Hi Folks,
I have compiled rsyslogd from source along with all its dependencies but
while using TLS to send the syslog messages to another rsyslog server I get
the below
error
Nov 12 08:41:28 10 syslog: could not load module
'/usr/local/lib/rsyslog/lmnsd_gtls.so', dlsym: Unable to resolve symbol
[v8.2012.0.master try https://www.rsyslog.com/e/2067 ]
The error does not print what is the function it is trying to access while
trying to load the lmnsd_gtls.so
Any idea as to which function is not getting resolved?
This is a small embedded arm system (code has been cross compiled to 32 bit
arm)
LD_LIBRARY_PATH is set to access all so files.
/bin # ls /etc/*.pem
/etc/ca.pem /etc/rslclient-cert.pem /etc/rslclient-key.pem
/bin # ls *.so
imklog.so imudp.so imuxsock.so libgnutls.so libnettle.so
lmnetstrms.so lmnsd_ptcp.so lmtcpsrv.so
imtcp.so imuklog.so libgmp.so libhogweed.so lmnet.so
lmnsd_gtls.so lmtcpclt.so lmzlibw.so
/bin # ls rsyslogd
rsyslogd
bin # ls /usr/local/lib/rsyslog/
lmnsd_gnutls.so lmnsd_gtls.so
The rsyslogd is supposed to act as a UDP server and TCL TLS client both at
the same time.
i.e. record all syslog messages to /var/log/messages and at the same time
forward it to remote
SERVER.EXAMPLE.COM port 10514 for remote TLS based logging.
/bin # cat /etc/rsyslog.conf
# rsyslog v5 configuration file
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see
http://www.rsyslog.com/doc/troubleshoot.html
#### MODULES ####
$ModLoad imuxsock # provides support for local system logging (e.g. via
logger command)
$ModLoad imklog # provides kernel logging support (previously done by
rklogd)
#$ModLoad immark # provides --MARK-- message capability
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
#global(debug.gnutls="10" debug.logFile="/rsyslog_debug")
$DefaultNetstreamDriverCAFile /etc/ca.pem
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCertFile /etc/rslclient-cert.pem
$DefaultNetstreamDriverKeyFile /etc/rslclient-key.pem
$ActionSendStreamDriverPermittedPeer SERVER.EXAMPLE.COM
$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
$ActionSendStreamDriverAuthMode anon
#### GLOBAL DIRECTIVES ####
# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# File syncing capability is disabled by default. This feature is usually
not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
#*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
*.* @@SERVER.EXAMPLE.COM:10514
# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$WorkDirectory /var/lib/rsyslog # where to place spool files
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList # run asynchronously
#$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
--
Sent from: http://rsyslog-users.1305293.n2.nabble.com/
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
I have compiled rsyslogd from source along with all its dependencies but
while using TLS to send the syslog messages to another rsyslog server I get
the below
error
Nov 12 08:41:28 10 syslog: could not load module
'/usr/local/lib/rsyslog/lmnsd_gtls.so', dlsym: Unable to resolve symbol
[v8.2012.0.master try https://www.rsyslog.com/e/2067 ]
The error does not print what is the function it is trying to access while
trying to load the lmnsd_gtls.so
Any idea as to which function is not getting resolved?
This is a small embedded arm system (code has been cross compiled to 32 bit
arm)
LD_LIBRARY_PATH is set to access all so files.
/bin # ls /etc/*.pem
/etc/ca.pem /etc/rslclient-cert.pem /etc/rslclient-key.pem
/bin # ls *.so
imklog.so imudp.so imuxsock.so libgnutls.so libnettle.so
lmnetstrms.so lmnsd_ptcp.so lmtcpsrv.so
imtcp.so imuklog.so libgmp.so libhogweed.so lmnet.so
lmnsd_gtls.so lmtcpclt.so lmzlibw.so
/bin # ls rsyslogd
rsyslogd
bin # ls /usr/local/lib/rsyslog/
lmnsd_gnutls.so lmnsd_gtls.so
The rsyslogd is supposed to act as a UDP server and TCL TLS client both at
the same time.
i.e. record all syslog messages to /var/log/messages and at the same time
forward it to remote
SERVER.EXAMPLE.COM port 10514 for remote TLS based logging.
/bin # cat /etc/rsyslog.conf
# rsyslog v5 configuration file
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see
http://www.rsyslog.com/doc/troubleshoot.html
#### MODULES ####
$ModLoad imuxsock # provides support for local system logging (e.g. via
logger command)
$ModLoad imklog # provides kernel logging support (previously done by
rklogd)
#$ModLoad immark # provides --MARK-- message capability
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
#global(debug.gnutls="10" debug.logFile="/rsyslog_debug")
$DefaultNetstreamDriverCAFile /etc/ca.pem
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCertFile /etc/rslclient-cert.pem
$DefaultNetstreamDriverKeyFile /etc/rslclient-key.pem
$ActionSendStreamDriverPermittedPeer SERVER.EXAMPLE.COM
$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
$ActionSendStreamDriverAuthMode anon
#### GLOBAL DIRECTIVES ####
# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# File syncing capability is disabled by default. This feature is usually
not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
#*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
*.* @@SERVER.EXAMPLE.COM:10514
# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$WorkDirectory /var/lib/rsyslog # where to place spool files
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList # run asynchronously
#$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
--
Sent from: http://rsyslog-users.1305293.n2.nabble.com/
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.