Cookbook version

4.0.0

Chef-client version

12.x

Platform Details

Ubuntu 14.04

Scenario:

Tried to use cookbook, ended up with full disk

Steps to Reproduce:

Use cookbook. Observe lack of rotation policy for added cookbooks.

Expected Result:

rsyslog should add rotation policy for any logs it adds

Actual Result:

Used cookbook with defaults. It adds, among others, boot.log, but doesn't add a rotation policy for the log file. In our case, due to a misbehaving app (or mis-logging app) boot.log grew to over 13G, and along with other log files, filled the disk. I confirmed that boot.log is not in the Ubuntu rsyslog package, so it is being added by this cookbook. The rsyslog package does define rotation policy for any logs that are in its default config.

Cookbook version

5.0.1

Chef-client version

12.9.41

Platform Details

rhel6.8

Scenario:

Attempting to set the Umask, FileCreateMode, DirCreateMode, DirOwner, DirGroup, Template directives. However Umask, FileCreateMode, DirCreateMode are hardcoded values in the rsyslog.conf.erb and DirOwner, DirGroup, Template do not exist as available attributes.

Steps to Reproduce:

(Not a bug just missing functionality)
Open the rsyslog.conf.erb and note that lines 92, 93, 94 are hardcoded values preventing the user from changing them.
Also note that the attributes/default.rb is missing attributes for Umask, FileCreateMode, DirCreateMode, DirOwner, DirGroup, Template directives

Expected Result:

Actual Result:

👻 Brief Description

The new functionality that allows you to select the rsyslog TLS driver via the default['rsyslog']['tls_driver'] = 'ossl' attribute broke runs on RHEL7. This is because the rsyslog-openssl package is not available on that platform and the default is set to use openssl; RHEL/CentOS uses only the gnutls rsyslog implementation.

🥞 Cookbook version

v7.4.0

👩‍🍳 Chef-Infra Version

Still on 14.13.11 :(

🎩 Platform details

RHEL7. Also present on RHEL8

Steps To Reproduce

Steps to reproduce the behavior:

Run the recipe on RHEL7/Centos7 with tls enabled and all other attributes default.

🚓 Expected behavior

The recipe run completes

➕ Additional context

It may be useful to have a test case for TLS on/off in the kitchen suite for this cookbook. Would have caught this bug.

Cookbook version

6.0.7

Chef-client version

Chef Workstation version: 0.9.42
Chef Infra Client version: 15.3.14
Chef InSpec version: 4.16.0
Chef CLI version: 1.0.16
Test Kitchen version: 2.3.3
Cookstyle version: 5.6.2

Platform Details

Fedora 30, Travis-CI

Scenario:

Trying to run the spec tests locally and on Travis-CI. On both platforms the tests.

Steps to Reproduce:

Locally: Download repo, run chef exec rspec.
Travis-CI: Push to master branch

Expected Result:

Passing tests.

Actual Result:

Locally: Test fails due fauhaix issues with old/not supported operating systems (SmartOS and OmniOS).
Travis-CI: Chef License Issue.

I'd like to be able to configure net.enableDNS and net.aclResolveHostname. These seem to only be supported by Rainer script (or command line switches), not the "legacy" format that this cookbook uses. Is this possible?

In Ubuntu >= 11.04 the cookbook correctly sets the user to syslog but the log_dir directory always has owner root with mode 0755. In such cases rsyslog can't write any log file. Maybe the log_dir directory resource should use node['rsyslog']['user'] as the owner.

🗣️ Foreword

Thank for taking the time to fill this bug report fully. Without it we may not be able to fix the bug, and the issue may be closed without resolution.

👻 Brief Description

centos6 is loding imjournal and OmitLocalLogging which breaks local logging. IE logger.

🥞 Cookbook version

9.0.0

👩‍🍳 Chef-Infra Version

15.10.12.

🎩 Platform details

centos 6.10

Steps To Reproduce

Steps to reproduce the behavior:

converge on el6

🚓 Expected behavior

imjournal not to be used as there is no journal, OmitLocalLogging should not be enabled.

➕ Additional context

Add any other context about the problem here. e.g. related issues or existing pull requests.

Cookbook version

4.0.1

Chef-client version

12.18.30

Platform Details

CentOS 5.11

Scenario:

I have a cookbook that gets the packages for the latest version of rsyslogd. So even though I'm running CentOS 5.11, I have rsyslogd version 8.

However, this code isn't detecting if rsyslog can use :omusrmsg:* and is instead checking only the OSes.

rsyslogd v8 doesn't support *, which causes the -N1 check to fail and logging not to be sent to users.

There was a changelog entry for cookbook v2.1.0 that implied it was checking the rsyslogd version, but that doesn't seem to be the case:

Change emerg to log to :omusrmsg:_ vs. _ on modern rsyslog releases to avoid deprecation warnings

Steps to Reproduce:

In a CentOS 5.11 box, add the official rsyslogd yum repository and install rsyslog 8.

I keep getting lines like this my 49-remote.conf file when using rsyslog::client:

*.* :omrelp:{"server"=>"10.0.10.10", "port"=>514, "logs"=>"*.*", "protocol"=>"tcp", "remote_template"=>"RSYSLOG_ForwardFormat"}:20514;RSYSLOG_ForwardFormat

The bit in the {...} characters seems to be the ruby expression of rsyslog_servers in version 2.2.0.

Rolling back to 2.1.0 fixes this problem.

When I am doing kitchen converge I am getting following error. I am running this on Windows Docker Desktop and using dokken centos72 image.

================================================================================
Recipe Compile Error in /opt/kitchen/cache/cookbooks/rsyslog/attributes/default.rb

NoMethodError

undefined method `platform_version' for #Chef::Node::Attribute:0x0000000004678a00

Cookbook Trace:

/opt/kitchen/cache/cookbooks/rsyslog/attributes/default.rb:47:in `from_file'

Relevant File Content:

/opt/kitchen/cache/cookbooks/rsyslog/attributes/default.rb:

40: default['rsyslog']['enable_imklog'] = true
41: default['rsyslog']['config_prefix'] = '/etc'
42: default['rsyslog']['default_file_template'] = nil
43: default['rsyslog']['default_remote_template'] = nil
44: default['rsyslog']['rate_limit_interval'] = nil
45: default['rsyslog']['rate_limit_burst'] = nil
46: default['rsyslog']['enable_tls'] = false
47>> default['rsyslog']['tls_driver'] = if platform_family?('rhel') && platform_version.to_i == 7
48: 'gtls'
49: else
50: 'ossl'
51: end
52: default['rsyslog']['action_queue_max_disk_space'] = '1G'
53: default['rsyslog']['tls_ca_file'] = nil
54: default['rsyslog']['tls_certificate_file'] = nil
55: default['rsyslog']['tls_key_file'] = nil
56: default['rsyslog']['tls_auth_mode'] = 'anon'

System Info:

chef_version=15.7.32
platform=centos
platform_version=7.9.2009
ruby=ruby 2.6.5p114 (2019-10-01 revision 67812) [x86_64-linux]
program_name=/opt/chef/embedded/bin/chef-client
executable=/opt/chef/embedded/bin/chef-client

Running handlers:
[2022-08-25T06:34:50+00:00] ERROR: Running exception handlers
Running handlers complete
[2022-08-25T06:34:50+00:00] ERROR: Exception handlers complete
Chef Infra Client failed. 0 resources updated in 01 seconds
[2022-08-25T06:34:50+00:00] FATAL: Stacktrace dumped to /opt/kitchen/cache/chef-stacktrace.out
[2022-08-25T06:34:50+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2022-08-25T06:34:50+00:00] FATAL: NoMethodError: undefined method `platform_version' for #Chef::Node::Attribute:0x0000000004678a00

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

I can't send a pull request because there is no branch for version 3.0.0, but there is a bug in resources/file_input.rb

I've fix this porting the code from version 2, but it is also fixed in the master branch in a different way.

diff --git a/resources/file_input.rb b/resources/file_input.rb
index a52b2c0..f551300 100644
--- a/resources/file_input.rb
+++ b/resources/file_input.rb
@@ -27,15 +27,15 @@ property :cookbook_source, String, default: 'rsyslog'
 property :template_source, String, default: 'file-input.conf.erb'

 action :create do
-  template "/etc/rsyslog.d/#{priority}-#{new_resource.name}.conf" do
+  template "/etc/rsyslog.d/#{priority}-#{name}.conf" do
     mode '0664'
     owner node['rsyslog']['user']
     group node['rsyslog']['group']
     source template_source
     cookbook cookbook_source
     variables 'file_name' => file,
-              'tag' => new_resource.name,
-              'state_file' => new_resource.name,
+              'tag' => name,
+              'state_file' => name,
               'severity' => severity,
               'facility' => facility

Note: this worked two weeks ago when I bootstrapped a different server, so I'm really not sure what's changed.

With both chef-12.0.3 and 12.1.1 bootstraps, and rsyslog 1.12.2 (which is what papertrail-rsyslog currently seems to pull in), I see the following error:

  ================================================================================
ec2-54-175-212-9.compute-1.amazonaws.com     Error executing action `install` on resource 'yum_package[rsyslog]'
ec2-54-175-212-9.compute-1.amazonaws.com     ================================================================================
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com     Mixlib::ShellOut::ShellCommandFailed
ec2-54-175-212-9.compute-1.amazonaws.com     ------------------------------------
ec2-54-175-212-9.compute-1.amazonaws.com     Expected process to exit with [0], but received '1'
ec2-54-175-212-9.compute-1.amazonaws.com     ---- Begin output of /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 ----
ec2-54-175-212-9.compute-1.amazonaws.com     STDOUT:
ec2-54-175-212-9.compute-1.amazonaws.com     STDERR: Traceback (most recent call last):
ec2-54-175-212-9.compute-1.amazonaws.com       File "/opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py", line 36, in <module>
ec2-54-175-212-9.compute-1.amazonaws.com         import yum
ec2-54-175-212-9.compute-1.amazonaws.com     ImportError: No module named yum
ec2-54-175-212-9.compute-1.amazonaws.com     ---- End output of /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 ----
ec2-54-175-212-9.compute-1.amazonaws.com     Ran /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 returned 1
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com     Resource Declaration:
ec2-54-175-212-9.compute-1.amazonaws.com     ---------------------
ec2-54-175-212-9.compute-1.amazonaws.com     # In /var/chef/cache/cookbooks/rsyslog/recipes/default.rb
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com      20: package 'rsyslog'
ec2-54-175-212-9.compute-1.amazonaws.com      21: package 'rsyslog-relp' if node['rsyslog']['use_relp']
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com     Compiled Resource:
ec2-54-175-212-9.compute-1.amazonaws.com     ------------------
ec2-54-175-212-9.compute-1.amazonaws.com     # Declared in /var/chef/cache/cookbooks/rsyslog/recipes/default.rb:20:in `from_file'
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com     yum_package("rsyslog") do
ec2-54-175-212-9.compute-1.amazonaws.com       action :install
ec2-54-175-212-9.compute-1.amazonaws.com       retries 0
ec2-54-175-212-9.compute-1.amazonaws.com       retry_delay 2
ec2-54-175-212-9.compute-1.amazonaws.com       default_guard_interpreter :default
ec2-54-175-212-9.compute-1.amazonaws.com       package_name "rsyslog"
ec2-54-175-212-9.compute-1.amazonaws.com       timeout 900
ec2-54-175-212-9.compute-1.amazonaws.com       flush_cache {:before=>false, :after=>false}
ec2-54-175-212-9.compute-1.amazonaws.com       declared_type :package
ec2-54-175-212-9.compute-1.amazonaws.com       cookbook_name "rsyslog"
ec2-54-175-212-9.compute-1.amazonaws.com       recipe_name "default"
ec2-54-175-212-9.compute-1.amazonaws.com     end
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com Recipe: chef-client::init_service
ec2-54-175-212-9.compute-1.amazonaws.com   * service[chef-client] action restart
ec2-54-175-212-9.compute-1.amazonaws.com     - restart service service[chef-client]

I am using the file_input provider and I keep getting this error not he notify restart:

had an error: Chef::Exceptions::ResourceNotFound: Cannot find a resource matching service[rsyslog] (did you define it first?)

