Re: [rsyslog] rsyslog v8.6.0 pid fails to write
This looks like a permission problem. The default Ubuntu config drops privileges, but /var/run seems to be writable by root only. As part of the startup processing improvement, we moved writing the pid file down to when we actually know the system could start up. This interferes with settings on Ubuntu. I'll check on other platforms as well. Rainer 2014-12-02 8:48 GMT+01:00 Rainer Gerhards rgerha...@hq.adiscon.com: Thanks for the bug report. I have created a tracker for it: https://github.com/rsyslog/rsyslog/issues/169 If possible, it would be great if you could subscribe to it. Rainer 2014-12-02 3:19 GMT+01:00 Myles Steinhauser myles.steinhau...@gmail.com: Installed via Adiscon PPA running on Ubuntu 12.04.5. Using the default rsyslog config provided by Ubuntu or our own configs for a second logger we use for following application logs, both fail to startup via Upstart or running manually. The error output is: rsyslogd: error writing pid file rsyslogd: run failed with error -3000 (see rsyslog.h or try http://www.rsyslog.com/e/3000 to learn what that number means) More debug logging with the full command to (hopefully) reproduce is available here: https://gist.github.com/masteinhauser/e7abcf594d77de64544c Please let me know what other information or steps I can try to debug as I am unable to figure out the next step troubleshooting. Best, -Myles ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] Pull request for tokenized and regex field types
Does it look ok? On Tue, Nov 25, 2014 at 5:50 PM, singh.janmejay singh.janme...@gmail.com wrote: Hi, These patch-sets complete tokenized field-type and regex field-type support + the rscript side features required for effective use of json-arrays in rulesets. Some other changes include fixes for memory-leak and invalid memory access in liblognorm in non-happy-path flows + testing-setup for liblognorm (with optional and transparent valgrind support). Summary: - tokenized field-type (integration-tests with rsyslog, documentation etc) - regex support (tests, integration-tests, documentation) - memory access/leak bug fixes - testing env setup for liblognorm - rscript support for json-array subscripting and 'foreach' loop - rscript support for 'reset' statement, which as opposed to 'set' always overwrites old value, regardless of the type) - dedicated page for rscript control-structures - detailed documentation around behaviour of rscript 'set', 'unset' and 'reset' The patch-sets go in the following order: https://github.com/rsyslog/liblognorm/pull/9 https://github.com/rsyslog/rsyslog/pull/149 https://github.com/rsyslog/rsyslog-doc/pull/98 -- Regards, Janmejay http://codehunk.wordpress.com -- Regards, Janmejay http://codehunk.wordpress.com ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] new version scheme
2014-12-02 0:41 GMT+01:00 David Lang da...@lang.hm: On Mon, 1 Dec 2014, Matt Coleman wrote: well, we don't intend to make backwards incompatible changes :-) What noble intentions... The only backwards incompatible changes that I know of that we've deliberatly made since I started using rsyslog in the 3.x days is the dropping of the BSD config language and the changes to the module interface for 8.x as such we will be on 8.100 in a few years What's wrong with that? Numbers have this great feature: they can be as big as we need! Besides, the same concern applies to 6 week incrementing plan, it would just take quite a few years. :) people (and systems) have some trouble with the idea that 1.100.1 is larger than 1.9.1. Since it's not a simple number they do an alpha sort and get the wrong answer. That said, I think such systems are broken and people should learn, so I don't have a problem with the minor number being large. Unless we take the Linus approach and say that when the minor number gets uncomfortably large we increment the major to reset it. This undermines the main benefit of Semantic Versioning: I know this version of the dependency will break my software. I don't think that semantic versioning is really that useful. There are far more cases where bugs caus incompatibility than deliberate incompatibilities. Or looking at it another way, if there are backwards incompatible changes, how many do there need to be to cause a major version change? If there are backwards incompatible changes in a release cycle, that cycle's version number has the major version incremented (not once per backwards-incompatible change). if there are 5 features out of 1000 dropped over a few release cycles, should that cause the major version to jump by 5, especially if they are minor features If those 5 features were dropped over 5 release cycles, then there would be 5 major version increases. Minor features may be minor in your usage, yet core to someone else's work. No one seems to have a problem with Chrome's major version being 39 (or Firefox's 34). The problem with changing the major number is that for some reason, distro maintainers are terrified of new major numbers, no matter what the reason, and will frequently stick with old major numbers for a long time. See how rsyslog 4.x and 6.x were basically skipped by the distros entirely, and 7,x came within a couple months of being skipped as well (8.x was very near it's stable release when the first distros shipped a 7.x version) I think this (unfortunately) is not just a technical discussion. Technically, I agree for the most part with Matt. I don't agree any minor change must bumb the major version, e.g. I am about to remove a command line option (-u) that more or less nobody used but me, so does that really justify moving to v9? If thinking purely technical, the right answer may be yes. But, as David said, there are a lot of human/political implications with version numbers. I started by doing major number increments when kind of compatibility issues occurred (but less strictly given than you state). The end result is what David explains: it was exceptionally hard to get distros pick up those releases. So IMHO and IME (!) the major version number is primarily a political tool. Actually, I intend to keep v8 for quite a while from now on. If we are honest, we could even agree that the simple one-number version number being incremented that systemd is doing is exactly the right thing to today's environment (esepcially politically). And looking a bit deeper, this is more or less what rsyslog will also use from now on, almost all future releases will be 8.x.0 where x is a single incrementing number, based on time. Note that Ubuntus YY.MM version scheme is also exactly following the same metaphor, just hidden in a diffrent way. IME this actually is what people want, no matter how bad it technically is. But it's probably very policitcally incorrect to state it that bluntly ;) Rainer ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] Could not activate RELP Listener, code 10046
Hi Sir, I build librelp 1.2.7 with --enable-tls and --disable-tls but no to avail. Problem is there. What is the recommended way for buillding librelp. Certificates which i have generated are according to the way mention on link http://www.rsyslog.com/using-tls-with-relp/ . I have also updated to rsyslog v8.6. On Sat, Nov 29, 2014 at 1:43 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: You need to build librelp from source so that it can use the new gnutls functionality. Sent from phone, thus brief. Am 29.11.2014 07:21 schrieb Muhammad Asif masifpa...@gmail.com: Hi Rainer, May I have installed udated gnutls but issue is still there. Can you guide at what place i have to mention TLS in anonymous mode. I want TLS on RELP. so please guid me accordingly. On Fri, Nov 21, 2014 at 1:49 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: FYI: I have also improved the error message, so that it now more precisely tells what is going on. Rainer 2014-11-21 9:36 GMT+01:00 Rainer Gerhards rgerha...@hq.adiscon.com: 2014-11-21 6:55 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Geeks, I have installed rsyslog 8.4 and rsyslog-relp in Centos 6.5. I want to use TLS on RELP between remote server and client machine. Here is my configuration. module(load=imuxsock) module(load=imrelp ruleset=relp) input(type=imrelp port=10514 tls=on tls.caCert=/etc/rsyslog.d/cert/cacert.pem tls.myCert=/etc/rsyslog.d/cert/bloggercert.pem tls.myPrivKey=/etc/rsyslog.d/cert/bloggerkey.pem tls.authMode=name tls.permittedpeer=[172.20.16.22,172.20.16.25] ) ruleset (name=relp) { action(type=omfile file=/var/log/relp_log) } When I restart the service, i receive log in message file as Nov 21 10:48:32 blogger rsyslogd-2291: imrelp: could not activate relp listner, code 10046 [try http://www.rsyslog.com/e/2291 ] I have just checked the code. It means that the platform does not provide TLS auth support. In general, this means that GnuTLS is too old. I remember this is the case for Centos 6.5. You should be able to use TLS in anonymous mode. While this does not guard against man-in-the-middle attacks, it at least keeps message flow encrypted. The alternate solution is to install a current version of GnuTLS on that system and rebuild librelp from source. Rainer What problem can be. Please guide me in this regard. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] ppa and older versions left for downgrading.
I have not seen anywhere one can enable archives. Someone on irc pointed out though that all the old file appear to be at the following link. http://ppa.launchpad.net/adiscon/v8-stable/ubuntu/pool/main/r/rsyslog/ On Tue, Dec 2, 2014 at 7:10 AM, Andre Lorbach alorb...@adiscon.com wrote: I researched if mirroring ppa's is possible, but it seems like it is not. There is some kind of sftp access but it does not work. RSync is not enabled as well. So the only thing left would be to grab the stuff by http and copy it manually. Alternative does somebody know if we can enable archives in the ppa somehow? This would solve at least the downgrade issue. Best regards, Andre Lorbach -Original Message- From: rsyslog-boun...@lists.adiscon.com [mailto:rsyslog- boun...@lists.adiscon.com] On Behalf Of David Lang Sent: Monday, December 01, 2014 10:50 PM To: rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. This sounds like we really are going to end up with the equivalent of the old adiscon repo in addition to the PPA repo. David Lang On Mon, 1 Dec 2014, Rainer Gerhards wrote: Sounds good, I'll check with them tomorrow. Sent from phone, thus brief. Am 01.12.2014 22:27 schrieb Todd Mortensen tmorten...@gmail.com: After checking further into it, they are correct. It looks like ppa's don't archive older version like the main ubuntu repo would. It is unfortunate they do it like that. Would it be a lot of work to provide the older deb's on this page. http://www.rsyslog.com/downloads/download-other/ Todd On Mon, Dec 1, 2014 at 1:13 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: IIRC my packing folks told me they are automatically overwritten. If you can tell them what they need to change, I am sure they will do. Rainer Sent from phone, thus brief. Am 01.12.2014 21:56 schrieb Todd Mortensen tmorten...@gmail.com: Someone posted on the IRC channel had some issues after the upgrade to 8.6.0 and wanted to downgrade to what they have installed prior to the upgrade. Can some of the older versions be left around so people may downgrade if needed? Currently someone would have to go find an old .deb file to downgrade vs using something like apt-get install rsyslog=8.4.2 You can also see all the versions available via, apt-cache policy rsyslog Thanks, Todd ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] ppa and older versions left for downgrading.
Yes I also saw that the latest version of each minor version we created is still present on the webserver. I am wondering why it can't be found in the package index. Best regards, Andre -Original Message- From: Todd Mortensen [mailto:tmorten...@gmail.com] Sent: Tuesday, December 02, 2014 5:21 PM To: alorb...@adiscon.com; rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. I have not seen anywhere one can enable archives. Someone on irc pointed out though that all the old file appear to be at the following link. http://ppa.launchpad.net/adiscon/v8-stable/ubuntu/pool/main/r/rsyslog/ On Tue, Dec 2, 2014 at 7:10 AM, Andre Lorbach alorb...@adiscon.com wrote: I researched if mirroring ppa's is possible, but it seems like it is not. There is some kind of sftp access but it does not work. RSync is not enabled as well. So the only thing left would be to grab the stuff by http and copy it manually. Alternative does somebody know if we can enable archives in the ppa somehow? This would solve at least the downgrade issue. Best regards, Andre Lorbach -Original Message- From: rsyslog-boun...@lists.adiscon.com [mailto:rsyslog- boun...@lists.adiscon.com] On Behalf Of David Lang Sent: Monday, December 01, 2014 10:50 PM To: rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. This sounds like we really are going to end up with the equivalent of the old adiscon repo in addition to the PPA repo. David Lang On Mon, 1 Dec 2014, Rainer Gerhards wrote: Sounds good, I'll check with them tomorrow. Sent from phone, thus brief. Am 01.12.2014 22:27 schrieb Todd Mortensen tmorten...@gmail.com: After checking further into it, they are correct. It looks like ppa's don't archive older version like the main ubuntu repo would. It is unfortunate they do it like that. Would it be a lot of work to provide the older deb's on this page. http://www.rsyslog.com/downloads/download-other/ Todd On Mon, Dec 1, 2014 at 1:13 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: IIRC my packing folks told me they are automatically overwritten. If you can tell them what they need to change, I am sure they will do. Rainer Sent from phone, thus brief. Am 01.12.2014 21:56 schrieb Todd Mortensen tmorten...@gmail.com: Someone posted on the IRC channel had some issues after the upgrade to 8.6.0 and wanted to downgrade to what they have installed prior to the upgrade. Can some of the older versions be left around so people may downgrade if needed? Currently someone would have to go find an old .deb file to downgrade vs using something like apt-get install rsyslog=8.4.2 You can also see all the versions available via, apt-cache policy rsyslog Thanks, Todd ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
[rsyslog] rsyslog 8.6.0 (v8-stable) released
Hi all, We have released rsyslog 8.6.0. This is the first stable release under a new release cycle and versioning scheme. This new scheme is important news in itself. For more details, please have a look here: http://www.rsyslog.com/rsyslogs-new-release-cycle-and-versioning-scheme/ Version 8.6.0 contains important new features like the ability to monitor files via wildcards in imfile. It also contains new, experimental zero message queue modules (special thanks to team member Brian Knox), improvements to RainerScript and mmnormalize (thanks to Singh Janmejay) and a couple of other improvements. This release also contains important bug fixes. This is a recommended upgrade for all users. ChangeLog: http://www.rsyslog.com/changelog-for-8-6-0-v8-stable/ Download: http://www.rsyslog.com/downloads/download-v8-stable/ As always, feedback is appreciated. Best regards, Florian Riedl ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] ppa and older versions left for downgrading.
2014-12-02 17:20 GMT+01:00 Todd Mortensen tmorten...@gmail.com: I have not seen anywhere one can enable archives. Someone on irc pointed out though that all the old file appear to be at the following link. http://ppa.launchpad.net/adiscon/v8-stable/ubuntu/pool/main/r/rsyslog/ so this seems to solve the root issue (at least in a way), doesn't it? Rainer On Tue, Dec 2, 2014 at 7:10 AM, Andre Lorbach alorb...@adiscon.com wrote: I researched if mirroring ppa's is possible, but it seems like it is not. There is some kind of sftp access but it does not work. RSync is not enabled as well. So the only thing left would be to grab the stuff by http and copy it manually. Alternative does somebody know if we can enable archives in the ppa somehow? This would solve at least the downgrade issue. Best regards, Andre Lorbach -Original Message- From: rsyslog-boun...@lists.adiscon.com [mailto:rsyslog- boun...@lists.adiscon.com] On Behalf Of David Lang Sent: Monday, December 01, 2014 10:50 PM To: rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. This sounds like we really are going to end up with the equivalent of the old adiscon repo in addition to the PPA repo. David Lang On Mon, 1 Dec 2014, Rainer Gerhards wrote: Sounds good, I'll check with them tomorrow. Sent from phone, thus brief. Am 01.12.2014 22:27 schrieb Todd Mortensen tmorten...@gmail.com: After checking further into it, they are correct. It looks like ppa's don't archive older version like the main ubuntu repo would. It is unfortunate they do it like that. Would it be a lot of work to provide the older deb's on this page. http://www.rsyslog.com/downloads/download-other/ Todd On Mon, Dec 1, 2014 at 1:13 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: IIRC my packing folks told me they are automatically overwritten. If you can tell them what they need to change, I am sure they will do. Rainer Sent from phone, thus brief. Am 01.12.2014 21:56 schrieb Todd Mortensen tmorten...@gmail.com: Someone posted on the IRC channel had some issues after the upgrade to 8.6.0 and wanted to downgrade to what they have installed prior to the upgrade. Can some of the older versions be left around so people may downgrade if needed? Currently someone would have to go find an old .deb file to downgrade vs using something like apt-get install rsyslog=8.4.2 You can also see all the versions available via, apt-cache policy rsyslog Thanks, Todd ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog
Re: [rsyslog] Could not activate RELP Listener, code 10046
2014-12-02 15:15 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Sir, I build librelp 1.2.7 with --enable-tls and --disable-tls but no to avail. Problem is there. What is the recommended way for buillding librelp. I would expect that the problem is that GnuTLS is not properly detected. Can you post (probably via a github gist or pastbin or...) a copy of your config.log after the librelp ./configure --enable-tls run. Rainer Certificates which i have generated are according to the way mention on link http://www.rsyslog.com/using-tls-with-relp/ . I have also updated to rsyslog v8.6. On Sat, Nov 29, 2014 at 1:43 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: You need to build librelp from source so that it can use the new gnutls functionality. Sent from phone, thus brief. Am 29.11.2014 07:21 schrieb Muhammad Asif masifpa...@gmail.com: Hi Rainer, May I have installed udated gnutls but issue is still there. Can you guide at what place i have to mention TLS in anonymous mode. I want TLS on RELP. so please guid me accordingly. On Fri, Nov 21, 2014 at 1:49 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: FYI: I have also improved the error message, so that it now more precisely tells what is going on. Rainer 2014-11-21 9:36 GMT+01:00 Rainer Gerhards rgerha...@hq.adiscon.com : 2014-11-21 6:55 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Geeks, I have installed rsyslog 8.4 and rsyslog-relp in Centos 6.5. I want to use TLS on RELP between remote server and client machine. Here is my configuration. module(load=imuxsock) module(load=imrelp ruleset=relp) input(type=imrelp port=10514 tls=on tls.caCert=/etc/rsyslog.d/cert/cacert.pem tls.myCert=/etc/rsyslog.d/cert/bloggercert.pem tls.myPrivKey=/etc/rsyslog.d/cert/bloggerkey.pem tls.authMode=name tls.permittedpeer=[172.20.16.22,172.20.16.25] ) ruleset (name=relp) { action(type=omfile file=/var/log/relp_log) } When I restart the service, i receive log in message file as Nov 21 10:48:32 blogger rsyslogd-2291: imrelp: could not activate relp listner, code 10046 [try http://www.rsyslog.com/e/2291 ] I have just checked the code. It means that the platform does not provide TLS auth support. In general, this means that GnuTLS is too old. I remember this is the case for Centos 6.5. You should be able to use TLS in anonymous mode. While this does not guard against man-in-the-middle attacks, it at least keeps message flow encrypted. The alternate solution is to install a current version of GnuTLS on that system and rebuild librelp from source. Rainer What problem can be. Please guide me in this regard. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] ppa and older versions left for downgrading.
Indeed, the lowest level of problem of not having the binaries is solved by leaving them in the repo. This is what I am using to move the binaries into our own internal repo. We would greatly prefer if the previous versions could also be in the PPA's package listing, this would allow for specifying an installation of a specific version. Currently, if we specify a version of rsyslog to be installed via Ansible, when the new package is release all new Ansible runs will fail. This is because we were, correctly or not, relying on the PPA still listing these versions. Unfortunately, I do not know how to do this but am researching it as I believe it would help many others besides myself. Best, -Myles On Tue Dec 02 2014 at 12:34:53 PM Rainer Gerhards [via rsyslog-users] ml-node+s1305293n7587093...@n2.nabble.com wrote: 2014-12-02 17:20 GMT+01:00 Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=0: I have not seen anywhere one can enable archives. Someone on irc pointed out though that all the old file appear to be at the following link. http://ppa.launchpad.net/adiscon/v8-stable/ubuntu/pool/main/r/rsyslog/ so this seems to solve the root issue (at least in a way), doesn't it? Rainer On Tue, Dec 2, 2014 at 7:10 AM, Andre Lorbach [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=1 wrote: I researched if mirroring ppa's is possible, but it seems like it is not. There is some kind of sftp access but it does not work. RSync is not enabled as well. So the only thing left would be to grab the stuff by http and copy it manually. Alternative does somebody know if we can enable archives in the ppa somehow? This would solve at least the downgrade issue. Best regards, Andre Lorbach -Original Message- From: [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=2 [mailto:rsyslog- [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=3] On Behalf Of David Lang Sent: Monday, December 01, 2014 10:50 PM To: rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. This sounds like we really are going to end up with the equivalent of the old adiscon repo in addition to the PPA repo. David Lang On Mon, 1 Dec 2014, Rainer Gerhards wrote: Sounds good, I'll check with them tomorrow. Sent from phone, thus brief. Am 01.12.2014 22:27 schrieb Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=4: After checking further into it, they are correct. It looks like ppa's don't archive older version like the main ubuntu repo would. It is unfortunate they do it like that. Would it be a lot of work to provide the older deb's on this page. http://www.rsyslog.com/downloads/download-other/ Todd On Mon, Dec 1, 2014 at 1:13 PM, Rainer Gerhards [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=5 wrote: IIRC my packing folks told me they are automatically overwritten. If you can tell them what they need to change, I am sure they will do. Rainer Sent from phone, thus brief. Am 01.12.2014 21:56 schrieb Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=6: Someone posted on the IRC channel had some issues after the upgrade to 8.6.0 and wanted to downgrade to what they have installed prior to the upgrade. Can some of the older versions be left around so people may downgrade if needed? Currently someone would have to go find an old .deb file to downgrade vs using something like apt-get install rsyslog=8.4.2 You can also see all the versions available via, apt-cache policy rsyslog Thanks, Todd ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog
[rsyslog] cee json + mmsequence
We have a case where we are receiving messages in @cee: format, and would like to add a sequence variable generated via mmsequence to the message. Before I spend too much time digging into this I wanted to ask if, using some template hackery and json subtrees, this is something that sounds possible - and if maybe someone else was already doing it. Thanks! Brian ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] cee json + mmsequence
The other option we're discussing is using a template on a ruleset that is guaranteed to contain only @cee formatted messages, and using some trickery with a list template and position.relativetoend to chop the message so we can inject the json attribute via a constant / property pair - but we wanted to see if there was a cleaner way of doing it first! Brian On Tue, Dec 2, 2014 at 3:59 PM, Brian Knox bk...@digitalocean.com wrote: We have a case where we are receiving messages in @cee: format, and would like to add a sequence variable generated via mmsequence to the message. Before I spend too much time digging into this I wanted to ask if, using some template hackery and json subtrees, this is something that sounds possible - and if maybe someone else was already doing it. Thanks! Brian ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] cee json + mmsequence
if you run mmjsonparse on the message it will populate $! variables. Then you can just add whatever variables you want to the tree and when you output $! in a template it will output all the variables (including yours) in JSON. David Lang On Tue, 2 Dec 2014, Brian Knox wrote: The other option we're discussing is using a template on a ruleset that is guaranteed to contain only @cee formatted messages, and using some trickery with a list template and position.relativetoend to chop the message so we can inject the json attribute via a constant / property pair - but we wanted to see if there was a cleaner way of doing it first! Brian On Tue, Dec 2, 2014 at 3:59 PM, Brian Knox bk...@digitalocean.com wrote: We have a case where we are receiving messages in @cee: format, and would like to add a sequence variable generated via mmsequence to the message. Before I spend too much time digging into this I wanted to ask if, using some template hackery and json subtrees, this is something that sounds possible - and if maybe someone else was already doing it. Thanks! Brian ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] Could not activate RELP Listener, code 10046
Dear Sir, Please have a look on config.log produced by running ./configure --enable-tls . Thanks On Tue, Dec 2, 2014 at 10:36 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: 2014-12-02 15:15 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Sir, I build librelp 1.2.7 with --enable-tls and --disable-tls but no to avail. Problem is there. What is the recommended way for buillding librelp. I would expect that the problem is that GnuTLS is not properly detected. Can you post (probably via a github gist or pastbin or...) a copy of your config.log after the librelp ./configure --enable-tls run. Rainer Certificates which i have generated are according to the way mention on link http://www.rsyslog.com/using-tls-with-relp/ . I have also updated to rsyslog v8.6. On Sat, Nov 29, 2014 at 1:43 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: You need to build librelp from source so that it can use the new gnutls functionality. Sent from phone, thus brief. Am 29.11.2014 07:21 schrieb Muhammad Asif masifpa...@gmail.com: Hi Rainer, May I have installed udated gnutls but issue is still there. Can you guide at what place i have to mention TLS in anonymous mode. I want TLS on RELP. so please guid me accordingly. On Fri, Nov 21, 2014 at 1:49 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: FYI: I have also improved the error message, so that it now more precisely tells what is going on. Rainer 2014-11-21 9:36 GMT+01:00 Rainer Gerhards rgerha...@hq.adiscon.com : 2014-11-21 6:55 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Geeks, I have installed rsyslog 8.4 and rsyslog-relp in Centos 6.5. I want to use TLS on RELP between remote server and client machine. Here is my configuration. module(load=imuxsock) module(load=imrelp ruleset=relp) input(type=imrelp port=10514 tls=on tls.caCert=/etc/rsyslog.d/cert/cacert.pem tls.myCert=/etc/rsyslog.d/cert/bloggercert.pem tls.myPrivKey=/etc/rsyslog.d/cert/bloggerkey.pem tls.authMode=name tls.permittedpeer=[172.20.16.22,172.20.16.25] ) ruleset (name=relp) { action(type=omfile file=/var/log/relp_log) } When I restart the service, i receive log in message file as Nov 21 10:48:32 blogger rsyslogd-2291: imrelp: could not activate relp listner, code 10046 [try http://www.rsyslog.com/e/2291 ] I have just checked the code. It means that the platform does not provide TLS auth support. In general, this means that GnuTLS is too old. I remember this is the case for Centos 6.5. You should be able to use TLS in anonymous mode. While this does not guard against man-in-the-middle attacks, it at least keeps message flow encrypted. The alternate solution is to install a current version of GnuTLS on that system and rebuild librelp from source. Rainer What problem can be. Please guide me in this regard. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___
Re: [rsyslog] Could not activate RELP Listener, code 10046
I'm assuming that there was supposed to be an attachment that the list filtered out. Either send it to Rainer directly or put it on pastebin or something like that. David Lang On Wed, 3 Dec 2014, Muhammad Asif wrote: Dear Sir, Please have a look on config.log produced by running ./configure --enable-tls . Thanks On Tue, Dec 2, 2014 at 10:36 PM, Rainer Gerhards rgerha...@hq.adiscon.com wrote: 2014-12-02 15:15 GMT+01:00 Muhammad Asif masifpa...@gmail.com: Hi Sir, I build librelp 1.2.7 with --enable-tls and --disable-tls but no to avail. Problem is there. What is the recommended way for buillding librelp. I would expect that the problem is that GnuTLS is not properly detected. Can you post (probably via a github gist or pastbin or...) a copy of your config.log after the librelp ./configure --enable-tls run. Rainer ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] Question on DoDie
I have had now time to check the ChangeLog. There was a fix when imudp prevented shutdown. This is now part of 8.6.0. I could very well address what you describe. HTH Rainer 2014-12-02 23:04 GMT+01:00 Kendall Green kendallar...@gmail.com: To specifically answer the question, Are you saying that DebugOnDemand must be set for rsyslog to work properly? or that you are only trying to start it with that set? We've tried both service rsyslog start and /etc/init.d/rsyslog start, which rsyslog will appear to run properly, however shutdown does not work properly unless is started with /etc/init.d/rsyslog start while debug on demand env is set. Thus if started services from the init.d then execute service rsyslog restart, the system would appear to shutdown and startup properly, but the next stop action would fail to report in /var/log/messages as restart from 'service' script has same issue as the 'start' function. So Yes, debug on demand must be set then run by /etc/init.d/rsyslog start and restart, or the stop process is latent and without logging. Thank you for your help in isolating this obscure issue with rsyslog running on VMware instances with RHEL6.5. On Mon, Dec 1, 2014 at 6:17 PM, Kendall Green kendallar...@gmail.com wrote: In order for rsyslog to start/restart properly on VMware, the set env with export RSYSLOG_DEBUG=DebugOnDemand and directly execute /etc/init.d/rsyslog start, no special debug options, and if restart from service script it will fail to stop properly with exit status in /var/log/messages. When comparing ps -eZ |grep rsyslog, on physical server, kernel prefix the output, but the VM displays only a hyphen, '-' preceding pid information that is otherwise the same. Does this solution apply concerning vmware kdump: and the necessity for the debug variable? https://access.redhat.com/solutions/260003 So, VMware instance of RHEL6.5, rsyslog ps -eZ process does not appear to be owned by 'kernel', start/restart will display stop/exit status in /var/log/messages when /etc/init.d/rsyslog start is executed from root directly with debug on demand set. Is debug setting at all related to that rh solution?: - When hot-adding memory to a Red Hat Enterprise Linux system running in a vmware environment, the system may attempt to reload the kdump kernel and regenerate a new kdump initrd. On Mon, Dec 1, 2014 at 5:36 PM, David Lang da...@lang.hm wrote: If SELinux is disabled, you should be able to see any differences in how rsyslog is started by looking at the resulting command line with ps (or thorugh /proc) There has to be something different about the way they are being started if one works and the other doesn't. Are you saying that DebugOnDemand must be set for rsyslog to work properly? or that you are only trying to start it with that set? David Lang On Mon, 1 Dec 2014, Kendall Green wrote: Date: Mon, 1 Dec 2014 17:30:26 -0700 From: Kendall Green kendallar...@gmail.com Reply-To: rsyslog-users rsyslog@lists.adiscon.com To: rsyslog-users rsyslog@lists.adiscon.com Subject: Re: [rsyslog] Question on DoDie Verified SELinux is disabled on both VMware instance and baremetal installs, and no systemd, only the traditional service init functions. There doesn't appear to be any differences between the scripts: /etc/init.d/rsyslog and the /etc/rc.d/rc#.d/S12rsyslog There appears to be something ''unknown'' happening on vmware instance for service init, which could relate to the udev rules, kdump, being different from baremetal, or another aspect which makes a difference when setting DebugOnDemand and starting from /etc/init.d/rsyslog instead of service rsyslog start. Both methods of starting the rsyslog service appears to work, but will not stop and restart properly. However stop/start/restart will succeed consecutively, only when started by '/etc/init.d/rsyslog start' while DebugOnDemand value set for rsyslog debug env. Since it is consistently, only a problem on systems that are VMs on 8.2.2 and now 8.4.2, even with RHEL6.2 recently upgraded to RHEL6.5 and issue persists. Anyone have an answer to more specific difference between init.d/rsyslog start and service rsyslog start on RHEL6.x? Thanks! On Mon, Dec 1, 2014 at 2:36 PM, David Lang da...@lang.hm wrote: This sounds like it's more likely a problem with the service scripts/systemd config than with rsyslog itself. what is different between /etc/init.d/rsyslog start and service rsyslog start? is the command line any different? or are they started with different SELinux settings? David Lang On Mon, 1 Dec 2014, Kendall Green wrote: I have encountered similar issue which is repeatable when running RHEL6 on VMware instances, with RSyslog 8.4.2.ad1, where shutdown takes a very long time and does not report the exit signal to
Re: [rsyslog] ppa and older versions left for downgrading.
