[gentoo-dev] syslog-ng

[gentoo-dev] syslog-ng

[ace]

Who monitors security warnings for Gentoo? syslog-ng has a bug (#7951) but
it hasn't been comitted to the portage tree, and it has been over a week,
does the freeze INCLUDE SECURITY UPDATES where all that is needed is a
version bump.

--
Asbjørn Sannes
ace@sannes.org

Re: [gentoo-dev] syslog-ng

[Alexander Gretencord]

On Thursday 10 October 2002 19:23, ace@sannes.org wrote:
> Who monitors security warnings for Gentoo? syslog-ng has a bug (#7951) but
> it hasn't been comitted to the portage tree, and it has been over a week,
> does the freeze INCLUDE SECURITY UPDATES where all that is needed is a
> version bump.

No it shouldn't. Even KDE gets new versions. Has it been assigned directly to 
blocke@gentoo.org? If so, don't do it. The bug-wranglers will decide who to 
assign it to. Btw if something like this doesn't get fixed get into the irc 
channel and bug them about it :)

Btw this is one of the things that makes gentoo bad for server usage. Way to 
go gentoo but I'm sure they will get this right too ... sometime :)


Alex

-- 
"They that can give up essential liberty to obtain a little temporary safety 
deserve neither liberty nor safety."
Benjamin Franklin

Re: [gentoo-dev] syslog-ng

[Bruce A. Locke]

I'll look into it.  I haven't been around lately due to my job and classes taking every waking moment for past two weeks.


On Fri, 11 Oct 2002 11:25:12 +0200
Alexander Gretencord <arutha@gmx.de> wrote:

> On Thursday 10 October 2002 19:23, ace@sannes.org wrote:
> > Who monitors security warnings for Gentoo? syslog-ng has a bug (#7951) but
> > it hasn't been comitted to the portage tree, and it has been over a week,
> > does the freeze INCLUDE SECURITY UPDATES where all that is needed is a
> > version bump.
> 
> No it shouldn't. Even KDE gets new versions. Has it been assigned directly to 
> blocke@gentoo.org? If so, don't do it. The bug-wranglers will decide who to 
> assign it to. Btw if something like this doesn't get fixed get into the irc 
> channel and bug them about it :)
> 
> Btw this is one of the things that makes gentoo bad for server usage. Way to 
> go gentoo but I'm sure they will get this right too ... sometime :)
> 
> 
> Alex
> 
> -- 
> "They that can give up essential liberty to obtain a little temporary safety 
> deserve neither liberty nor safety."
> Benjamin Franklin
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev


---------------------------------------------------------------------
Bruce A. Locke
blocke@shivan.org

[gentoo-dev] syslog-ng

[Konstantin V. Gavrilenko]

Guys,

just thought I should mention this.

if you setup a syslog-ng server that binds to an interface and listens to
collect incoming logs, at the next reboot it will fail to do so. I believe this
issue is due to the order of execution of the init.d initialization scripts,
since syslog-ng is started before the net.ethX scripts are executed. The exim
would not start following the failure of the syslog-ng.


yours,
g_kos

-- 
Respectfully,
Konstantin V. Gavrilenko

Managing Director
Arhont Ltd - Information Security

web:    http://www.arhont.com
	http://www.wi-foo.com
e-mail: k.gavrilenko@arhont.com

tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141

PGP: Key ID - 0x4F3608F7
PGP: Server - keyserver.pgp.com

--
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] syslog-ng

[Drake Wyrm]

[-- Attachment #1: Type: text/plain, Size: 786 bytes --]

At 2004-11-23T02:14:30+0000, "Konstantin V. Gavrilenko" <mlists@arhont.com> wrote:
> if you setup a syslog-ng server that binds to an interface and listens to
> collect incoming logs, at the next reboot it will fail to do so. I believe 
> this
> issue is due to the order of execution of the init.d initialization scripts,
> since syslog-ng is started before the net.ethX scripts are executed. The 
> exim
> would not start following the failure of the syslog-ng.

