Skip to content

Config should be validated as correct before attempting to restart rsyslog. #199

New issue
New issue
Open
Open
Config should be validated as correct before attempting to restart rsyslog.#199
Labels
enhancementNew feature or request
@kyrian666

Description

@kyrian666
kyrian666
opened on May 9, 2022

Affected Puppet, Ruby, OS and module versions/distributions

  • Puppet: 7.x, 3.x
  • Ruby: Not sure.
  • Distribution: Ubuntu 20.04 / RHEL.
  • Module version: 0.5.1

How to reproduce (e.g Puppet code you use)

Try and configure an rsyslog module that does not exist for your distribution in the rsyslog config via hiera (because the structure of the Debian-derived and Redhat-derived packages differs in the respect of what is packaged), or any config directives that depend on such a module. Bad rsyslog-killing config is generated.

What are you seeing

Rsyslog won't restart successfully due to syntax errors or module loading not working.

Some examples of things the puppet module could result in. The first was fatal, the second just a warning:

rsyslogd: could not load module 'imjournal', errors: trying to load module /lib64/rsyslog/imjournal.so: /lib64/rsyslog/imjournal.so: cannot open shared object file: No such file or directory [v8.2010.0 try https://www.rsyslog.com/e/2066 ]
rsyslogd: error during parsing file /etc/rsyslog.conf, on or before line 17: parameter 'StateFile' not known – typo in config file? [v8.2010.0 try https://www.rsyslog.com/e/2207 ]

rsyslogd: imtcp: module loaded, but no listeners defined - no input will be gathered [v8.2010.0 try https://www.rsyslog.com/e/2212 ]
rsyslogd: imudp: module loaded, but no listeners defined - no input will be gathered [v8.2010.0 try https://www.rsyslog.com/e/2212 ]

What behaviour did you expect instead

Deployment of invalid config to be picked up and puppet to abort trying it sanely.

This should follow the "fail fast" pattern, and fail as safely as possible, so abort the deployment of the config if possible, failing that abort the restart of the daemon if invalid config is detected by a validation.I recognise this could become an idempotency issue, but it's probably better to (at least have the option to) indicate a problem clearly as soon as possible rather than more opaquely at a later stage.

Output log

Not to hand, but I think the repercussions are obvious.

Any additional information you'd like to impart

My current day job would very much like this not to break their rsyslogs.

I'm trying to make this happen via #198 which is draft at the moment.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions