Verification/comparison steps to ensure that the modified
rsyslog package is built and working correctly, given its
importance in the distribution:
1) Compare test suite results in build logs
2) Compare configuration options in build logs
3) Compare packages' control file and contents
All look good. Details:
1) Compare test suite results in build logs
-------------------------------------------
The build-time test suite runs 550ish tests,
which gives us confidence it does look good.
There are 20 test files which name includes 'relp',
and 2 test files include the option name 'tlscfgcmd'.
$ grep -rl tlscfgcmd rsyslog-8.2001.0/tests/
rsyslog-8.2001.0/tests/sndrcv_relp_tls-cfgcmd.sh
rsyslog-8.2001.0/tests/imrelp-tls-cfgcmd.sh
These 2 are not mentioned in the previous build log,
but are mentioned and PASS in the test package's build log,
so the option is enabled and good as in tests.
Before:
# TOTAL: 551
# PASS: 544
# SKIP: 7
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
After:
+PASS: imrelp-tls-cfgcmd.sh
+PASS: sndrcv_relp_tls-cfgcmd.sh
# TOTAL: 553
# PASS: 546
# SKIP: 7
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
2) Compare configuration options in build logs
----------------------------------------------
Download the old (focal-release) and new (ppa) build logs:
$ curl -s https://launchpadlibrarian.net/464664394
/buildlog_ubuntu-focal-amd64.rsyslog_8.2001.0-1ubuntu1_BUILDING.txt.gz |
gzip -dc > buildlog.old
$ curl -s buildlog_modified
https://launchpadlibrarian.net/492228312/buildlog_ubuntu-focal-
amd64.rsyslog_8.2001.0-1ubuntu1.1_BUILDING.txt.gz | gzip -dc >
buildlog.new
Filter the section for configure:
dh_auto_configure -- \
<...>
config.status: executing libtool commands
$ sed -n '/^dh_auto_configure --/,/^config.status: executing
libtool commands/p' buildlog.old > buildlog.old.configure
$ sed -n '/^dh_auto_configure --/,/^config.status: executing
libtool commands/p' buildlog.new > buildlog.new.configure
The only difference is the new/reported option 'relpSrvSetTlsConfigCmd'
$ diff -u buildlog.old.configure buildlog.new.configure
--- buildlog.old.configure 2020-08-06 23:44:34.072713719 +0000
+++ buildlog.new.configure 2020-08-06 23:44:38.080688125 +0000
@@ -407,8 +407,8 @@
checking for relpSrvSetOversizeMode... yes
checking for relpSrvSetLstnAddr... yes
checking for relpEngineSetTLSLibByName... yes
-checking for relpSrvSetTlsConfigCmd... no
-checking for relpSrvSetTlsConfigCmd... (cached) no
+checking for relpSrvSetTlsConfigCmd... yes
+checking for relpSrvSetTlsConfigCmd... (cached) yes
checking for LIBLOGGING_STDLOG... no
configure: liblogging-stdlog not found, parts of the testbench will
not run
checking for ip... no
3) Compare packages' control file and contents
----------------------------------------------
Get the old and new packages' control/contents:
mkdir debs-old && cd debs-old
pull-lp-debs rsyslog focal
cd ..
mkdir debs-new && cd debs-new
pull-ppa-debs --ppa mfo/lp1888926 rsyslog focal
cd ..
for dir in debs-old debs-new; do
pushd $dir
for deb in *.deb; do
pkg=${deb%%_*}
dpkg-deb -e $deb deb_control_$pkg
dpkg-deb -c $deb \
| awk '{ $3 = "SIZE"; $4 = "DATE"; $5 = "TIME"; print $0 }'
`#normalize` \
| sort \
> deb_content_$pkg
done
popd
done
Compare the control files:
for dir in debs-old/deb_control_*; do
dir="$(basename $dir)"
echo "DIR: $dir"
diff -U0 debs-old/$dir/control debs-new/$dir/control
echo
done
The only differences are:
1) the Version: bump,
2) the versioned dependency bump on rsyslog,
3) and rsyslog-relp also has versioned dependency bump on librelp0, as expected.
