Merge pull request #4305 from c-po/syslog-T6989

syslog: T6989: convert old configuration format to "advanced"

Author: c-po

data/templates/rsyslog/override.conf.j2

@@ -1,78 +1,122 @@
 ### Autogenerated by system_syslog.py ###
 
-{% if global.marker is vyos_defined %}
-$ModLoad immark
-{%     if global.marker.interval is vyos_defined %}
-$MarkMessagePeriod {{ global.marker.interval }}
-{%     endif %}
-{% endif %}
-{% if global.preserve_fqdn is vyos_defined %}
-$PreserveFQDN on
-{% endif %}
+#### MODULES ####
+# Load input modules for local logging and kernel logging
 
-{% if global.local_host_name is vyos_defined %}
-$LocalHostName {{ global.local_host_name }}
-{% endif %}
+# Old-style log file format with low-precision timestamps
+# A modern-style logfile format with high-precision timestamps and timezone info
+# RSYSLOG_FileFormat
+module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")
+module(load="imuxsock")  # provides support for local system logging
+module(load="imklog")    # provides kernel logging support
 
-# We always log to /var/log/messages
-$outchannel global,/var/log/messages,262144,/usr/sbin/logrotate {{ logrotate }}
-{% if global.facility is vyos_defined %}
-{%     set tmp = [] %}
-{%     for facility, facility_options in global.facility.items() %}
-{%         set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
-{%     endfor %}
-{{ tmp | join(';') }} :omfile:$global
+# Import logs from journald
+module(
+    load="imjournal"
+    StateFile="/var/spool/rsyslog/imjournal.state"  # Persistent state file to track the journal cursor
+    Ratelimit.Interval="0"  # Disable rate limiting (set to "0" for no limit)
+    RateLimit.Burst="0"
+)
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+# Log specific programs to auth.log, then stop further processing
+if (
+    $programname == "CRON" or
+    $programname == "sudo" or
+    $programname == "su"
+) then {
+    action(type="omfile" file="/var/log/auth.log")
+    stop
+}
+
+global(workDirectory="/var/spool/rsyslog")
+
+###############
+#### RULES ####
+###############
+
+# Send emergency messages to all logged-in users
+*.emerg action(type="omusrmsg" users="*")
+
+{% if marker is vyos_defined %}
+# Load the immark module for periodic --MARK-- message capability
+module(load="immark" interval="{{ marker.interval }}")
+{% endif %}
+{% if preserve_fqdn is vyos_defined %}
+# Preserve the fully qualified domain name (FQDN) in log messages
+global(preserveFQDN="on")
+{%     if preserve_fqdn.host_name is vyos_defined and preserve_fqdn.domain_name is vyos_defined %}
+# Set the local hostname for log messages
+global(localHostname="{{ preserve_fqdn.host_name }}.{{ preserve_fqdn.domain_name }}")
+{%     endif %}
 {% endif %}
 
-{% if file is vyos_defined %}
-# File based configuration section
-{%     for file_name, file_options in file.items() %}
-{%         set tmp = [] %}
-$outchannel {{ file_name }},/var/log/user/{{ file_name }},{{ file_options.archive.size }},/usr/sbin/logrotate {{ logrotate }}
-{%         if file_options.facility is vyos_defined %}
-{%             for facility, facility_options in file_options.facility.items() %}
-{%                 set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
-{%             endfor %}
-{%         endif %}
-{{ tmp | join(';') }} :omfile:${{ file }}
-{%     endfor %}
+#### GLOBAL LOGGING ####
+{% if local.facility is vyos_defined %}
+{%     set tmp = [] %}
+{%     if local.facility is vyos_defined %}
+{%         for facility, facility_options in local.facility.items() %}
+{%             set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
+{%         endfor %}
+if prifilt("{{ tmp | join(',') }}") then {
+    action(
+        type="omfile"
+        file="/var/log/messages"
+        rotation.sizeLimit="524288" # 512Kib - maximum filesize before rotation
+        rotation.sizeLimitCommand="/usr/sbin/logrotate {{ logrotate }}"
+    )
+}
+{%     endif %}
 {% endif %}
 
+#### CONSOLE LOGGING ####
 {% if console.facility is vyos_defined %}
-# Console logging
 {%     set tmp = [] %}
-{%     for facility, facility_options in console.facility.items() %}
-{%         set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
-{%     endfor %}
-{{ tmp | join(';') }} /dev/console
+{%     if console.facility is vyos_defined %}
+{%         for facility, facility_options in console.facility.items() %}
+{%             set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
+{%         endfor %}
+if prifilt("{{ tmp | join(',') }}") then {
+    action(type="omfile" file="/dev/console")
+}
+{%     endif %}
 {% endif %}
 