Cookbook Trace:

/var/lib/aws/opsworks/cache.stage2/cookbooks/rsyslog/providers/file_input.rb:31:in `block (2 levels) in class_from_file'
/var/lib/aws/opsworks/cache.stage2/cookbooks/rsyslog/providers/file_input.rb:20:in `block in class_from_file'

Ran in to an issue where haproxy was not logging to /var/log/haproxy.log as expected. Looked to be an issue with rsyslog's permissions as manually creating the file allowed logging to occur.

This cookbook generates an /etc/rsyslog.conf with these permissions on Ubuntu:

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm

Looking at the default ubuntu test kitchen boxes before this cookbook runs I found they all contained:

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog

Thinking to fix this the privledge dropping user & group should be separate attributes, and make them syslog:syslog for Ubuntu?

We have a very prescriptive search setup in the client cookbook that probably doesn't work for anyone and leads to frustration (did for me in previous jobs at least). We should remove this as users should instead handle search themselves and populate the attributes with the search results.

Warning:

The resource in the rsyslog cookbook should declare unified_mode true at 1 location:
- /var/chef/cache/cookbooks/rsyslog/resources/file_input.rb
See https://docs.chef.io/deprecations_unified_mode/ for further details.

Hi,

The custom_remote won't work unless you use an override attribute because the default set in the cookbook will get merged and node['rsyslog']['custom_remote'].first.empty? will allays be true.
PR #121 fixes this.

👻 Brief Description

Some versions of rsyslogd will consume all host memory if $MaxMessageSize is set to anything. Eliminating this directive eliminates the problem. The current cookbook attribute/template combination doesn't allow specifying that you don't want this directive at all in your configuration.

🥞 Cookbook version

8.x and 9.x

👩‍🍳 Chef-Infra Version

version 14.x through 16.x

🎩 Platform details

Solaris 11.3 with rsyslogd v8.4.2 provided by Oracle via IPS

Steps To Reproduce

Steps to reproduce the behavior:

1. Install system/rsyslog IPS package on any Solaris 11.3 system
2. Specify $MaxMessageSize with any value > 1024 or 1k in /etc/rsyslog.conf
3. Load the standard imsolaris input module that comes with rsyslog
4. Specify any facility/level rules to any targets
5. Initiate the first log message to any facility/level via the logger command
6. rsyslogd will begin to consume large amounts of CPU/Memory until all system memory is exhausted

🚓 Expected behavior

Expected setting the attribute node['rsyslog']['max_message_size'] to nil or false would cause the template for /etc/rsyslog.conf to just not include this directive in the config file.

At present, specifying nil just generates this into /etc/rsyslog.conf

$MaxMessageSize

Specifying false generates this:

$MaxMessageSize false

➕ Additional context

Will be including PR shortly.

Adding
execute "chcon" do
command "chcon system_u:object_r:var_log_t:s0 node['rsyslog']['log_dir']"
action :run
end

Right after creating the directory would be easiest.

The cookbook incorrectly changes the owner on /var/spool/rsyslog when running on precise.

• directory[/var/spool/rsyslog] action create
  • change owner from 'syslog' to 'root'
  • change group from 'adm' to 'root'

The existing privs are the correct ones laid down by the package.

I've recently come across a situation where I needed to install rsyslog 8.13.0 and unfortunately had to do it from scratch because this cookbook didn't have that option. Also, having the ability to specify --configure parameters would be useful especially when you want to enable non-standard plugins such as omhiredis.

Cookbook version

6.0.4

Chef-client version

12.22.5

Platform Details

Amazon Linux release 2 (2017.12) LTS Release Candidate

Scenario:

Using the rsyslog cookbook in default trim on Amazon linux fails to provide a valid configuration.

Steps to Reproduce:

Include the rsyslog cookbook via recipe in a wrapper cookbook. eg. include_recipe 'rsyslog'

Expected Result:

rsyslog installs cleanly with a working configuration

Actual Result:

amazon-ebs: [2018-07-03T23:44:15+00:00] INFO: template[/etc/rsyslog.conf] sending run action to execute[validate_config] (delayed)
amazon-ebs: [2018-07-03T23:44:15+00:00] INFO: Processing execute[validate_config] action run (rsyslog::default line 40)
amazon-ebs:
amazon-ebs: ================================================================================
amazon-ebs: Error executing action `run` on resource 'execute[validate_config]'
amazon-ebs: ================================================================================
amazon-ebs:
amazon-ebs: Mixlib::ShellOut::ShellCommandFailed
amazon-ebs: ------------------------------------
amazon-ebs: Expected process to exit with [0], but received '1'
amazon-ebs: ---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: STDOUT:
amazon-ebs: STDERR: rsyslogd: version 8.24.0, config validation run (level 1), master config /etc/rsyslog.conf
amazon-ebs: rsyslogd: error during parsing file /etc/rsyslog.d/50-default.conf, on or before line 8: warnings occured in file '/etc/rsyslog.d/50-default.conf' around line 8 [v8.24.0 try http://www.rsyslog.com/e/2207 ]                                           [0/1989]
amazon-ebs: ---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
amazon-ebs:
amazon-ebs: Resource Declaration:
amazon-ebs: ---------------------
amazon-ebs: # In /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/rsyslog/recipes/default.rb
amazon-ebs:
amazon-ebs:  40: execute 'validate_config' do
amazon-ebs:  41:   command "rsyslogd -N 1 -f #{node['rsyslog']['config_prefix']}/rsyslog.conf"
amazon-ebs:  42:   action  :nothing
amazon-ebs:  43: end
amazon-ebs:  44:
amazon-ebs:
amazon-ebs: Compiled Resource:
amazon-ebs: ------------------
amazon-ebs: # Declared in /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/rsyslog/recipes/default.rb:40:in `from_file'
amazon-ebs:
amazon-ebs: execute("validate_config") do
amazon-ebs:   action [:nothing]
amazon-ebs:   retries 0
amazon-ebs:   retry_delay 2
amazon-ebs:   default_guard_interpreter :execute
amazon-ebs:   command "rsyslogd -N 1 -f /etc/rsyslog.conf"
amazon-ebs:   backup 5
amazon-ebs:   returns 0
amazon-ebs:   user nil
amazon-ebs:   declared_type :execute
amazon-ebs:   cookbook_name "rsyslog"
amazon-ebs:   recipe_name "default"
amazon-ebs: end
amazon-ebs:
amazon-ebs: System Info:
amazon-ebs: ------------
amazon-ebs: chef_version=12.22.5
amazon-ebs: platform=amazon
amazon-ebs: platform_version=2
amazon-ebs: ruby=ruby 2.3.6p384 (2017-12-14 revision 61254) [x86_64-linux]
amazon-ebs: program_name=chef-solo worker: ppid=11910;start=23:39:40;
amazon-ebs: executable=/opt/chef/bin/chef-solo
amazon-ebs:
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: template[/etc/rsyslog.conf] sending restart action to service[rsyslog] (delayed)
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: Processing service[rsyslog] action restart (rsyslog::default line 94)
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: service[rsyslog] restarted
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: Running exception handlers
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: Exception handlers complete
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Stacktrace dumped to /tmp/packer-chef-solo/local-mode-cache/cache/chef-stacktrace.out
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: execute[validate_config] (rsyslog::default line 40) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
amazon-ebs: ---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: STDOUT:
amazon-ebs: STDERR: rsyslogd: version 8.24.0, config validation run (level 1), master config /etc/rsyslog.conf
amazon-ebs: rsyslogd: error during parsing file /etc/rsyslog.d/50-default.conf, on or before line 8: warnings occured in file '/etc/rsyslog.d/50-default.conf' around line 8 [v8.24.0 try http://www.rsyslog.com/e/2207 ]
amazon-ebs: ---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

It's time to remove the vast complexity of these recipes and just remove the chef-solo support. The cookbook supports Chef 12 only now and thus everyone has access to chef-zero.

Cookbook version

4.0.1

Chef-client version

12.15.19

Platform Details

Ubuntu 16.04 on AWS

Scenario:

Can't call the file_input resource multiple times with the default template. The config test added in 4.0.1 will fail b/c imfile is included multiple times.

Steps to Reproduce:

Create multiple ryslog_file_input resources using the default template.

Expected Result:

Successful converge.

Actual Result:

[2016-11-02T21:03:43+00:00] ERROR: Exception handlers complete
ERROR: execute[validate_config] (rsyslog::default line 42) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
STDOUT:
rsyslogd: version 8.16.0, config validation run (level 1), master config /etc/rsyslog.conf
rsyslogd: module 'imfile' already in this config, cannot be added  [v8.16.0 try http://www.rsyslog.com/e/2221 ]
rsyslogd: module 'imfile' already in this config, cannot be added  [v8.16.0 try http://www.rsyslog.com/e/2221 ]
---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
[2016-11-02T21:03:43+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

The input_file template included in the cookbook should not include imfile or should have some conditional logic to ensure it's only included in one of them. It might make sense to have a dedicated file in /etc/rsyslog.d to include imfile that is created anytime the ryslog_file_input resource is used.

Cookbook version

6.0.1

Feature request:
Add ability to install latest version of rsyslog or newer. We are trying to use an external yum repo to get a newer RPM, but the cookbook does not allow us to set it to latest

I'd like to support TCP and UDP concurrently in rsyslog.conf. An option for "both" could be added for node['rsyslog']['protocol'], but this attribute is used elsewhere in the client side configs. Perhaps a new attribute could be added such as node['rsyslog']['server_protocol'].

I could be missing something, but I don't see a way to specify the address to bind to.

http://www.rsyslog.com/doc/master/configuration/modules/imudp.html
Address
Default: *
Local IP address (or name) the UDP server should bind to. Use “*” to bind to all of the machine’s addresses.

Is there a way to do this, or are their plans to support this setting of rsyslog?

Like in most things, order matters within the rsyslog.conf - it would be swell if instead of a hash for the rsyslog.default_facility_logs and rsyslog.additional_directives it was an array of hashes, so that way line order could be easily specified.

{
  "rsyslog": {
    "default_facility_logs": [
      {
        "*.info": "/var/log/firstlog"
      },
      {
        "*.info": "~"
      },
      {
        "*.err": "/var/log/orderdoesntmatter1",
        "*.debug": "/var/log/orderdoesntmatter2"
      }
    ]
  }
}

Within each array, a simple sort would/should be applied to ensure random array storage doesn't cause the file to be needlessly regenerated. So the template would end up looking like

<% node['rsyslog']['default_facility_logs'].each do |lines| %>
<% lines.sort.each do |key, value| %>
<%= key %>    <%= value %>
<% end %>
<% end %>

This would grant people to slice, push, pop, etc entries the way they wanted.

The defaults could still be implemented as hash, just the first hash in the array

  default['rsyslog']['default_facility_logs'] = [{
    '*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
    'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure",
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
    'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
    '*.emerg' => ':omusrmsg:*',
    'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
    'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log"
  }]

There's currently no way to set options like these

Would be useful to be able to override $DirCreateMode in 35-server-per-host.conf.erb similar to rsyslog.conf.erb

Here's the override in rsyslog.conf
https://github.com/chef-cookbooks/rsyslog/blob/master/templates/default/rsyslog.conf.erb#L104

Is it possible to do the same for 35-server-per-host.conf.erb ?
$DirCreateMode <%= node['rsyslog']['dir_create_mode'] %>

Using this cookbook (v7.0.1) with Chef (16.5.77), I get the undesired behavior of NGINX logs getting logged twice in syslog and messages because the way the 35-server-per-host.conf.erb template is written.