DIR: deb_control_rsyslog-relp
--- debs-old/deb_control_rsyslog-relp/control 2020-02-11
15:25:29.000000000 +0000
+++ debs-new/deb_control_rsyslog-relp/control 2020-07-30
19:53:18.000000000 +0000
@@ -3 +3 @@
-Version: 8.2001.0-1ubuntu1
+Version: 8.2001.0-1ubuntu1.1
@@ -7 +7 @@
-Depends: libc6 (>= 2.14), librelp0 (>= 1.4.0), rsyslog (=
8.2001.0-1ubuntu1)
+Depends: libc6 (>= 2.14), librelp0 (>= 1.5.0), rsyslog (=
8.2001.0-1ubuntu1.1)
Compare the contents:
for file in debs-old/deb_content_*; do
file="$(basename $file)"
echo "FILE: $file"
diff -U0 debs-old/$file debs-new/$file
echo
done
The only differences are the
/usr/share/doc/rsyslog-<pkg>/{NEWS,changelog}.Debian.gz files,
which used to be symlinks to ../rsyslog/{NEWS,changelog}.Debian.gz, but are not
anymore; eg:
FILE: deb_content_rsyslog-czmq
--- debs-old/deb_content_rsyslog-czmq 2020-08-06 23:52:05.910354509
+0000
+++ debs-new/deb_content_rsyslog-czmq 2020-08-06 23:51:54.622403701
+0000
@@ -2,0 +3 @@
+-rw-r--r-- root/root SIZE DATE TIME
./usr/share/doc/rsyslog-czmq/NEWS.Debian.gz
@@ -3,0 +5 @@
+-rw-r--r-- root/root SIZE DATE TIME
./usr/share/doc/rsyslog-czmq/changelog.Debian.gz
@@ -13,2 +14,0 @@
-lrwxrwxrwx root/root SIZE DATE TIME
./usr/share/doc/rsyslog-czmq/NEWS.Debian.gz -> ../rsyslog/NEWS.Debian.gz
-lrwxrwxrwx root/root SIZE DATE TIME
./usr/share/doc/rsyslog-czmq/changelog.Debian.gz ->
../rsyslog/changelog.Debian.gz
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1888926
Title:
tls.tlscfgcmd not recognized; rebuild rsyslog against librelp 1.5.0
Status in rsyslog package in Ubuntu:
Fix Released
Status in rsyslog source package in Focal:
In Progress
Status in rsyslog source package in Groovy:
Fix Released
Bug description:
[Description]
Problem is according to
https://launchpad.net/ubuntu/+source/librelp/+publishinghistory,
librelp-dev 1.5.0 was published into focal at 2020-04-21, but reverse
dependencies
(such as rsyslog) weren't rebuilt after this new version was published
# dpkg -l | grep librelp
ii librelp-dev:amd64 1.5.0-1ubuntu2 amd64 Reliable Event Logging Protocol
(RELP) library - development files
ii librelp0:amd64 1.5.0-1ubuntu2 amd64 Reliable Event Logging Protocol (RELP)
library
rsyslogd: error during parsing file /etc/rsyslog.d/FILENAME.conf, on
or before line 22: imrelp: librelp does not support input parameter
'tls.tlscfgcmd'; it probably is too old (1.5.0 or higher should be
fine); ignoring setting now. [v8.2001.0 try
https://www.rsyslog.com/e/2207 ]
[Reproducer]
Setup a focal machine with rsyslog, using the following configuration:
----
module(load="imrelp" tls.tlslib="openssl")
input(
type="imrelp" port="2515"
tls="on"
# This should work in rsyslog 8.2006.0:
#tls.mycert="/etc/rsyslog.tls/fullchain.pem"
# for now we use the work-around discussed in:
# https://github.com/rsyslog/rsyslog/issues/4360
tls.cacert="/etc/rsyslog.tls/chain.pem"
tls.mycert="/etc/rsyslog.tls/cert.pem"
tls.myprivkey="/etc/rsyslog.tls/privkey.pem"
tls.tlscfgcmd="ServerPreference
CipherString=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
Ciphersuites=TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
MinProtocol=TLSv1.2"
)
----
This error comes from this code in plugins/imrelp/imrelp.c:
----
#if defined(HAVE_RELPENGINESETTLSCFGCMD)
inst->tlscfgcmd =
(uchar*)es_str2cstr(pvals[i].val.d.estr, NULL);
#else
parser_errmsg("imrelp: librelp does not support input
parameter 'tls.tlscfgcmd'; "
"it probably is too old (1.5.0 or higher
should be fine); ignoring setting now.");
#endif
----
The build log for focal:
https://launchpadlibrarian.net/464665610/buildlog_ubuntu-focal-arm64.rsyslog_8.2001.0-1ubuntu1_BUILDING.txt.gz
says:
checking for relpSrvSetTlsConfigCmd... no
checking for relpSrvSetTlsConfigCmd... (cached) no
The build log for groovy:
https://launchpadlibrarian.net/486409321/buildlog_ubuntu-groovy-arm64.rsyslog_8.2006.0-2ubuntu1_BUILDING.txt.gz
says:
checking for relpSrvSetTlsConfigCmd... yes
checking for relpSrvSetTlsConfigCmd... (cached) yes
If I rebuild the rsyslog package, I get:
checking for relpSrvSetTlsConfigCmd... yes
checking for relpSrvSetTlsConfigCmd... (cached) yes
I suspect that the rsyslog package was built against and older librelp
version. A simple rebuild of rsyslog should fix this, though a more
complete fix would be to raise the Build-Depends from librelp-dev (>=
1.4.0) to librelp-dev (>= 1.5.0).
[Risk potential]
* No identified as this is a rebuild that should have been done on all
reverse dependencies of librelp-dev when upgraded from 1.4.0 to 1.5.0
[Fix]
Provide a rebuild SRU for focal.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1888926/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
