec() the binary for a destination that
> pipes to a program.
> 
> It's even possible that if you run the -s as one user, but actually launch it
> as root, it will fail because it can't read its config file (consider a /etc/
> syslog.conf that's on an NFS mount in a cluster, owned by a user 'syslog' and
> mode 640 - and the mount squashes root access to 'nobody').
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>

More information about the syslog-ng mailing list