- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2012:0228 - rsyslog bug fix and enhancement update
Synopsis
rsyslog bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Topic
Updated rsyslog packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 5.
Description
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control.
This update fixes the following bugs:
-
Previously, rklogd, the daemon that provides kernel logging, was replaced with a loadable module. However, the functionality was disabled in the configuration. Consequently, rsyslog did not log any kernel messages. With this update, the /etc/rsyslog.conf configuration file has been corrected to include the "$ModLoad imklog" directive and the kernel messages are now logged as expected. (BZ#592039, BZ#582288)
-
The previous version of rsyslog introduced a patch, which fixed unexpected termination that occurred when a large number of clients was sending their logs to rsyslog. However, the patch was not applied due to the outdated Autoconf package in the build environment. With this update, the package is no longer needed during the build process and the patch is applied successfully. (BZ#674450)
-
The previous rsyslog release introduced a new format of the message time stamps. However, some utilities, such as logwatch, were unable to parse such message time stamps properly. This update adds the "$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat" directive to the /etc/rsyslog.conf configuration file so that the old format is used by default and the respective utilities now work correctly. (BZ#583621)
-
Previously, some rsyslog modules were stored in the /usr/lib{,64} directory tree. Consequently, rsyslog could fail to start if the /usr/ directory resided on a different file system and the file system was unavailable during the daemon startup. With this update, the module directory has been relocated to the /lib{,64}/ directory and the modules are always accessible to rsyslog. (BZ#546645)
-
The omsnmp module was missing in the rsyslog package. Consequently, sending of messages with Simple Network Management Protocol (SNMP) could not be used. This update adds the omsnmp module to the package and the SNMP messages mechanism works as expected. (BZ#601711)
-
Wrong data types were used to hold some configuration values, which caused rsyslog to ignore the values. This update changes the data types and the configuration is now processed as expected. (BZ#746179)
-
The retry limit was not checked correctly and suspended actions could fail to resume. This update fixes the underlying code and suspended actions resume as expected. (BZ#726525)
-
The rsyslog utility failed to close the stdout and stderr streams properly when running in background mode. This caused the operating system to become unresponsive on system boot. The output streams are now closed properly, which fixes this bug. (BZ#654379)
-
The rsyslog process could consume excessive memory when using message forwarding with Transport Layer Security (TLS) encryption. With this update, the underlying code has been modified and the bug is fixed. (BZ#637959)
-
The build script wrongly detected the MySQL support when building 32-bit packages in a 64-bit multilib environment. Consequently, the building process failed. With this update, the build script now uses the proper mysql_config binary and the package is built successfully in this scenario. (BZ#694413)
-
The lock file created by the rsyslog init script did not match the init script name. Consequently, the system did not run the stop action to stop the process on system shut down. With this update, the file is named correctly and the daemon shuts down as expected. (BZ#650509)
In addition, this update adds the following enhancement:
- This update improves the package description in the 'Description' section. (BZ#574620)
All rsyslog users are advised to upgrade to these updated packages, which fix these bugs and adds this enhancement.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- rsyslog-gssapi-3.22.1-7.el5.i386.rpm
- rsyslog-gssapi-3.22.1-7.el5.x86_64.rpm
- rsyslog-snmp-3.22.1-7.el5.s390x.rpm
- rsyslog-snmp-3.22.1-7.el5.ppc.rpm
- rsyslog-gssapi-3.22.1-7.el5.ia64.rpm
- rsyslog-gnutls-3.22.1-7.el5.s390x.rpm
- rsyslog-pgsql-3.22.1-7.el5.ia64.rpm
- rsyslog-pgsql-3.22.1-7.el5.x86_64.rpm
- rsyslog-gnutls-3.22.1-7.el5.ppc.rpm
- rsyslog-snmp-3.22.1-7.el5.x86_64.rpm
- rsyslog-gssapi-3.22.1-7.el5.s390x.rpm
- rsyslog-3.22.1-7.el5.i386.rpm
- rsyslog-snmp-3.22.1-7.el5.ia64.rpm
- rsyslog-gnutls-3.22.1-7.el5.i386.rpm
- rsyslog-3.22.1-7.el5.ppc.rpm
- rsyslog-pgsql-3.22.1-7.el5.i386.rpm
- rsyslog-gnutls-3.22.1-7.el5.x86_64.rpm
- rsyslog-3.22.1-7.el5.x86_64.rpm
- rsyslog-mysql-3.22.1-7.el5.s390x.rpm
- rsyslog-pgsql-3.22.1-7.el5.s390x.rpm
- rsyslog-snmp-3.22.1-7.el5.i386.rpm
- rsyslog-pgsql-3.22.1-7.el5.ppc.rpm
- rsyslog-3.22.1-7.el5.s390x.rpm
- rsyslog-3.22.1-7.el5.ia64.rpm
- rsyslog-mysql-3.22.1-7.el5.ia64.rpm
- rsyslog-mysql-3.22.1-7.el5.i386.rpm
- rsyslog-mysql-3.22.1-7.el5.x86_64.rpm
- rsyslog-gssapi-3.22.1-7.el5.ppc.rpm
- rsyslog-3.22.1-7.el5.src.rpm
- rsyslog-gnutls-3.22.1-7.el5.ia64.rpm
- rsyslog-mysql-3.22.1-7.el5.ppc.rpm
Fixes
- This content is not included.BZ - 546645
- This content is not included.BZ - 574620
- This content is not included.BZ - 582288
- This content is not included.BZ - 583621
- This content is not included.BZ - 592039
- This content is not included.BZ - 637959
- This content is not included.BZ - 650509
- This content is not included.BZ - 654379
- This content is not included.BZ - 674450
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.