Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Syslog-ng pkg.v.1.0.2 is gzipping the client key file every night

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 791 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      snm777
      last edited by

      I found that this behavior has been noted before, but is supposedly fixed:
      https://redmine.pfsense.org/issues/3292

      I am running pfsense version 2.1.5, and the package version for syslog-ng is 3.5.4.1 pkg.v1.0.2.  Every night when the local log files are rolled over, syslog-ng is also gzipping the .key file for the local server.  Did this behavior accidentally slip back in?  Or is in only fixed in a package available for pfsense 2.2?

      Thanks!

      (and yes, I did try to report it in the bugtracker but when I create an account, I never get a confirmation email nor can I log in with the credentials I created)

      1 Reply Last reply Reply Quote 0
      • S
        snm777
        last edited by

        Well, I made this work. If you are running into this issue, you can probably fix it this way, but I'm no expert at regex.

        Here is the code that is in the syslog-ng package now, found in /usr/local/pkg/syslog-ng.inc:

        preg_match("/\bfile\b\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match);
        

        That is supposed to fix the "encrypting the keyfile" behavior, but it doesn't. This is at line 238 according to the redmine page here https://redmine.pfsense.org/projects/pfsense-packages/repository/revisions/c030cf2781c7bbef197db6f07facef35b6856c8e/diff

        In order to get this thing to STOP encrypting the keyfile, I changed line 238 to this:

        preg_match("/[^-]\bfile\b\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match);
        

        Once I change this and re-saved, with no changes, my custom Destination object in syslog-ng (restarting the syslog-ng service does NOT make this change take effect), the /usr/local/etc/logrotate.conf no longer includes the key file, but it DOES still include the syslog-ng log files.

        One other thing - while youa re editing the /usr/local/pkg/syslog-ng.inc file, chenage the line

        $conf .= "@version:3.6\n";
        

        to

        $conf .= "@version:3.5\n";
        

        otherwise the syslog-ng service will not start.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.