diff --git a/Changelog.md b/Changelog.md index 09298ce..8822c65 100644 --- a/Changelog.md +++ b/Changelog.md @@ -5,6 +5,7 @@ * `my_init` no longer reads from and writes to `/etc/container_environment` if that directory does not exist. Previously it would abort with an error. This change makes it easier to reuse `my_init` in other (non-Baseimage-docker-based) projects without having to modify it. * Baseimage-docker no longer sets the HOME environment variable by default. We used to set HOME by default to work around a Docker issue where HOME defaults to /, but this issue is now gone. Furthermore, the fact that we set HOME interfered with the USER stanza: USER would no longer set HOME. So we got rid of our HOME variable. Closes GH-231. * Some unnecessary Ubuntu cron jobs have been removed. Closes GH-205. + * Syslog-ng no longer forwards messages to /dev/tty10. Closes GH-222. ## 0.9.16 (release date: 2015-01-20) diff --git a/image/config/syslog-ng.conf b/image/config/syslog-ng.conf new file mode 100644 index 0000000..832e67a --- /dev/null +++ b/image/config/syslog-ng.conf @@ -0,0 +1,148 @@ +@version: 3.5 +@include "scl.conf" +@include "`scl-root`/system/tty10.conf" + +# Syslog-ng configuration file, compatible with default Debian syslogd +# installation. + +# First, set some global options. +options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); + owner("root"); group("adm"); perm(0640); stats_freq(0); + bad_hostname("^gconfd$"); +}; + +######################## +# Sources +######################## +# This is the default behavior of sysklogd package +# Logs may come from unix stream, but not from another machine. +# +source s_src { + unix-stream("/dev/log"); + internal(); +}; + +# If you wish to get logs from remote machine you should uncomment +# this and comment the above source line. +# +#source s_net { tcp(ip(127.0.0.1) port(1000)); }; + +######################## +# Destinations +######################## +# First some standard logfile +# +destination d_auth { file("/var/log/auth.log"); }; +destination d_cron { file("/var/log/cron.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kern { file("/var/log/kern.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_syslog { file("/var/log/syslog"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; + +# This files are the log come from the mail subsystem. +# +destination d_mailinfo { file("/var/log/mail.info"); }; +destination d_mailwarn { file("/var/log/mail.warn"); }; +destination d_mailerr { file("/var/log/mail.err"); }; + +# Logging for INN news system +# +destination d_newscrit { file("/var/log/news/news.crit"); }; +destination d_newserr { file("/var/log/news/news.err"); }; +destination d_newsnotice { file("/var/log/news/news.notice"); }; + +# Some `catch-all' logfiles. +# +destination d_debug { file("/var/log/debug"); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; + +# The named pipe /dev/xconsole is for the nsole' utility. To use it, +# you must invoke nsole' with the -file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +destination d_xconsole { pipe("/dev/xconsole"); }; + +# Send the messages to an other host +# +#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); }; + +# Debian only +destination d_ppp { file("/var/log/ppp.log"); }; + +######################## +# Filters +######################## +# Here's come the filter options. With this rules, we can set which +# message go where. + +filter f_dbg { level(debug); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; + +filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; +filter f_error { level(err .. emerg) ; }; +filter f_messages { level(info,notice,warn) and + not facility(auth,authpriv,cron,daemon,mail,news); }; + +filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; +filter f_cron { facility(cron) and not filter(f_debug); }; +filter f_daemon { facility(daemon) and not filter(f_debug); }; +filter f_kern { facility(kern) and not filter(f_debug); }; +filter f_lpr { facility(lpr) and not filter(f_debug); }; +filter f_local { facility(local0, local1, local3, local4, local5, + local6, local7) and not filter(f_debug); }; +filter f_mail { facility(mail) and not filter(f_debug); }; +filter f_news { facility(news) and not filter(f_debug); }; +filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; +filter f_user { facility(user) and not filter(f_debug); }; +filter f_uucp { facility(uucp) and not filter(f_debug); }; + +filter f_cnews { level(notice, err, crit) and facility(news); }; +filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; + +filter f_ppp { facility(local2) and not filter(f_debug); }; +filter f_console { level(warn .. emerg); }; + +######################## +# Log paths +######################## +log { source(s_src); filter(f_auth); destination(d_auth); }; +log { source(s_src); filter(f_cron); destination(d_cron); }; +log { source(s_src); filter(f_daemon); destination(d_daemon); }; +log { source(s_src); filter(f_kern); destination(d_kern); }; +log { source(s_src); filter(f_lpr); destination(d_lpr); }; +log { source(s_src); filter(f_syslog3); destination(d_syslog); }; +log { source(s_src); filter(f_user); destination(d_user); }; +log { source(s_src); filter(f_uucp); destination(d_uucp); }; + +log { source(s_src); filter(f_mail); destination(d_mail); }; +#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; +#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; +#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; + +log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; +log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; +log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; + +#log { source(s_src); filter(f_ppp); destination(d_ppp); }; + +log { source(s_src); filter(f_debug); destination(d_debug); }; +log { source(s_src); filter(f_error); destination(d_error); }; +log { source(s_src); filter(f_messages); destination(d_messages); }; + +# All messages send to a remote site +# +#log { source(s_src); destination(d_net); }; + +### +# Include all config files in /etc/syslog-ng/conf.d/ +### +@include "/etc/syslog-ng/conf.d/*.conf" diff --git a/image/system_services.sh b/image/system_services.sh index 38f8342..e80253b 100755 --- a/image/system_services.sh +++ b/image/system_services.sh @@ -27,9 +27,7 @@ mkdir -p /var/lib/syslog-ng cp /bd_build/config/syslog_ng_default /etc/default/syslog-ng touch /var/log/syslog chmod u=rw,g=r,o= /var/log/syslog -# Replace the system() source because inside Docker we -# can't access /proc/kmsg. -sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf +cp /bd_build/config/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf ## Install syslog to "docker logs" forwarder. mkdir /etc/service/syslog-forwarder