Bug #5799
closed
system technique can only setup log settings *once* on syslog-ng
Added by Florian Heigl about 10 years ago.
Updated almost 9 years ago.
Category:
System techniques
Description
The code to edit the respective syslog config files (i.e. syslog-ng) is not imdempotent.
If the entry is updated, it will at best create a second one.
The effect: i.e. the tcp/udp decision has to be made prior to clients applying the system techniques for the first time or it will be wrong on all clients and stay like it.
If they are meant to only run once in a lifetime, then please close and disregard.
Hi Florian,
The configuration is expected to be idempotent, it looks at the server it sends to, and compares to the server it should send it to, but the comparaison checks also for udp/tcp (actually, always tcp unless on old syslog)
the issue here is that you changed the format, breaking the comparision
we should update the comparision to handle this case, but this does not happen in "standart" usage.
Note: rsyslog should be immune to this issue
Nuuuuu?
I don; think i changed the format, i'll paste examples after reproducing. Only changed the word tcp to the word udp.
Oh, i must have not been clear.
Changing the work tcp to udp changes the format of the line for the comparision (it looks with a strict regex at lines that contains tcp)
- Status changed from New to Pending technical review
- Assignee set to Jonathan CLARKE
- Priority changed from N/A to 3
- Target version set to 2.6.20
- % Done changed from 0 to 100
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/593
PR is ready: https://github.com/Normation/rudder-techniques/pull/593
Well, I see no "clean" way of doing this...
"syslog_conf_comment" string => "# Autogenerated by rudder, do not edit${const.n}";
"syslog_ng_conf_prefix" string => "filter f_local_rudder{facility(local6) and program(\"rudder.*\");};destination loghost {tcp(\"";
"syslog_ng_conf_suffix" string => "\" port (&SYSLOGPORT&));};log {source(${syslog_ng_source});filter(f_local_rudder);destination(loghost);";
"syslog_ng_conf_final" string => "flags(final);};";
"syslog_ng_conf" string => concat("${syslog_conf_comment}", "${syslog_ng_conf_prefix}", "${server_info.cfserved}", "${syslog_ng_conf_suffix}", "${syslog_ng_conf_final}");
"syslog_ng_conf_regex" string => concat("filter\ f\_local\_rudder\{facility\(local6\)\ and\ program\(\"rudder\.\*\"\)\;\}\;destination\ loghost\ \{(tcp|udp)\(\"", "[^\"]+", escape("${syslog_ng_conf_suffix}"), ".*");
I hope syslog-ng will support on all OS versions we work with a syslog-ng.d dir or something, so we can do something cleaner...
- Subject changed from system technique can only setup log settings *once* to system technique can only setup log settings *once* on syslog-ng
This only applied to syslog-ng, neither syslogd or rsyslog.
- Status changed from Pending technical review to Pending release
Applied in changeset policy-templates:commit:39ca4bd861bbd4f8b2a11563de4e76191c87981b.
Applied in changeset policy-templates:commit:49003e616ce3613311759e6de16bc3832ce89b8a.
- Target version changed from 2.6.20 to 2.10.8
2.6.20 will n ot be released, those issue will be fixed in 2.10.8
- Status changed from Pending release to Released
This bug has been fixed in Rudder 2.10.8 and 2.11.5, which were released today (16/12/14)
- Target version changed from 2.10.8 to 2.6.20
- Related to Bug #7635: syslog-ng's loghost regex does not match with set line added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Matthieu CERDA 
Updated by Jonathan CLARKE 
Updated by 
Updated by