diff --git a/roles/rsyslog/tasks/main_core.yml b/roles/rsyslog/tasks/main_core.yml index 1ad7f308..deb6ac32 100644 --- a/roles/rsyslog/tasks/main_core.yml +++ b/roles/rsyslog/tasks/main_core.yml @@ -364,7 +364,6 @@ service: name: rsyslog enabled: true - state: started when: - __rsyslog_enabled | bool - not rsyslog_in_image | default(false) | bool diff --git a/roles/rsyslog/templates/input_relp.j2 b/roles/rsyslog/templates/input_relp.j2 index 2efeb885..7196e8cb 100644 --- a/roles/rsyslog/templates/input_relp.j2 +++ b/roles/rsyslog/templates/input_relp.j2 @@ -1,7 +1,10 @@ input(name="{{ __rsyslog_input.name }}" type="imrelp" port="{{ __rsyslog_input.port | d(20514) | int }}" +{% if ansible_distribution in ['CentOS', 'RedHat'] and + ansible_distribution_major_version is version('7', '>') %} maxDataSize="{{ __rsyslog_input.max_data_size | d(logging_max_message_size) | int }}" +{% endif %} {% if __rsyslog_input.tls | default(true) %} {% if __rsyslog_input.ca_cert is defined %} {% set __cacert = __rsyslog_input.ca_cert %} diff --git a/tests/tasks/assert_varlogmessages.yml b/tests/tasks/assert_varlogmessages.yml new file mode 100644 index 00000000..b7dcd6ea --- /dev/null +++ b/tests/tasks/assert_varlogmessages.yml @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: MIT +--- +- name: Get content of {{ __default_system_log }} + shell: cat {{ __default_system_log }} || true + register: __default_system_log_content + changed_when: false + no_log: true + +- name: Print possible errors in {{ __default_system_log }} + vars: + errors: >- + {{ __default_system_log_content.stdout + | regex_search('rsyslogd: error.*') }} + debug: + var: errors + when: errors | length > 0 + +# /var/log/messages sometimes contains errors not visible in journalctl +- name: Ensure no errors in {{ __default_system_log }} + assert: + that: "'rsyslogd: error' not in __default_system_log_content.stdout" + +- name: Remove {{ __default_system_log }} + file: + path: "{{ __default_system_log }}" + state: absent diff --git a/tests/tests_basics_files.yml b/tests/tests_basics_files.yml index 0bbc346f..ba60e1b4 100644 --- a/tests/tests_basics_files.yml +++ b/tests/tests_basics_files.yml @@ -392,3 +392,6 @@ file: path: /tmp/__testfile__ state: absent + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_basics_forwards.yml b/tests/tests_basics_forwards.yml index a37b24a5..9f5392bf 100644 --- a/tests/tests_basics_forwards.yml +++ b/tests/tests_basics_forwards.yml @@ -94,6 +94,7 @@ target: host.domain - name: forwards_no_severity_and_facility_protocol_port_target type: forwards + target: host.domain - target: no_name.localdomain type: forwards logging_inputs: @@ -582,6 +583,9 @@ rmdir /tmp/rsyslog.d-backup changed_when: false + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml + # TEST CASE 3 - name: Test case 3 block: diff --git a/tests/tests_combination.yml b/tests/tests_combination.yml index 3c5bc998..fcaac80a 100644 --- a/tests/tests_combination.yml +++ b/tests/tests_combination.yml @@ -52,7 +52,11 @@ - name: "{{ __test_tag }}" type: files input_log_path: "{{ __test_inputfiles_dir }}/*.log" - endmsg_regex: xyz + # Not supported on EL 7 + endmsg_regex: "{{ omit + if ansible_distribution in ['CentOS', 'RedHat'] and + ansible_distribution_major_version is version('7', '==') + else 'xyz' }}" - name: basic_input type: basics ratelimit_burst: 33333 @@ -577,3 +581,6 @@ - name: "Force all notified handlers to run at this point, not waiting for normal sync points" meta: flush_handlers + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_files_elasticsearch.yml b/tests/tests_files_elasticsearch.yml index 82657043..596fdb71 100644 --- a/tests/tests_files_elasticsearch.yml +++ b/tests/tests_files_elasticsearch.yml @@ -21,7 +21,7 @@ false in the configuration named elasticsearch_output" __certdir: /etc/pki/tls/certs/ __keydir: /etc/pki/tls/private/ - + __default_system_log: /var/log/messages tasks: - name: Run test block: @@ -458,6 +458,8 @@ not waiting for normal sync points" meta: flush_handlers + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml always: - name: Remove tempdir file: diff --git a/tests/tests_files_files.yml b/tests/tests_files_files.yml index 047aa82a..90f34247 100644 --- a/tests/tests_files_files.yml +++ b/tests/tests_files_files.yml @@ -172,3 +172,6 @@ - name: Check ports managed by firewall and selinux include_tasks: tasks/check_firewall_selinux.yml + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_imuxsock_files.yml b/tests/tests_imuxsock_files.yml index 9f85b124..86e5f26a 100644 --- a/tests/tests_imuxsock_files.yml +++ b/tests/tests_imuxsock_files.yml @@ -74,14 +74,8 @@ __logging_file: "{{ __default_system_log }}" include_tasks: tasks/test_logger.yml - - name: Get content of {{ __default_system_log }} - command: cat {{ __default_system_log }} - register: __default_system_log_content - changed_when: false - - - name: Ensure no errors in {{ __default_system_log }} - assert: - that: "'rsyslogd: error' not in __default_system_log_content.stdout" + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml - name: Check ports managed by firewall and selinux include_tasks: tasks/check_firewall_selinux.yml @@ -148,12 +142,6 @@ command: journalctl -ex changed_when: false - # When imuxsock is configured, errors are not visible in journalctl - - name: Print errors in {{ __default_system_log }} - command: >- - grep "rsyslogd: error" {{ __default_system_log }} - changed_when: false - - name: Fail fail: msg: "{{ ansible_failed_result }}" diff --git a/tests/tests_ovirt_elasticsearch.yml b/tests/tests_ovirt_elasticsearch.yml index 706ac278..b55859a0 100644 --- a/tests/tests_ovirt_elasticsearch.yml +++ b/tests/tests_ovirt_elasticsearch.yml @@ -24,7 +24,7 @@ __test_logs_index: project.ovirt-logs __test_engine_input: /var/log/ovirt-engine/engine.log __test_vdsm_input: /var/log/vdsm/vdsm.log - + __default_system_log: /var/log/messages tasks: - name: TEST CASE 0; Ensure basic ovirt default configuration works vars: @@ -376,3 +376,11 @@ - name: "Force all notified handlers to run at this point, not waiting for normal sync points" meta: flush_handlers + + # This tests results in expected error in /var/log/messages on EL 7 + # Errors are that /etc/rsyslog.d/es-ca.crt and /etc/rsyslog.d/es-cert.pem + # do not exist. + - name: Remove {{ __default_system_log }} + file: + path: "{{ __default_system_log }}" + state: absent diff --git a/tests/tests_purge_reset.yml b/tests/tests_purge_reset.yml index 051a788c..6eb41593 100644 --- a/tests/tests_purge_reset.yml +++ b/tests/tests_purge_reset.yml @@ -6,6 +6,7 @@ hosts: all vars: __test_default_files_conf: /etc/rsyslog.d/30-output-files-default_files.conf + __default_system_log: /var/log/messages tasks: - name: Determine if system is ostree and set flag when: not __logging_is_ostree is defined @@ -151,3 +152,6 @@ - name: Check ports managed by firewall and selinux include_tasks: tasks/check_firewall_selinux.yml + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_relp.yml b/tests/tests_relp.yml index d04dbadf..412c4737 100644 --- a/tests/tests_relp.yml +++ b/tests/tests_relp.yml @@ -15,7 +15,7 @@ __test_relp_global: /etc/rsyslog.d/00-global.conf logging_max_message_size: 16384 logging_preserve_fqdn: true - + __default_system_log: /var/log/messages tasks: # TEST CASE 0 # Note: Create a self-signed cert just for the "unit" test. @@ -181,6 +181,7 @@ failed_when: __result.stdout != "1" # yamllint enable rule:line-length + # maxDataSize is not supported on EL 7 - name: Check maxDataSize is logging_max_message_size command: >- grep -c 'maxDataSize="{{ logging_max_message_size }}"' @@ -188,6 +189,9 @@ changed_when: false register: __result failed_when: __result.stdout != "1" + when: + - ansible_distribution in ['CentOS', 'RedHat'] + - ansible_distribution_major_version is version('7', '>') - name: Check preserveFQDN is on command: grep -c 'preserveFQDN="on"' {{ __test_relp_global }} @@ -388,3 +392,6 @@ - name: Check ports managed by firewall and selinux include_tasks: tasks/check_firewall_selinux.yml + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_remote.yml b/tests/tests_remote.yml index 05ef6c90..709db90f 100644 --- a/tests/tests_remote.yml +++ b/tests/tests_remote.yml @@ -11,7 +11,7 @@ /etc/rsyslog.d/30-output-files-remote_files_output0.conf __test_output_remote1: >- /etc/rsyslog.d/30-output-files-remote_files_output1.conf - + __default_system_log: /var/log/messages tasks: # TEST CASE 0 - name: "TEST CASE 0; Test configuration inputs from the remote rsyslog @@ -242,3 +242,6 @@ - name: Check ports managed by firewall and selinux include_tasks: tasks/check_firewall_selinux.yml + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml diff --git a/tests/tests_server.yml b/tests/tests_server.yml index a046ff85..cc90faeb 100644 --- a/tests/tests_server.yml +++ b/tests/tests_server.yml @@ -20,7 +20,7 @@ __test_server_tcp: /etc/rsyslog.d/11-input-remote-remote_tcp.conf __test_server_udp: /etc/rsyslog.d/11-input-remote-remote_udp.conf __expected_error: "Error: remote_tcp_0 and remote_tcp_1 conflict." - + __default_system_log: /var/log/messages tasks: # TEST CASE 0 # Note: Create a self-signed cert just for the "unit" test. @@ -223,3 +223,6 @@ - "{{ __test_ca_cert }}" - "{{ __test_key }}" - "{{ __test_cert }}" + + - name: Assert {{ __default_system_log }} + include_tasks: tasks/assert_varlogmessages.yml