Last modified: Dec. 9, 2009
Contents
1 - Summary
2 - Dependencies
3 - Syslog-ng installation
4 - Service configuration
5 - Service check
1 - Summary
This guide will show you how to install syslog-ng in OpenBSD. This has been
tested in OpenBSD 4.3, 4.4 and 4.6.
2 - Dependencies
I've created a shell script that can search the list of available packages.
#!/bin/sh
# This script will look for packages with the search term.
echo=/bin/echo
lynx=/usr/bin/lynx
pkg_path=ftp://ftp.openbsd.org/pub/OpenBSD/$rel/packages/$arch/index.txt
tr=/usr/bin/tr
cut=/usr/bin/cut
grep=/usr/bin/grep
if [ $# -ne 1 ]
then
exit 0
else
# check if a valid parameter
if [ "$1" == "-help" ]
then
$echo Usage: pkg_find [string]
else
$lynx -dump $pkg_path | $tr -s " " | $cut -d " " -f 10 | $grep -i $1
fi
fi
exit 0
# cd ~
# vi pkg_find
# sudo chown root:bin pkg_find
Password:
# sudo chmod 555 pkg_find
Password:
# sudo mv pkg_find /usr/sbin/
Password:
Here is an example of what it can do.
# pkg_find -help
Usage: pkg_find [string]
# pkg_find syslog-ng
syslog-ng-*.tgz
3 - Syslog-ng installation
Install the syslog-ng package.
# pkg_find syslog
syslog-ng-*.tgz
# sudo pkg_add syslog-ng-*.tgz
Password:
4 - Service configuration
Find where the syslog-ng daemon was installed to.
# pkg_info -L syslog-ng-* | grep sbin
/usr/local/sbin/syslog-ng
Run ldd to display the shared objects (.so) needed to run the syslog-ng daemon.
If there are any shared objects in /usr/local you will need to run ldconfig.
# ldd /usr/local/sbin/syslog-ng
/usr/local/sbin/syslog-ng:
Start End Type Open Ref GrpRef Name
1c000000 3c00c000 exe 1 0 0 /usr/local/sbin/syslog-ng
06d57000 26d9e000 rlib 0 1 0 /usr/local/lib/libglib-2.0.so.1800.1
01215000 21219000 rlib 0 2 0 /usr/local/lib/libintl.so.4.0
0385b000 2393a000 rlib 0 2 0 /usr/local/lib/libiconv.so.6.0
03042000 23046000 rlib 0 1 0 /usr/local/lib/libevtlog.so.0.0
020c6000 220cb000 rlib 0 1 0 /usr/lib/libwrap.so.4.0
035f4000 2362d000 rlib 0 1 0 /usr/lib/libc.so.51.0
0d979000 2d98d000 rlib 0 1 0 /usr/local/lib/libpcre.so.2.3
0c0b2000 0c0b2000 rtld 0 1 0 /usr/libexec/ld.so
# sudo ldconfig /usr/lib /usr/local/lib
Password:
Edit the /etc/rc network script so that syslog-ng will start when the system
starts up and not syslog. Comment out the following lines.
syslogd_flags="${syslogd_flags} -a /var/www/dev/log"
syslogd_flags="${syslogd_flags} -a /var/named/dev/log"
syslogd_flags="${syslogd_flags} -a /var/empty/dev/log"
syslogd ${syslogd_flags}
Add the following right below where you commented out the previous line.
/sbin/ldconfig /usr/lib /usr/local/lib
syslog_ng_flags="-p /var/run/syslog-ng.pid"
/usr/local/sbin/syslog-ng ${syslog_ng_flags}
# sudo vi /etc/rc
Password:
Configure /etc/rc.conf, so the syslog-ng service will start at boot time.
Modify to have the following.
#syslogd_flags=
syslog_ng_flags=
# sudo vi /etc/rc.conf
Password:
Find where the configuration file should be put.
# strings /usr/local/sbin/syslog-ng | grep syslog-ng.conf
-f <fname>, --cfgfile=<fname> Set config file name, default=/etc/syslog-ng.conf
/etc/syslog-ng.conf
You can create your own configuration file. You can use the following for your source.
source local { internal(); pipe("/dev/klog" log_prefix("kernel: ")); unix-dgram("/dev/log"); };
# pkg_info -L syslog-ng-* | grep syslog-ng.conf
/usr/local/man/man5/syslog-ng.conf.5
/usr/local/share/examples/syslog-ng/syslog-ng.conf.sample
# sudo cp /usr/local/share/examples/syslog-ng/syslog-ng.conf.sample /etc/syslog-ng.conf
Password:
# sudo cp /etc/syslog-ng.conf /etc/syslog-ng.conf.example
Password:
# sudo chmod u+w /etc/syslog-ng.conf
Password:
# sudo vi /etc/syslog-ng.conf
Password:
# sudo /usr/local/sbin/syslog-ng -s -f /etc/syslog-ng.conf
Stop the syslog service and start the syslog-ng service.
# sudo kill -9 `cat /var/run/syslog.pid`
Password:
# sudo rm -fP /var/run/syslog.pid
Password:
# sudo ps aux | grep syslog
Password:
_syslogd 3385 0.0 0.1 352 620 ?? S 11:46AM 0:00.01 syslogd -a \
/var/www/dev/log -a /var/empty/dev/log
# sudo kill -9 3385
Password:
# sudo ps aux | grep syslog
Password:
# sudo /usr/local/sbin/syslog-ng -p /var/run/syslog-ng.pid
Password:
# sudo cat /var/run/syslog-ng.pid
Password:
29364
5 - Service check
Reboot your computer. Log in like normal and check to see that the syslog
service isn't running and the syslog-ng service is running. That's it, now you
have syslog-ng running in OpenBSD.
# sudo shutdown -r now
Password:
# sudo ls -1 /var/run/syslog*
Password:
/var/run/syslog-ng.pid
# sudo cat /var/run/syslog-ng.pid
Password:
26820
|