-{% if host is vyos_defined %}
-# Remote logging
-{%     for host_name, host_options in host.items() %}
+#### REMOTE LOGGING ####
+{% if remote is vyos_defined %}
+{%     for remote_name, remote_options in remote.items() %}
 {%         set tmp = [] %}
-{%         if host_options.facility is vyos_defined %}
-{%             for facility, facility_options in host_options.facility.items() %}
-{%                 set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
+{%         if remote_options.facility is vyos_defined %}
+{%             for facility, facility_options in remote_options.facility.items() %}
+{%                 set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
 {%             endfor %}
-{%         endif %}
-{%         if host_options.protocol is vyos_defined('tcp') %}
-{{ tmp | join(';') }} @@{{ '(o)' if host_options.format.octet_counted is vyos_defined }}{{ host_name | bracketize_ipv6 }}:{{ host_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if host_options.format.include_timezone is vyos_defined }}
-{%         else %}
-{{ tmp | join(';') }} @{{ host_name | bracketize_ipv6 }}:{{ host_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if host_options.format.include_timezone is vyos_defined }}
+{%             set _ = tmp.sort() %}
+# Remote syslog to {{ remote_name }}
+if prifilt("{{ tmp | join(',') }}") then {
+    action(
+        type="omfwd"
+        # Remote syslog server where we send our logs to
+        target="{{ remote_name | bracketize_ipv6 }}"
+        # Port on the remote syslog server
+        port="{{ remote_options.port }}"
+        protocol="{{ remote_options.protocol }}"
+{%             if remote_options.format.include_timezone is vyos_defined %}
+        template="SyslogProtocol23Format"
+{%             endif %}
+        TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}"
+{%             if remote_options.source_address is vyos_defined %}
+        Address="{{ remote_options.source_address }}"
+{%             endif %}
+{%             if remote_options.vrf is vyos_defined %}
+        Device="{{ remote_options.vrf }}"
+{%             endif %}
+    )
+}
 {%         endif %}
 {%     endfor %}
 {% endif %}
 
-{% if user is defined and user is not none %}
-# Log to user terminal
-{%     for username, user_options in user.items() %}
-{%         set tmp = [] %}
-{%         if user_options.facility is vyos_defined %}
-{%             for facility, facility_options in user_options.facility.items() %}
-{%                 set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
-{%             endfor %}
-{%         endif %}
-{{ tmp | join(';') }} :omusrmsg:{{ username }}
-{%     endfor %}
-{% endif %}
+# Include all configuration files in /etc/rsyslog.d/
+include(file="/etc/rsyslog.d/*.conf")

data/templates/rsyslog/rsyslog.conf.j2

@@ -9,7 +9,6 @@ etc/netplug
 etc/opennhrp
 etc/modprobe.d
 etc/ppp
-etc/rsyslog.conf
 etc/securetty
 etc/security
 etc/skel

debian/vyos-1x.install

@@ -1,3 +1,3 @@
 <!-- include start from include/version/system-version.xml.i -->
-<syntaxVersion component='system' version='28'></syntaxVersion>
+<syntaxVersion component='system' version='29'></syntaxVersion>
 <!-- include end -->

interface-definitions/include/version/system-version.xml.i

@@ -8,28 +8,17 @@
           <priority>400</priority>
         </properties>
         <children>
-          <tagNode name="user">
+          <node name="console">
             <properties>
-              <help>Logging to specific terminal of given user</help>
-              <completionHelp>
-                <path>system login user</path>
-              </completionHelp>
-              <valueHelp>
-                <format>txt</format>
-                <description>Local user account</description>
-              </valueHelp>
-              <constraint>
-                #include <include/constraint/login-username.xml.i>
-              </constraint>
-              <constraintErrorMessage>illegal characters in user</constraintErrorMessage>
+              <help>Log to system console (/dev/console)</help>
             </properties>
             <children>
               #include <include/syslog-facility.xml.i>
             </children>
-          </tagNode>
-          <tagNode name="host">
+          </node>
+          <tagNode name="remote">
             <properties>
-              <help>Logging to remote host</help>
+              <help>Log to remote host</help>
               <constraint>
                 <validator name="ip-address"/>
                 <validator name="fqdn"/>
@@ -49,11 +38,6 @@
               </valueHelp>
             </properties>
             <children>
-              #include <include/port-number.xml.i>
-              <leafNode name="port">
-                <defaultValue>514</defaultValue>
-              </leafNode>
-              #include <include/protocol-tcp-udp.xml.i>
               #include <include/syslog-facility.xml.i>
               <node name="format">
                 <properties>
@@ -74,86 +58,50 @@
                   </leafNode>
                 </children>
               </node>
+              #include <include/port-number.xml.i>
+              <leafNode name="port">
+                <defaultValue>514</defaultValue>
+              </leafNode>
+              #include <include/protocol-tcp-udp.xml.i>
+              #include <include/source-address-ipv4-ipv6.xml.i>
+              #include <include/interface/vrf.xml.i>
             </children>
           </tagNode>
-          <node name="global">
+          <node name="local">
             <properties>
-              <help>Logging to system standard location</help>
+              <help>Log to standard system location /var/log/messages</help>
             </properties>
             <children>
               #include <include/syslog-facility.xml.i>
-              <node name="marker">
-                <properties>
-                  <help>mark messages sent to syslog</help>
-                </properties>
-                <children>
-                  <leafNode name="interval">
-                    <properties>
-                      <help>time interval how often a mark message is being sent in seconds</help>
-                      <constraint>
-                        <validator name="numeric" argument="--positive"/>
-                      </constraint>
-                    </properties>
-                    <defaultValue>1200</defaultValue>
-                  </leafNode>
-                </children>
-              </node>
-              <leafNode name="preserve-fqdn">
-                <properties>
-                  <help>uses FQDN for logging</help>
-                  <valueless/>
-                </properties>
-              </leafNode>
             </children>
           </node>
-          <tagNode name="file">
+          <node name="marker">
             <properties>
-              <help>Logging to a file</help>
-              <constraint>
-                <regex>[a-zA-Z0-9\-_.]{1,255}</regex>
-              </constraint>
-              <constraintErrorMessage>illegal characters in filename or filename longer than 255 characters</constraintErrorMessage>
+              <help>Mark messages sent to syslog</help>
             </properties>
             <children>
-              <node name="archive">
+              <leafNode name="interval">
                 <properties>
-                  <help>Log file size and rotation characteristics</help>
+                  <help>Mark message interval</help>
+                  <valueHelp>
+                    <format>u32:1-65535</format>
+                    <description>Time in seconds</description>
+                  </valueHelp>
+                  <constraint>
+                    <validator name="numeric" argument="--range 1-86400"/>
+                  </constraint>
+                  <constraintErrorMessage>Port number must be in range 1 to 86400</constraintErrorMessage>
                 </properties>
-                <children>
-                  <leafNode name="file">
-                    <properties>
-                      <help>Number of saved files</help>
-                      <constraint>
-                        <regex>[0-9]+</regex>
-                      </constraint>
-                      <constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
-                    </properties>
-                    <defaultValue>5</defaultValue>
-                  </leafNode>
-                  <leafNode name="size">
-                    <properties>
-                      <help>Size of log files in kbytes</help>
-                      <constraint>
-                        <regex>[0-9]+</regex>
-                      </constraint>
-                      <constraintErrorMessage>illegal characters in size</constraintErrorMessage>
-                    </properties>
-                    <defaultValue>256</defaultValue>
-                  </leafNode>
-                </children>
-              </node>
-              #include <include/syslog-facility.xml.i>
+                <defaultValue>1200</defaultValue>
+              </leafNode>
             </children>
-          </tagNode>
-          <node name="console">
+          </node>
+          <leafNode name="preserve-fqdn">
             <properties>
-              <help>logging to serial console</help>
+              <help>Always include domain portion in hostname</help>
+              <valueless/>
             </properties>
-            <children>
-              #include <include/syslog-facility.xml.i>
-            </children>
-          </node>
-          #include <include/interface/vrf.xml.i>
+          </leafNode>
         </children>
       </node>
     </children>

interface-definitions/system_syslog.xml.in

@@ -1,4 +1,4 @@
-# Copyright 2018-2024 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2018-2025 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -40,6 +40,11 @@
   'ca_certificates' : '/usr/local/share/ca-certificates/vyos'
 }
 
+systemd_services = {
+    'rsyslog' : 'rsyslog.service',
+    'snmpd' : 'snmpd.service',
+}
+
 config_status = '/tmp/vyos-config-status'
 api_config_state = '/run/http-api-state'
 frr_debug_enable = '/tmp/vyos.frr.debug'

python/vyos/defaults.py

@@ -24,5 +24,5 @@ set system console device ttyS0 speed '115200'
 set system host-name 'vyos'
 set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/'
 set system login user vyos authentication plaintext-password ''
-set system syslog global facility all level 'info'
-set system syslog global facility local7 level 'debug'
+set system syslog local facility all level 'info'
+set system syslog local facility local7 level 'debug'