2014-12-02 19:53 GMT+01:00 masteinhauser myles.steinhau...@gmail.com: Indeed, the lowest level of problem of not having the binaries is solved by leaving them in the repo. This is what I am using to move the binaries into our own internal repo. We would greatly prefer if the previous versions could also be in the PPA's package listing, this would allow for specifying an installation of a specific version. Currently, if we specify a version of rsyslog to be installed via Ansible, when the new package is release all new Ansible runs will fail. This is because we were, correctly or not, relying on the PPA still listing these versions. Unfortunately, I do not know how to do this but am researching it as I believe it would help many others besides myself. That would be great! Unfortunately, I do not have the resources for this research. But if someone tells us the steps, I am pretty sure we'll setup what is required. Thanks, Rainer Best, -Myles On Tue Dec 02 2014 at 12:34:53 PM Rainer Gerhards [via rsyslog-users] ml-node+s1305293n7587093...@n2.nabble.com wrote: 2014-12-02 17:20 GMT+01:00 Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=0: I have not seen anywhere one can enable archives. Someone on irc pointed out though that all the old file appear to be at the following link. http://ppa.launchpad.net/adiscon/v8-stable/ubuntu/pool/main/r/rsyslog/ so this seems to solve the root issue (at least in a way), doesn't it? Rainer On Tue, Dec 2, 2014 at 7:10 AM, Andre Lorbach [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=1 wrote: I researched if mirroring ppa's is possible, but it seems like it is not. There is some kind of sftp access but it does not work. RSync is not enabled as well. So the only thing left would be to grab the stuff by http and copy it manually. Alternative does somebody know if we can enable archives in the ppa somehow? This would solve at least the downgrade issue. Best regards, Andre Lorbach -Original Message- From: [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=2 [mailto:rsyslog- [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=3] On Behalf Of David Lang Sent: Monday, December 01, 2014 10:50 PM To: rsyslog-users Subject: Re: [rsyslog] ppa and older versions left for downgrading. This sounds like we really are going to end up with the equivalent of the old adiscon repo in addition to the PPA repo. David Lang On Mon, 1 Dec 2014, Rainer Gerhards wrote: Sounds good, I'll check with them tomorrow. Sent from phone, thus brief. Am 01.12.2014 22:27 schrieb Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=4: After checking further into it, they are correct. It looks like ppa's don't archive older version like the main ubuntu repo would. It is unfortunate they do it like that. Would it be a lot of work to provide the older deb's on this page. http://www.rsyslog.com/downloads/download-other/ Todd On Mon, Dec 1, 2014 at 1:13 PM, Rainer Gerhards [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=5 wrote: IIRC my packing folks told me they are automatically overwritten. If you can tell them what they need to change, I am sure they will do. Rainer Sent from phone, thus brief. Am 01.12.2014 21:56 schrieb Todd Mortensen [hidden email] http:///user/SendEmail.jtp?type=nodenode=7587093i=6: Someone posted on the IRC channel had some issues after the upgrade to 8.6.0 and wanted to downgrade to what they have installed prior to the upgrade. Can some of the older versions be left around so people may downgrade if needed? Currently someone would have to go find an old .deb file to downgrade vs using something like apt-get install rsyslog=8.4.2 You can also see all the versions available via, apt-cache policy rsyslog Thanks, Todd ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/