From 9e29f678d8a7c3f0433b7c71e143aa7532bf95d2 Mon Sep 17 00:00:00 2001 From: Ralf Heiringhoff Date: Tue, 28 Aug 2012 12:04:37 +0200 Subject: added Red Hat, CentOS, Fedora support; File/Dir permissions now in params.pp --- files/rsyslog_default | 4 ++++ manifests/params.pp | 25 +++++++++++++++++++++++++ templates/client.conf.erb | 31 +++++++++++++++++++++++++++++++ templates/rsyslog.conf.erb | 4 ++-- 4 files changed, 62 insertions(+), 2 deletions(-) diff --git a/files/rsyslog_default b/files/rsyslog_default index cba14e8..1f11cd3 100644 --- a/files/rsyslog_default +++ b/files/rsyslog_default @@ -1,3 +1,7 @@ # File is managed by puppet +# Debian, Ubuntu RSYSLOGD_OPTIONS="-c4" + +# CentOS, RedHat, Fedora +SYSLOGD_OPTIONS="${RSYSLOGD_OPTIONS}" diff --git a/manifests/params.pp b/manifests/params.pp index 37c40ce..e2024c2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -11,11 +11,33 @@ class rsyslog::params { $run_group = 'root' $log_user = 'root' $log_group = 'adm' + $log_style = 'debian' + $perm_file = '0640' + $perm_dir = '0755' $spool_dir = '/var/spool/rsyslog/' $service_name = 'rsyslog' $client_conf = "${rsyslog_d}client.conf" $server_conf = "${rsyslog_d}server.conf" } + redhat, centos, fedora: { + $rsyslog_package_name = 'rsyslog' + $relp_package_name = 'rsyslog-relp' + $package_status = 'latest' + $rsyslog_d = '/etc/rsyslog.d/' + $rsyslog_conf = '/etc/rsyslog.conf' + $rsyslog_default = '/etc/sysconfig/rsyslog' + $run_user = 'root' + $run_group = 'root' + $log_user = 'root' + $log_group = 'root' + $log_style = 'redhat' + $perm_file = '0600' + $perm_dir = '0750' + $spool_dir = '/var/lib/rsyslog/' + $service_name = 'rsyslog' + $client_conf = "${rsyslog_d}client.conf" + $server_conf = "${rsyslog_d}server.conf" + } freebsd: { $rsyslog_package_name = 'rsyslog5' $relp_package_name = 'rsyslog5-relp' @@ -27,6 +49,9 @@ class rsyslog::params { $run_group = 'wheel' $log_user = 'root' $log_group = 'wheel' + $log_style = 'debian' + $perm_file = '0640' + $perm_dir = '0755' $spool_dir = '/var/spool/syslog/' $service_name = 'syslogd' $client_conf = "${rsyslog_d}client.conf" diff --git a/templates/client.conf.erb b/templates/client.conf.erb index 67f8274..ffe5a8d 100644 --- a/templates/client.conf.erb +++ b/templates/client.conf.erb @@ -21,11 +21,17 @@ $ActionResumeRetryCount -1 # infinety retries if host is down # We log locally, restore to default format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat +<% if scope.lookupvar('rsyslog::client::log_style') == 'debian' -%> # Log auth messages locally auth,authpriv.* /var/log/auth.log +<% elsif scope.lookupvar('rsyslog::client::log_style') == 'redhat' -%> +# Log auth messages locally +auth,authpriv.* /var/log/secure +<% end -%> <% end -%> <% if scope.lookupvar('rsyslog::client::log_local') -%> +<% if scope.lookupvar('rsyslog::client::log_os_style') == 'debian' -%> # First some standard log files. Log by facility. # *.*;auth,authpriv.none -/var/log/syslog @@ -83,4 +89,29 @@ daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole +<% elsif scope.lookupvar('rsyslog::client::log_os_style') == 'redhat' -%> +# Log all kernel messages to the console. +# Logging much else clutters up the screen. +#kern.* /dev/console + +# Log anything (except mail) of level info or higher. +# Don't log private authentication messages! +*.info;mail.none;authpriv.none;cron.none /var/log/messages + +# Log all the mail messages in one place. +mail.* -/var/log/maillog + + +# Log cron stuff +cron.* /var/log/cron + +# Everybody gets emergency messages +*.emerg * + +# Save news errors of level crit and higher in a special file. +uucp,news.crit -/var/log/spooler + +# Save boot messages also to boot.log +local7.* -/var/log/boot.log +<% end -%> <% end -%> diff --git a/templates/rsyslog.conf.erb b/templates/rsyslog.conf.erb index 12f85c3..dd7e259 100644 --- a/templates/rsyslog.conf.erb +++ b/templates/rsyslog.conf.erb @@ -17,8 +17,8 @@ $ModLoad imklog # provides kernel logging support (previously done by rklogd) # $FileOwner <%= scope.lookupvar('rsyslog::params::log_user') %> $FileGroup <%= scope.lookupvar('rsyslog::params::log_group') %> -$FileCreateMode 0640 -$DirCreateMode 0755 +$FileCreateMode <%= scope.lookupvar('rsyslog::params::perm_file') %> +$DirCreateMode <%= scope.lookupvar('rsyslog::params::perm_dir') %> $PrivDropToUser <%= scope.lookupvar('rsyslog::params::run_user') %> $PrivDropToGroup <%= scope.lookupvar('rsyslog::params::run_group') %> -- cgit v1.2.3 From 0e49547a0d03108019299b152a9a082df1254efc Mon Sep 17 00:00:00 2001 From: Ralf Heiringhoff Date: Tue, 4 Sep 2012 15:37:36 +0200 Subject: corrected typo --- templates/client.conf.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/client.conf.erb b/templates/client.conf.erb index ffe5a8d..89cf1e8 100644 --- a/templates/client.conf.erb +++ b/templates/client.conf.erb @@ -31,7 +31,7 @@ auth,authpriv.* /var/log/secure <% end -%> <% if scope.lookupvar('rsyslog::client::log_local') -%> -<% if scope.lookupvar('rsyslog::client::log_os_style') == 'debian' -%> +<% if scope.lookupvar('rsyslog::client::log_style') == 'debian' -%> # First some standard log files. Log by facility. # *.*;auth,authpriv.none -/var/log/syslog @@ -89,7 +89,7 @@ daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole -<% elsif scope.lookupvar('rsyslog::client::log_os_style') == 'redhat' -%> +<% elsif scope.lookupvar('rsyslog::client::log_style') == 'redhat' -%> # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console -- cgit v1.2.3 From e8798d0454319c8b606aaf25adc2f5451f5637ae Mon Sep 17 00:00:00 2001 From: Ralf Heiringhoff Date: Wed, 5 Sep 2012 11:00:45 +0200 Subject: doh!, typo fix #2 --- templates/client.conf.erb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/client.conf.erb b/templates/client.conf.erb index 89cf1e8..da15f2c 100644 --- a/templates/client.conf.erb +++ b/templates/client.conf.erb @@ -21,17 +21,17 @@ $ActionResumeRetryCount -1 # infinety retries if host is down # We log locally, restore to default format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat -<% if scope.lookupvar('rsyslog::client::log_style') == 'debian' -%> +<% if scope.lookupvar('rsyslog::params::log_style') == 'debian' -%> # Log auth messages locally auth,authpriv.* /var/log/auth.log -<% elsif scope.lookupvar('rsyslog::client::log_style') == 'redhat' -%> +<% elsif scope.lookupvar('rsyslog::params::log_style') == 'redhat' -%> # Log auth messages locally auth,authpriv.* /var/log/secure <% end -%> <% end -%> <% if scope.lookupvar('rsyslog::client::log_local') -%> -<% if scope.lookupvar('rsyslog::client::log_style') == 'debian' -%> +<% if scope.lookupvar('rsyslog::params::log_style') == 'debian' -%> # First some standard log files. Log by facility. # *.*;auth,authpriv.none -/var/log/syslog @@ -89,7 +89,7 @@ daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole -<% elsif scope.lookupvar('rsyslog::client::log_style') == 'redhat' -%> +<% elsif scope.lookupvar('rsyslog::params::log_style') == 'redhat' -%> # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console -- cgit v1.2.3