According to NGINX docs, by default the severity is set as info, and in the 35-server-per-host.conf.erb template we can find that:

$template PerHostSyslog,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/syslog"
...
$template PerHostMessages,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/messages"
...
*.*;auth,authpriv.none  -?PerHostSyslog
...
*.=info;*.=notice;*.=warn;\
  auth,authpriv.none;\
  cron,daemon.none;\
  mail,news.none        -?PerHostMessages

so it matches both PerHostSyslog and PerHostMessages templates.

I've found a workaround in NGINX, which is set the severity to crit so it gets only logged in syslog, but I don't really know if this is OK (my experience with rsyslog and syslog is very limited).

Would it be possible that the server.rb recipe had the source property set via attribute so we can tune it to match our specific needs? E.g:

diff --git a/recipes/server.rb b/recipes/server.rb
index 7ea0e53..0eeb0bc 100644
--- a/recipes/server.rb
+++ b/recipes/server.rb
@@ -30,7 +30,7 @@ directory node['rsyslog']['log_dir'] do
 end
 
 template "#{node['rsyslog']['config_prefix']}/rsyslog.d/35-server-per-host.conf" do
-  source   '35-server-per-host.conf.erb'
+  source   node['rsyslog']['server-per-host-template']
   owner    node['rsyslog']['config_files']['owner']
   group    node['rsyslog']['config_files']['group']
   mode     node['rsyslog']['config_files']['mode']

Currently the client recipe hard codes the number 49 for the position of the remote configuration. However in some cases it is useful to have a bigger gap between the remote and the 50-default. Or, to only send to remote after the default.

The number could be extracted to an attribute whose default value would be 49, thus not breaking anything, but allowing more flexibility in the position of the remote config.

Cookbook version

1.15.0

Chef-client version

12.18.31

Platform Details

CentOS 6.7
OpenStack

Scenario:

Removing default logs, such as the ones generated by sudo.

Steps to Reproduce:

I've cleared the default['rsyslog']['default_facility_logs'] but I'm still getting logs from when I run sudo. I'd like to prevent that. Is there another place I'm missing?

Expected Result:

To not have sudo or any logs besides the ones I explicitly specify to be sent over.

Actual Result:

I'm still getting sudo and su logs and whatever else.

NoMethodError:
undefined method `action' for #Class:0x00000003339840 action provider

Not sure whether this lies with this cookbook or compat_resource, but I've had to lock down the version of compat_resource to get my build pipeline back in order. Appears there has been some work in this area relating to action in the compat_resource cookbook.

Cookbook version

latest

Chef-client version

11.16.2

Platform Details

amazon linux

Scenario:

using roles have a server change from including recipe "rsyslog::server" to including "rsyslog::client"

Steps to Reproduce:

have two roles, one that includes recipe "rsyslog::server" and one that includes "rsyslog::client." If you switch from server to client role it will not work.

Expected Result:

client recipe is run

Actual Result:

client recipe starts to run but it immediately returns because the first line is:

return if node['rsyslog']['server']

this is because server.rb is using

node.normal['rsyslog']['server'] = true

this permanently sets that attribute on the node. so even if you start including the client recipe (and stop including server), the above setting persists and overrides the default of false. Why does this attribute have to be permanently applied to the server? Is there some reason, and if not it could be changed to

node.override['rsyslog']['server'] = true

Hello, I'm using this cookbook as part of Rackspace Private Cloud's Openstack installation. I've noticed that the rsyslog.conf that is set up by this cookbook sets the TCP port to 514. From what I can gather, port 514 should only be used for UDP, while ports 601 or 6514 should be used for TCP syslog traffic. I know this can be overridden easily, but I thought it may be something your team would like to explore.

