Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

7.219. rsyslog

Updated rsyslog packages that fix three bugs are now available for Red Hat Enterprise Linux 6.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. Rsyslog supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control.

Bug Fixes

Prior to this update, the rsyslog packages depended on a newer selinux-policy which the rsyslog spec file did not reflect. The command "yum --security update" updated rsyslog but not the selinux-policy. As a consequence, rsyslog malfunctioned when booting and depending services failed, including login. This update modifies the spec file to prevent installation with an incompatible selinux-policy package and enforce its update if available.
Prior to this update, the rule that was specified immediately before the "$IncludeConfig" directive to be reordered after the contents of the included configuration file due to handling problem with the configuration file parser. As a consequence, the order of processing was different from the intended one with the potential of message losses. This update modifies the underlying code so that the order of processing is the same as in the configuration file.
Prior to this update, the Unix Socket Input plug-in for rsyslog did not consider the timestamp format specified by the RFC 5424 Syslog Protocol for timestamps derived from RFC 3339. As a consequence, messages sent to the syslog daemon via Unix sockets that used the RFC 3339-derived timestamp format were silently discarded. This update supports this timestamp format. Messages sent to the rsyslog system logging daemon via Unix sockets that use the RFC 3339-derived timestamp format are now accepted and processed properly.
All rsyslog users are advised to upgrade to these updated packages, which fix these bugs.