Good catch. Check bugs.gentoo.org to see if this has already been
reported. I didn't see anything related, but you might be able to. If
not, report it!

-- 
Batou: Hey, Major... You ever hear of "human rights"?
Kusanagi: I understand the concept, but I've never seen it in action.
  --Ghost in the Shell

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-dev] syslog-ng

[Ed Grimm]

On Tue, 23 Nov 2004, Konstantin V. Gavrilenko wrote:

> Guys,
>
> just thought I should mention this.
>
> if you setup a syslog-ng server that binds to an interface and listens
> to collect incoming logs, at the next reboot it will fail to do so. I
> believe this issue is due to the order of execution of the init.d
> initialization scripts, since syslog-ng is started before the net.ethX
> scripts are executed. The exim would not start following the failure
> of the syslog-ng.

My experience is, this is actually unpredictable - net.ethX does not
provide 'net', and so whether syslog-ng (or, for that matter, any other
syslog service) starts up before or after the network is established is
anyone's guess.  Given the total number of places it can start up on a
typical system, I would guess that it probably usually starts after the
network has initialized.

Further, iptables needs 'logger', but must start before net, although it
works fine for me to start it before syslog-ng.  (I don't know that
'need' indicates an order.  But before I removed that need from my own
iptables init script, iptables was always running after syslog-ng (and,
incidentally, a minute or two after my network came up.  I'm glad I have
multiple layers of defenses, and Linux isn't the prime target.))

My submitted work thus far in documenting this bug:

http://bugs.gentoo.org/show_bug.cgi?id=70226


I apologize for the lack of proper line wraps in that post; it appears
bugzilla and my browser do not agree.  (IMHO, if a text area is to not
auto-wrap, it should have both horizontal and vertical scroll-bars.  My
browser agrees with this.)

Ed

--
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] syslog-ng

[Paul de Vrieze]

[-- Attachment #1: Type: text/plain, Size: 1306 bytes --]

On Tuesday 23 November 2004 09:38, Ed Grimm wrote:
> On Tue, 23 Nov 2004, Konstantin V. Gavrilenko wrote:
> > Guys,
> >
> > just thought I should mention this.
> >
> > if you setup a syslog-ng server that binds to an interface and listens
> > to collect incoming logs, at the next reboot it will fail to do so. I
> > believe this issue is due to the order of execution of the init.d
> > initialization scripts, since syslog-ng is started before the net.ethX
> > scripts are executed. The exim would not start following the failure
> > of the syslog-ng.
>
> My experience is, this is actually unpredictable - net.ethX does not
> provide 'net', and so whether syslog-ng (or, for that matter, any other
> syslog service) starts up before or after the network is established is
> anyone's guess.  Given the total number of places it can start up on a
> typical system, I would guess that it probably usually starts after the
> network has initialized.

Syslog-ng should, like iptables, bind to an interface even if it is not up. 
There are reasons to start the logger as soon as possible. Alternatively you 
could signal syslog-ng to reload itself again just before exim loads.

Paul

-- 
Paul de Vrieze
Gentoo Developer
Mail: pauldv@gentoo.org
Homepage: http://www.devrieze.net

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-dev] syslog-ng

[Konstantin V. Gavrilenko]

Paul de Vrieze wrote:
> On Tuesday 23 November 2004 09:38, Ed Grimm wrote:
> 
>>On Tue, 23 Nov 2004, Konstantin V. Gavrilenko wrote:
>>
>>>Guys,
>>>
>>>just thought I should mention this.
>>>
>>>if you setup a syslog-ng server that binds to an interface and listens
>>>to collect incoming logs, at the next reboot it will fail to do so. I
>>>believe this issue is due to the order of execution of the init.d
>>>initialization scripts, since syslog-ng is started before the net.ethX
>>>scripts are executed. The exim would not start following the failure
>>>of the syslog-ng.
>>
>>My experience is, this is actually unpredictable - net.ethX does not
>>provide 'net', and so whether syslog-ng (or, for that matter, any other
>>syslog service) starts up before or after the network is established is
>>anyone's guess.  Given the total number of places it can start up on a
>>typical system, I would guess that it probably usually starts after the
>>network has initialized.
> 
> 
> Syslog-ng should, like iptables, bind to an interface even if it is not up. 
> There are reasons to start the logger as soon as possible. Alternatively you 
> could signal syslog-ng to reload itself again just before exim loads.
> 
> Paul

I know that the logger should be started early, also instead of indicating it in 
exim init script, i have done it in net.ethX , after the interface is brought up.

Paul, do you guys have any plans to switch networking initialisation from 
ifconfig/route/arp etc. to iproute2 suite?



-- 
Respectfully,
Konstantin V. Gavrilenko

Arhont Ltd - Information Security

web:    http://www.arhont.com
	http://www.wi-foo.com
e-mail: k.gavrilenko@arhont.com

tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141

PGP: Key ID - 0x4F3608F7
PGP: Server - keyserver.pgp.com

--
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] syslog-ng

[Roy Marples]

[-- Attachment #1: Type: text/plain, Size: 467 bytes --]

On Tue, 2004-11-23 at 21:10 +0000, Konstantin V. Gavrilenko wrote:
> Paul, do you guys have any plans to switch networking initialisation from 
> ifconfig/route/arp etc. to iproute2 suite?

sys-apps/baselayout-1.11.6-r1 supports both ifconfig and iproute2
We also support udhcp (udhcpc), dhcp (dhclient), pump, dhcpcd, bonding,
vlan and bridging

Basic APIPA and tunnelling are also in place

-- 
Roy Marples <uberlord@gentoo.org>
Gentoo Linux Developer

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-dev] syslog-ng

[Ed Grimm]

On Tue, 23 Nov 2004, Paul de Vrieze wrote:

> On Tuesday 23 November 2004 09:38, Ed Grimm wrote:
>> On Tue, 23 Nov 2004, Konstantin V. Gavrilenko wrote:
>>> Guys,
>>>
>>> just thought I should mention this.
>>>
>>> if you setup a syslog-ng server that binds to an interface and listens
>>> to collect incoming logs, at the next reboot it will fail to do so. I
>>> believe this issue is due to the order of execution of the init.d
>>> initialization scripts, since syslog-ng is started before the net.ethX
>>> scripts are executed. The exim would not start following the failure
>>> of the syslog-ng.
>>
>> My experience is, this is actually unpredictable - net.ethX does not
>> provide 'net', and so whether syslog-ng (or, for that matter, any other
>> syslog service) starts up before or after the network is established is
>> anyone's guess.  Given the total number of places it can start up on a
>> typical system, I would guess that it probably usually starts after the
>> network has initialized.
>
> Syslog-ng should, like iptables, bind to an interface even if it is not up.
> There are reasons to start the logger as soon as possible. Alternatively you
> could signal syslog-ng to reload itself again just before exim loads.

Well, that's just great.  Just after I thought I knew *exactly* what was
going on, I managed to get a boot order that worked, that I thought
wouldn't work.  Syslog-ng started, followed by iptables, followed by
net.  Apparently, what was preventing syslog-ng from starting was not
the absence of net.  I'm going to investigate this one further.

On the bright side, I have iptables starting reliably before net.  So
half of my problem appears to be solved.

(For reference, I've had about 6 boots where syslog-ng failed, starting
before net, and no failures where syslog-ng started fine, starting after
net (around 10-15 boots).  One boot where syslog-ng succeeded, starting
before net.  Syslog-ng last updated before I noticed the problem in the
first place.)

Ed

--
gentoo-dev@gentoo.org mailing list