Here's some references pointing to the port definitions:

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=syslog

http://www.networksorcery.com/enp/protocol/syslog.htm

Cookbook version

6.0.8 + #152

Chef-client version

chef-14.10.9-1.el7.x86_64

Platform Details

rpm -qf /etc/issue

centos-release-7-6.1810.2.el7.centos.x86_64

Scenario:

As rsyslog servers drop to 0 members in the list, the 49-remote.conf is not removed.

Steps to Reproduce:

1. with the search confirmed empty, throw an IP in to invoke the template instantiation:

knife ssh testmonkey \
  -- \
  chef-client -W -o rsyslog::client \
  -j '<(echo {\"rsyslog\":{\"custom_remote\":\[{\"server\":\"10.10.4.4\"}\]}})'

2. and then again without the forced value:

knife ssh testmonkey \
  -- \
  chef-client -W -o rsyslog::client

Expected Result:

Remote.conf file should be removed to reflect empty forward-server list.

Actual Result:

Nothing: file is not changed nor removed.

Using rsyslog 7.6.3 (wheezy-backports) on Debian throws a deprecation warning:

rsyslogd-2184: action '*' treated as ':omusrmsg:*' - please change syntax, '*' will not be supported in the future [try http://www.rsyslog.com/e/2184 ]

see: http://lists.adiscon.net/pipermail/rsyslog/2012-October/030845.html
and: https://github.com/opscode-cookbooks/rsyslog/blob/81252ccea0b7647c3692cdfc1cd7930e63430438/attributes/default.rb#L95

I'm an rsyslog noob, so I'm not sure if fixing this breaks older versions.

Cookbook supports multiple remote servers. But this is not implemented as should be. By documentation http://www.rsyslog.com/doc/v8-stable/tutorials/reliable_forwarding.html , when there is more than 1 remote server, client should create more queues with different names. So this part https://github.com/chef-cookbooks/rsyslog/blob/master/templates/default/49-remote.conf.erb is wrong, because here it is hardcoded that there is only 1 queue.

The File_input is missing the facility. It looks like it is missing an = sign like the other parameters.

This will prevent modifications from happening even when there is no real configuration change. Currently when I run the 50-default.conf.erb will change on almost every run due to different key order in the template. Sorting the keys will prevent this from happening.

Cookbook version

6.0.1

Chef-client version

12.19.36

Platform Details

Scenario:

We are using some custom rsyslog filters like this:

:msg, contains, "watcherout"                            /var/log/watcherout

We are doing that manually currently.
Is there any way to configure it and add the filter into rsyslog.conf using this cookbook?

I noticed the most recent release, 4.0.1, was a patch release but added some new functionality - namely the config validation, tls_permitted_peer, and support for suse. According to semver and the contribution guidelines new functionality should be released in a minor version. As a consumer of community cookbooks I use the version numbering in my decision for how much scrutiny and testing to give to a release therefore it would be good if all releases followed semver.

The cookbook doesn't support different rsyslog package name other than "rsyslog", on Red Hat 5 and 6 you can choose different rsyslog versions (on main update repo) like "rsyslog" or "rsyslog7". So if you have different version https://github.com/chef-cookbooks/rsyslog/blob/master/recipes/client.rb will fail on install part. So I think cookbook should needs an attribute with package name.

Need ability to add server ip address over attributes for using recipe with chef-client --local-mode

Cookbook version

6.0.7

Chef-client version

14.10.9

Platform Details

CentOS 7

Scenario:

/etc/rsyslog.conf :

$DirOwner adm
$DirGroup adm

This doesn't match how the files are installed, however:

# rpm -qf /etc/rsyslog.conf --dump | grep /etc/rsyslog.conf
/etc/rsyslog.conf 3232 1540910955 452bf7d5aca09e7a24c303c5b33f8402c2c76893ed1f1bbbb9314f399f71c2bd 0100644 root root 1 0 0 X

(the second 'root' is the group)

RHELs typically chgrp everything as root in that tree.

Steps to Reproduce:

1. rhel7
2. use cookbook
3. observe files changing group-ownership from stock install

Expected Result:

(up to date)

Actual Result:

Files are chgrped as adm.