Commit f46584eb authored by Eric G. Wolfe's avatar Eric G. Wolfe Committed by Seth Vargo
Browse files

[COOK-3608] Split `mail.*` facilities



The split mail.* facilities in the `50-default.conf` template is a problem for me on mail servers.  This seems to be an opinionated addition to Debian-ish rsyslog defaults as shipped, however I retained that functionality on non-RHEL systems for cookbook backwards compatibility.

The `50-default.conf` is very much geared towards Ubuntu/Debian. Which is not a huge problem, but the cookbook generates log files which will never get rotated on RHEL family, and probably other, systems.

This adds a hash knob to allow log facilities and log destination to be rendered in the `50-default.conf` template for these two requirements.
Signed-off-by: default avatarSeth Vargo <sethvargo@gmail.com>
parent 05326139
......@@ -39,7 +39,8 @@ See `attributes/default.rb` for default values.
* `node['rsyslog']['high_precision_timestamps']` - Enable high precision timestamps, instead of the "old style" format. Default is 'false'.
* `node['rsyslog']['repeated_msg_reduction']` - Value of `$RepeatedMsgReduction` configuration directive in `/etc/rsyslog.conf`. Default is 'on'
* `node['rsyslog']['logs_to_forward']` - Specifies what logs should be sent to the remote rsyslog server. Default is all ( \*.\* ).
* `node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log`
* `node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template.
Recipes
-------
......@@ -130,6 +131,24 @@ default_attributes(
)
```
Default rsyslog options are rendered for RHEL family platforms, in `/etc/rsyslog.d/50-default.conf`
with other platforms using a configuration like Debian family defaults. You can override these
log facilities and destinations using the `rsyslog['default_facility_logs']` hash.
```ruby
name "facility_log_example"
run_list("recipe[rsyslog::default]")
default_attributes(
"rsyslog" => {
"facility_logs" => {
'*.info;mail.none;authpriv.none;cron.none' => "/var/log/messages",
'authpriv' => '/var/log/secure',
'mail.*' => '-/var/log/maillog',
'*.emerg' => '*'
}
}
)
```
Development
-----------
......
......@@ -57,3 +57,40 @@ when 'smartos'
default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
default['rsyslog']['group'] = 'root'
end
# 50-default template attributes
default['rsyslog']['default_log_dir'] = '/var/log'
case node['platform_family']
when 'rhel'
# format { facility => destination }
default['rsyslog']['default_facility_logs'] = {
'*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
'authpriv' => "#{node['rsyslog']['default_log_dir']}/secure",
'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
'*.emerg' => '*',
'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
'local7.' => "#{node['rsyslog']['default_log_dir']}/boot.log"
}
else
# format { facility => destination }
default['rsyslog']['default_facility_logs'] = {
'auth,authpriv.*' => "#{node['rsyslog']['default_log_dir']}/auth.log",
'*.*;auth,authpriv.none' => "-#{node['rsyslog']['default_log_dir']}/syslog",
'daemon.*' => "-#{node['rsyslog']['default_log_dir']}/daemon.log",
'kern.*' => "-#{node['rsyslog']['default_log_dir']}/kern.log",
'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
'user.*' => "-#{node['rsyslog']['default_log_dir']}/user.log",
'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
'mail.warn' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
'*.=debug;auth,authpriv.none;news.none;mail.none' => "-#{node['rsyslog']['default_log_dir']}/debug",
'*.=info;*.=notice;*.=warn;auth,authpriv.none;cron,daemon.none;mail,news.none' => "-#{node['rsyslog']['default_log_dir']}/messages",
'*.emerg' => '*',
'daemon.*;mail.*;news.err;*.=debug;*.=info;*.=notice;*.=warn' => '|/dev/xconsole'
}
end
......@@ -47,6 +47,7 @@ template "#{node['rsyslog']['config_prefix']}/rsyslog.d/50-default.conf" do
owner 'root'
group 'root'
mode '0644'
variables(:facility_logs => node['rsyslog']['default_facility_logs'])
notifies :restart, "service[#{node['rsyslog']['service_name']}]"
end
......
......@@ -142,7 +142,7 @@ describe 'rsyslog::default' do
let(:template) { chef_run.template('/etc/rsyslog.d/50-default.conf') }
it 'creates the template' do
expect(chef_run).to create_file_with_content(template.path, 'Default rules for rsyslog.')
expect(chef_run).to create_file_with_content('/etc/rsyslog.d/50-default.conf', '*.emerg *')
end
it 'is owned by root:root' do
......@@ -188,6 +188,16 @@ describe 'rsyslog::default' do
end
end
context 'COOK-3608 maillog regression test' do
let(:chef_run) do
ChefSpec::ChefRunner.new(platform: 'redhat', version: '6.3').converge('rsyslog::default')
end
it 'outputs mail.* to /var/log/maillog' do
expect(chef_run).to create_file_with_content('/etc/rsyslog.d/50-default.conf', 'mail.* -/var/log/maillog')
end
end
context 'syslog service' do
let(:chef_run) do
ChefSpec::ChefRunner.new(platform: 'redhat', version: '5.8').converge('rsyslog::default')
......
# Default rules for rsyslog.
#
# For more information see rsyslog.conf(5) and <%= node['rsyslog']['config_prefix'] %>/rsyslog.conf
# Generated by Chef for <%= node['fqdn'] %>
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Logging for INN news system.
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
<% @facility_logs.each do |key, value| %>
<%= key %> <%= value %>
<% end %>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment