Rebase to 8.8.0

- resolves: rhbz#1069690 - drop patches merged upstream - version the dependency on liblognorm-devel - enable mmcount, mmexternal modules, remove imdiag, omruleset and pmrfc3164sd modules resolves: rhbz#1156359 - add dos2unix to build requirements - make the build process more verbose - in accordance with an upstream change, the rsyslog service is now restarted automatically upon failure - adjust the default configuration file for the removal of /etc/rsyslog.d/listen.conf by the systemd package resolves: rhbz#1116864 - disable the imklog module by default; kernel messages are read from journald resolves: rhbz#1083564 - if there is no saved position in the journal, log only messages that are received after rsyslog is started; this is a safety measure to prevent excessive resource utilization - use documentation from the standalone rsyslog-docs project - move documentation from all subpackages into a single directory - mark the recover_qi.pl script as documentation
2015-01-15 21:31:58 +01:00 · 2015-01-15 21:31:58 +01:00 · 4c244e0a98
commit 4c244e0a98
parent c3ce4569e8
15 changed files with 162 additions and 973 deletions
--- a/rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
+++ b/rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
@ -1,44 +0,0 @@
 diff -up rsyslog-7.2.1/runtime/msg.c.orig rsyslog-7.2.1/runtime/msg.c
 --- rsyslog-7.2.1/runtime/msg.c.orig	2012-10-29 11:33:30.000000000 +0100
 +++ rsyslog-7.2.1/runtime/msg.c	2012-11-14 08:58:20.235584832 +0100
@@ -3752,6 +3752,22 @@
 	RETiRet;
 }
 +static rsRetVal
 +jsonMergeNonOverwrite(struct json_object *existing, struct json_object *json)
 +{
 +	DEFiRet;
 +	struct json_object_iter it;
 +
 +	json_object_object_foreachC(existing, it) {
 +		json_object_object_add(json, it.key, json_object_get(it.val));
 +	}
 +
 +	CHKiRet(jsonMerge(existing, json));
 +
 +finalize_it:
 +	RETiRet;
 +}
 +
 /* find a JSON structure element (field or container doesn't matter).  */
 rsRetVal
 jsonFind(msg_t *pM, es_str_t *propName, struct json_object **jsonres)
@@ -3795,7 +3811,7 @@
 		if(pM->json == NULL)
 			pM->json = json;
 		else
 -			CHKiRet(jsonMerge(pM->json, json));
 +			CHKiRet(jsonMergeNonOverwrite(pM->json, json));
 	} else {
 		if(pM->json == NULL) {
 			/* now we need a root obj */
@@ -3808,7 +3824,7 @@
 			json_object_object_add(parent, (char*)leaf, json);
 		} else {
 			if(json_object_get_type(json) == json_type_object) {
 -				CHKiRet(jsonMerge(pM->json, json));
 +				CHKiRet(jsonMergeNonOverwrite(pM->json, json));
 			} else {
 //dbgprintf("AAAA: leafnode already exists, type is %d, update with %d\n", (int)json_object_get_type(leafnode), (int)json_object_get_type(json));
 				/* TODO: improve the code below, however, the current
--- a/rsyslog-7.2.2-manpage-dbg-mode.patch
+++ b/rsyslog-7.2.2-manpage-dbg-mode.patch
@ -1,56 +0,0 @@
 diff -up rsyslog-7.2.2/tools/rsyslogd.8.orig rsyslog-7.2.2/tools/rsyslogd.8
 --- rsyslog-7.2.2/tools/rsyslogd.8.orig	2012-11-20 16:31:26.530284950 +0100
 +++ rsyslog-7.2.2/tools/rsyslogd.8	2012-11-20 16:31:34.172188889 +0100
@@ -131,11 +131,7 @@ syntax errors are reported. Please note 
 technical and orignally targeted towards developers.
 .TP
 .B "\-d"
 -Turns on debug mode.  Using this the daemon will not proceed a 
 -.BR fork (2)
 -to set itself in the background, but opposite to that stay in the
 -foreground and write much debug information on the current tty.  See the
 -DEBUGGING section for more information.
 +Turns on debug mode. See the DEBUGGING section for more information.
 .TP
 .BI "\-f " "config file"
 Specify an alternative configuration file instead of
@@ -294,11 +290,17 @@ be prevented by using GSS-API authentica
 to think about syslog network security before enabling it.
 .LP
 .SH DEBUGGING
 -When debugging is turned on using
 +When debugging is turned on using the
 .B "\-d"
 -option then
 +option,
 .B rsyslogd
 -will be very verbose by writing much of what it does on stdout.
 +produces debugging information according to the
 +.B RSYSLOG_DEBUG
 +environment variable and the signals received. When run in foreground,
 +the information is written to stdout. An additional output file can be
 +specified using the
 +.B RSYSLOG_DEBUGLOG
 +environment variable.
 .SH FILES
 .PD 0
 .TP
@@ -325,10 +327,17 @@ is specified during compilation (e.g. /u
 .SH ENVIRONMENT
 .TP
 .B RSYSLOG_DEBUG
 -Controls runtime debug support.It contains an option string with the
 +Controls runtime debug support. It contains an option string with the
 following options possible (all are case insensitive):
 .RS
 +.IP Debug
 +Turns on debugging and prevents forking. This is processed earlier
 +in the startup than command line options (i.e. -d) and as such
 +enables earlier debugging output. Mutually exclusive with DebugOnDemand.
 +.IP DebugOnDemand
 +Enables debugging but turns off debug output. The output can be toggled
 +by sending SIGUSR1. Mutually exclusive with Debug.
 .IP LogFuncFlow
 Print out the logical flow of functions (entering and exiting them)
 .IP FileTrace
--- a/rsyslog-7.4.10-cve-2014-3634.patch
+++ b/rsyslog-7.4.10-cve-2014-3634.patch
@ -1,257 +0,0 @@
 From 0d7a31540b25b2942ae35dd3c62d9ee33020a157 Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Tue, 7 Oct 2014 10:24:06 +0200
 Subject: [PATCH] fix CVE-2014-3634
 See the following links for details:
 https://access.redhat.com/security/cve/CVE-2014-3634
 http://www.rsyslog.com/remote-syslog-pri-vulnerability/
 ---
 grammar/rainerscript.h  |  4 +--
 runtime/msg.c           | 33 ++++++++++++++++---------
 runtime/parser.c        | 13 ++++++----
 runtime/rsyslog.h       | 66 ++++++++++++++++++++++++++++++++++++++++---------
 runtime/srutils.c       |  1 +
 runtime/syslogd-types.h |  3 ---
 6 files changed, 88 insertions(+), 32 deletions(-)
 diff --git a/grammar/rainerscript.h b/grammar/rainerscript.h
 index 0657330..52050e4 100644
 --- a/grammar/rainerscript.h
 +++ b/grammar/rainerscript.h
@@ -7,8 +7,8 @@
 #include <regex.h>
 #include "typedefs.h"
 -
 -#define	LOG_NFACILITIES	24	/* current number of syslog facilities */
 +#define	LOG_NFACILITIES	24+1	/* This is a dupe from rsyslog.h, but we can't include it as
 +				   I don't know how to get hold of that damn off64_t data type... */
 #define CNFFUNC_MAX_ARGS 32
 	/**< maximum number of arguments that any function can have (among
 	 *   others, this is used to size data structures).
 diff --git a/runtime/msg.c b/runtime/msg.c
 index 10ecf48..abb58c9 100644
 --- a/runtime/msg.c
 +++ b/runtime/msg.c
@@ -90,7 +90,7 @@ static char *two_digits[100] = {
 static struct {
 	uchar *pszName;
 	short lenName;
 -} syslog_pri_names[192] = {
 +} syslog_pri_names[200] = {
 	{ UCHAR_CONSTANT("0"), 3},
 	{ UCHAR_CONSTANT("1"), 3},
 	{ UCHAR_CONSTANT("2"), 3},
@@ -282,22 +282,30 @@ static struct {
 	{ UCHAR_CONSTANT("188"), 5},
 	{ UCHAR_CONSTANT("189"), 5},
 	{ UCHAR_CONSTANT("190"), 5},
 -	{ UCHAR_CONSTANT("191"), 5}
 +	{ UCHAR_CONSTANT("191"), 5},
 +	{ UCHAR_CONSTANT("192"), 5},
 +	{ UCHAR_CONSTANT("193"), 5},
 +	{ UCHAR_CONSTANT("194"), 5},
 +	{ UCHAR_CONSTANT("195"), 5},
 +	{ UCHAR_CONSTANT("196"), 5},
 +	{ UCHAR_CONSTANT("197"), 5},
 +	{ UCHAR_CONSTANT("198"), 5},
 +	{ UCHAR_CONSTANT("199"), 5},
 	};
 static char hexdigit[16] =
 	{'0', '1', '2', '3', '4', '5', '6', '7', '8',
 	 '9', 'A', 'B', 'C', 'D', 'E', 'F' };
 /*syslog facility names (as of RFC5424) */
 -static char *syslog_fac_names[24] = { "kern", "user", "mail", "daemon", "auth", "syslog", "lpr",
 +static char *syslog_fac_names[LOG_NFACILITIES] = { "kern", "user", "mail", "daemon", "auth", "syslog", "lpr",
 			    	      "news", "uucp", "cron", "authpriv", "ftp", "ntp", "audit",
 			    	      "alert", "clock", "local0", "local1", "local2", "local3",
 -			    	      "local4", "local5", "local6", "local7" };
 +			    	      "local4", "local5", "local6", "local7", "invld" };
 /* length of the facility names string (for optimizatiions) */
 -static short len_syslog_fac_names[24] = { 4, 4, 4, 6, 4, 6, 3,
 +static short len_syslog_fac_names[LOG_NFACILITIES] = { 4, 4, 4, 6, 4, 6, 3,
 			    	          4, 4, 4, 8, 3, 3, 5,
 			    	          5, 5, 6, 6, 6, 6,
 -			    	          6, 6, 6, 6 };
 +			    	          6, 6, 6, 6, 5 };
 /* table of severity names (in numerical order)*/
 static char *syslog_severity_names[8] = { "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug" };
@@ -307,8 +315,8 @@ static short len_syslog_severity_names[8] = { 5, 5, 4, 3, 7, 6, 4, 5 };
  * and facility values to a numerical string... -- rgerhars, 2009-06-17
  */
 -static char *syslog_number_names[24] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14",
 -					 "15", "16", "17", "18", "19", "20", "21", "22", "23" };
 +static char *syslog_number_names[LOG_NFACILITIES] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14",
 +					 "15", "16", "17", "18", "19", "20", "21", "22", "23", "24" };
 /* global variables */
 #if defined(HAVE_MALLOC_TRIM) && !defined(HAVE_ATOMIC_BUILTINS)
@@ -678,8 +686,8 @@ static inline rsRetVal msgBaseConstruct(msg_t **ppThis)
 	pM->flowCtlType = 0;
 	pM->bParseSuccess = 0;
 	pM->iRefCount = 1;
 -	pM->iSeverity = -1;
 -	pM->iFacility = -1;
 +	pM->iSeverity = LOG_DEBUG;
 +	pM->iFacility = LOG_INVLD;
 	pM->iLenPROGNAME = -1;
 	pM->offAfterPRI = 0;
 	pM->offMSG = -1;
@@ -1499,7 +1507,10 @@ uchar *getMSG(msg_t *pM)
 /* Get PRI value as integer */
 static int getPRIi(msg_t *pM)
 {
 -	return (pM->iFacility << 3) + (pM->iSeverity);
 +	unsigned pri = (pM->iFacility << 3) + (pM->iSeverity);
 +	if(pri > LOG_MAXPRI)
 +		pri = LOG_PRI_INVLD;
 +	return pri;
 }
 diff --git a/runtime/parser.c b/runtime/parser.c
 index 74b28f4..e708b33 100644
 --- a/runtime/parser.c
 +++ b/runtime/parser.c
@@ -444,7 +444,7 @@ finalize_it:
 static inline rsRetVal
 ParsePRI(msg_t *pMsg)
 {
 -	int pri;
 +	unsigned pri;
 	uchar *msg;
 	int lenMsg;
 	DEFiRet;
@@ -463,13 +463,16 @@ ParsePRI(msg_t *pMsg)
 			 * but it offers us performance...
 			 */
 			pri = 0;
 -			while(--lenMsg > 0 && isdigit((int) *++msg)) {
 +			while(--lenMsg > 0 && isdigit((int) *++msg) && pri <= LOG_MAXPRI) {
 				pri = 10 * pri + (*msg - '0');
 			}
 -			if(*msg == '>')
 +			if(*msg == '>') {
 				++msg;
 -			if(pri & ~(LOG_FACMASK|LOG_PRIMASK))
 -				pri = DEFUPRI;
 +			} else {
 +				pri = LOG_PRI_INVLD;
 +			}
 +			if(pri > LOG_MAXPRI)
 +				pri = LOG_PRI_INVLD;
 		}
 		pMsg->iFacility = LOG_FAC(pri);
 		pMsg->iSeverity = LOG_PRI(pri);
 diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h
 index e62ba86..37c4b1b 100644
 --- a/runtime/rsyslog.h
 +++ b/runtime/rsyslog.h
@@ -76,19 +76,63 @@
  * #                  End Config Settings                      # *
  * ############################################################# */
 -/* portability: not all platforms have these defines, so we
 - * define them here if they are missing. -- rgerhards, 2008-03-04
 +/* make sure we uses consistent macros, no matter what the
 + * platform gives us.
  */
 -#ifndef LOG_MAKEPRI
 -#	define	LOG_MAKEPRI(fac, pri)	(((fac) << 3) | (pri))
 -#endif
 -#ifndef LOG_PRI
 -#	define	LOG_PRI(p)	((p) & LOG_PRIMASK)
 -#endif
 -#ifndef LOG_FAC
 -#	define	LOG_FAC(p)	(((p) & LOG_FACMASK) >> 3)
 -#endif
 +#define LOG_NFACILITIES 24+1 /* plus one for our special "invld" facility! */
 +#define LOG_MAXPRI 191	/* highest supported valid PRI value --> RFC3164, RFC5424 */
 +#undef LOG_MAKEPRI
 +#define LOG_PRI_INVLD	(LOG_INVLD|LOG_DEBUG)	/* PRI is invalid --> special "invld.=debug" PRI code (rsyslog-specific) */
 +
 +#define	LOG_EMERG	0	/* system is unusable */
 +#define	LOG_ALERT	1	/* action must be taken immediately */
 +#define	LOG_CRIT	2	/* critical conditions */
 +#define	LOG_ERR		3	/* error conditions */
 +#define	LOG_WARNING	4	/* warning conditions */
 +#define	LOG_NOTICE	5	/* normal but significant condition */
 +#define	LOG_INFO	6	/* informational */
 +#define	LOG_DEBUG	7	/* debug-level messages */
 +
 +#define	LOG_KERN	(0<<3)	/* kernel messages */
 +#define	LOG_USER	(1<<3)	/* random user-level messages */
 +#define	LOG_MAIL	(2<<3)	/* mail system */
 +#define	LOG_DAEMON	(3<<3)	/* system daemons */
 +#define	LOG_AUTH	(4<<3)	/* security/authorization messages */
 +#define	LOG_SYSLOG	(5<<3)	/* messages generated internally by syslogd */
 +#define	LOG_LPR		(6<<3)	/* line printer subsystem */
 +#define	LOG_NEWS	(7<<3)	/* network news subsystem */
 +#define	LOG_UUCP	(8<<3)	/* UUCP subsystem */
 +#define	LOG_CRON	(9<<3)	/* clock daemon */
 +#define	LOG_AUTHPRIV	(10<<3)	/* security/authorization messages (private) */
 +#define	LOG_FTP		(11<<3)	/* ftp daemon */
 +#define	LOG_LOCAL0	(16<<3)	/* reserved for local use */
 +#define	LOG_LOCAL1	(17<<3)	/* reserved for local use */
 +#define	LOG_LOCAL2	(18<<3)	/* reserved for local use */
 +#define	LOG_LOCAL3	(19<<3)	/* reserved for local use */
 +#define	LOG_LOCAL4	(20<<3)	/* reserved for local use */
 +#define	LOG_LOCAL5	(21<<3)	/* reserved for local use */
 +#define	LOG_LOCAL6	(22<<3)	/* reserved for local use */
 +#define	LOG_LOCAL7	(23<<3)	/* reserved for local use */
 +#define LOG_FAC_INVLD   24
 +#define	LOG_INVLD	(LOG_FAC_INVLD<<3)	/* invalid facility/PRI code */
 +
 +/* we need to use a function to avoid side-effects. This MUST guard
 + * against invalid facility values. rgerhards, 2014-09-16
 + */
 +static inline int pri2fac(const int pri)
 +{
 +	unsigned fac = pri >> 3;
 +	return (fac > 23) ? LOG_FAC_INVLD : fac;
 +}
 +
 +#define LOG_FAC(x) pri2fac(x)
 +
 +static inline int pri2sev(const int pri)
 +{
 +	return pri & 0x07;
 +}
 +#define LOG_PRI(x) pri2sev(x)
 /* the rsyslog core provides information about present feature to plugins
  * asking it. Below are feature-test macros which must be used to query
 diff --git a/runtime/srutils.c b/runtime/srutils.c
 index 6a509b4..4f9f6c1 100644
 --- a/runtime/srutils.c
 +++ b/runtime/srutils.c
@@ -103,6 +103,7 @@ syslogName_t	syslogFacNames[] = {
 	{"local5",       LOG_LOCAL5},
 	{"local6",       LOG_LOCAL6},
 	{"local7",       LOG_LOCAL7},
 +	{"invld",        LOG_INVLD},
 	{NULL,           -1},
 };
 diff --git a/runtime/syslogd-types.h b/runtime/syslogd-types.h
 index 6947a11..8aee425 100644
 --- a/runtime/syslogd-types.h
 +++ b/runtime/syslogd-types.h
@@ -27,9 +27,6 @@
 #include "stringbuf.h"
 #include <sys/param.h>
 -#if HAVE_SYSLOG_H
 -#include <syslog.h>
 -#endif
 /* we use RSTRUE/FALSE to prevent name claches with other packages */
 #define RSFALSE 0
 -- 
 1.9.3
--- a/rsyslog-7.4.10-json-c-fix.patch
+++ b/rsyslog-7.4.10-json-c-fix.patch
@ -1,12 +0,0 @@
 diff -up rsyslog-7.4.10/plugins/mmjsonparse/mmjsonparse.c.jsonfix rsyslog-7.4.10/plugins/mmjsonparse/mmjsonparse.c
 --- rsyslog-7.4.10/plugins/mmjsonparse/mmjsonparse.c.jsonfix	2014-08-04 01:23:23.434286740 -0400
 +++ rsyslog-7.4.10/plugins/mmjsonparse/mmjsonparse.c	2014-08-04 01:24:07.617956596 -0400
@@ -146,7 +146,7 @@ processJSON(instanceData *pData, msg_t *
 			err = pData->tokener->err;
 			if(err != json_tokener_continue)
 -				errMsg = json_tokener_errors[err];
 +				errMsg = json_tokener_get_err(err);
 			else
 				errMsg = "Unterminated input";
 		} else if((size_t)pData->tokener->char_offset < lenBuf)
--- a/rsyslog-7.4.7-atomicops.patch
+++ b/rsyslog-7.4.7-atomicops.patch
@ -1,53 +0,0 @@
 From 612f881d541aaf3a8725276d41ff4ed3948e2d01 Mon Sep 17 00:00:00 2001
 From: Rainer Gerhards <rgerhards@adiscon.com>
 Date: Fri, 18 Oct 2013 07:11:44 +0200
 Subject: [PATCH] bugfix: omelasticsearch did not compile on platforms without
 atomic instructions
 ---
 plugins/omelasticsearch/omelasticsearch.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)
 diff --git a/plugins/omelasticsearch/omelasticsearch.c b/plugins/omelasticsearch/omelasticsearch.c
 index b82968d..8f51e1a 100644
 --- a/plugins/omelasticsearch/omelasticsearch.c
 +++ b/plugins/omelasticsearch/omelasticsearch.c
@@ -608,7 +608,7 @@ curlPost(instanceData *pData, uchar *message, int msglen, uchar **tpls, int nmsg
 		case CURLE_COULDNT_RESOLVE_PROXY:
 		case CURLE_COULDNT_CONNECT:
 		case CURLE_WRITE_ERROR:
 -			STATSCOUNTER_INC(indexHTTPReqFail, mutHTTPReqFail);
 +			STATSCOUNTER_INC(indexHTTPReqFail, mutIndexHTTPReqFail);
 			indexHTTPFail += nmsgs;
 			DBGPRINTF("omelasticsearch: we are suspending ourselfs due "
 				  "to failure %lld of curl_easy_perform()\n",
@@ -1001,18 +1001,18 @@ CODEmodInit_QueryRegCFSLineHdlr
 	/* support statistics gathering */
 	CHKiRet(statsobj.Construct(&indexStats));
 	CHKiRet(statsobj.SetName(indexStats, (uchar *)"omelasticsearch"));
 -	STATSCOUNTER_INIT(indexSubmit, mutCtrIndexSubmit);
 +	STATSCOUNTER_INIT(indexSubmit, mutIndexSubmit);
 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"submitted",
 -		ctrType_IntCtr, &indexSubmit));
 -	STATSCOUNTER_INIT(indexHTTPFail, mutCtrIndexHTTPFail);
 +		ctrType_Int, &indexSubmit));
 +	STATSCOUNTER_INIT(indexHTTPFail, mutIndexHTTPFail);
 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.http",
 -		ctrType_IntCtr, &indexHTTPFail));
 -	STATSCOUNTER_INIT(indexHTTPReqFail, mutCtrIndexHTTPReqFail);
 +		ctrType_Int, &indexHTTPFail));
 +	STATSCOUNTER_INIT(indexHTTPReqFail, mutIndexHTTPReqFail);
 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.httprequests",
 -		ctrType_IntCtr, &indexHTTPReqFail));
 -	STATSCOUNTER_INIT(indexESFail, mutCtrIndexESFail);
 +		ctrType_Int, &indexHTTPReqFail));
 +	STATSCOUNTER_INIT(indexESFail, mutIndexESFail);
 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.es",
 -		ctrType_IntCtr, &indexESFail));
 +		ctrType_Int, &indexESFail));
 	CHKiRet(statsobj.ConstructFinalize(indexStats));
 ENDmodInit
 -- 
 1.8.5.3
--- a/rsyslog-7.4.7-numeric-uid.patch
+++ b/rsyslog-7.4.7-numeric-uid.patch
@ -1,129 +0,0 @@
 From 032fcabdb7f3fc515d8155f48751271535df7b8e Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Thu, 5 Dec 2013 19:46:51 +0100
 Subject: [PATCH] Add directives for numerically specifying GIDs/UIDs
 The already present directives (FileOwner, FileGroup, DirOwner,
 DirGroup) translate names to numerical IDs, which depends on the user
 information being available during rsyslog's startup. This can fail if
 the information is obtained over a network or from a service such as
 SSSD. The new directives provide a way to specify the numerical IDs
 directly and bypass the lookup.
 ---
 doc/omfile.html              | 12 ++++++++++++
 doc/rsyslog_conf_global.html |  4 ++++
 tools/omfile.c               | 16 ++++++++++++++++
 3 files changed, 32 insertions(+)
 diff --git a/doc/omfile.html b/doc/omfile.html
 index 0f64f26..5f839fe 100644
 --- a/doc/omfile.html
 +++ b/doc/omfile.html
@@ -53,15 +53,27 @@
 	<li><strong>DirOwner </strong><br>
 	Set the file owner for directories newly created. Please note that this setting does not affect the owner of directories already existing. The parameter is a user name, for which the userid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
 +	<li><strong>DirOwnerNum </strong><br>
 +	Set the file owner for directories newly created. Please note that this setting does not affect the owner of directories already existing. The parameter is a numerical ID, which is used regardless of whether the user actually exists. This can be useful if the user mapping is not available to rsyslog during startup.<br></li><br>
 +
 	<li><strong>DirGroup </strong><br>
 	Set the group for directories newly created. Please note that this setting does not affect the group of directories already existing. The parameter is a group name, for which the groupid is obtained by rsyslogd on during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
 +	<li><strong>DirGroupNum </strong><br>
 +	Set the group for directories newly created. Please note that this setting does not affect the group of directories already existing. The parameter is a numerical ID, which is used regardless of whether the group actually exists. This can be useful if the group mapping is not available to rsyslog during startup.<br></li><br>
 +
 	<li><strong>FileOwner </strong><br>
 	Set the file owner for files newly created. Please note that this setting does not affect the owner of files already existing. The parameter is a user name, for which the userid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
 +	<li><strong>FileOwnerNum </strong><br>
 +	Set the file owner for files newly created. Please note that this setting does not affect the owner of files already existing. The parameter is a numerical ID, which which is used regardless of whether the user actually exists. This can be useful if the user mapping is not available to rsyslog during startup.<br></li><br>
 +
 	<li><strong>FileGroup </strong><br>
 	Set the group for files newly created. Please note that this setting does not affect the group of files already existing. The parameter is a group name, for which the groupid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
 +	<li><strong>$FileGroupNum </strong><br>
 +	Set the group for files newly created. Please note that this setting does not affect the group of files already existing. The parameter is a numerical ID, which is used regardless of whether the group actually exists. This can be useful if the group mapping is not available to rsyslog during startup.<br></li><br>
 +
 	<li><strong>DirCreateMode </strong>[defaul 0700]<br>
 	This is the same as $FileCreateMode, but for directories automatically generated.<br></li><br>
 diff --git a/doc/rsyslog_conf_global.html b/doc/rsyslog_conf_global.html
 index e48ed6d..b9a2ba2 100644
 --- a/doc/rsyslog_conf_global.html
 +++ b/doc/rsyslog_conf_global.html
@@ -136,7 +136,9 @@ our paper on <a href="multi_ruleset.html">using multiple rule sets in rsyslog</a
 <li><a href="omfile.html"><b>$CreateDirs</b></a> [<b>on</b>/off] - create directories on an as-needed basis</li>
 <li><a href="omfile.html"><b>$DirCreateMode</b></a></li>
 <li><a href="omfile.html"><b>$DirGroup</b></a></li>
 +<li><a href="omfile.html"><b>$DirGroupNum</b></a></li>
 <li><a href="omfile.html"><b>$DirOwner</b></a></li>
 +<li><a href="omfile.html"><b>$DirOwnerNum</b></a></li>
 <li><a href="rsconf1_dropmsgswithmaliciousdnsptrrecords.html"><b>$DropMsgsWithMaliciousDnsPTRRecords</b></a></li>
 <li><a href="rsconf1_droptrailinglfonreception.html"><b>$DropTrailingLFOnReception</b></a></li>
 <li><a href="omfile.html"><b>$DynaFileCacheSize</b></a></li>
@@ -148,7 +150,9 @@ our paper on <a href="multi_ruleset.html">using multiple rule sets in rsyslog</a
 <li><a href="omfile.html"><b>$FailOnChownFailure</b></a></li>
 <li><a href="omfile.html"><b>$FileCreateMode</b></a></li>
 <li><a href="omfile.html"><b>$FileGroup</b></a></li>
 +<li><a href="omfile.html"><b>$FileGroupNum</b></a></li>
 <li><a href="omfile.html"><b>$FileOwner</b></a></li>
 +<li><a href="omfile.html"><b>$FileOwnerNum</b></a></li>
 <li><a href="rsconf1_generateconfiggraph.html"><b>$GenerateConfigGraph</b></a></li>
 <li><a href="rsconf1_gssforwardservicename.html"><b>$GssForwardServiceName</b></a></li>
 <li><a href="rsconf1_gsslistenservicename.html"><b>$GssListenServiceName</b></a></li>
 diff --git a/tools/omfile.c b/tools/omfile.c
 index 3dca347..fd14cb5 100644
 --- a/tools/omfile.c
 +++ b/tools/omfile.c
@@ -233,9 +233,13 @@ static struct cnfparamdescr actpdescr[] = {
 	{ "flushontxend", eCmdHdlrBinary, 0 }, /* legacy: omfileflushontxend */
 	{ "iobuffersize", eCmdHdlrSize, 0 }, /* legacy: omfileiobuffersize */
 	{ "dirowner", eCmdHdlrUID, 0 }, /* legacy: dirowner */
 +	{ "dirownernum", eCmdHdlrInt, 0 }, /* legacy: dirownernum */
 	{ "dirgroup", eCmdHdlrGID, 0 }, /* legacy: dirgroup */
 +	{ "dirgroupnum", eCmdHdlrInt, 0 }, /* legacy: dirgroupnum */
 	{ "fileowner", eCmdHdlrUID, 0 }, /* legacy: fileowner */
 +	{ "fileownernum", eCmdHdlrInt, 0 }, /* legacy: fileownernum */
 	{ "filegroup", eCmdHdlrGID, 0 }, /* legacy: filegroup */
 +	{ "filegroupnum", eCmdHdlrInt, 0 }, /* legacy: filegroupnum */
 	{ "dircreatemode", eCmdHdlrFileCreateMode, 0 }, /* legacy: dircreatemode */
 	{ "filecreatemode", eCmdHdlrFileCreateMode, 0 }, /* legacy: filecreatemode */
 	{ "failonchownfailure", eCmdHdlrBinary, 0 }, /* legacy: failonchownfailure */
@@ -1139,12 +1143,20 @@ CODESTARTnewActInst
 			pData->iIOBufSize = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "dirowner")) {
 			pData->dirUID = (int) pvals[i].val.d.n;
 +		} else if(!strcmp(actpblk.descr[i].name, "dirownernum")) {
 +			pData->dirUID = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "dirgroup")) {
 			pData->dirGID = (int) pvals[i].val.d.n;
 +		} else if(!strcmp(actpblk.descr[i].name, "dirgroupnum")) {
 +			pData->dirGID = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "fileowner")) {
 			pData->fileUID = (int) pvals[i].val.d.n;
 +		} else if(!strcmp(actpblk.descr[i].name, "fileownernum")) {
 +			pData->fileUID = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "filegroup")) {
 			pData->fileGID = (int) pvals[i].val.d.n;
 +		} else if(!strcmp(actpblk.descr[i].name, "filegroupnum")) {
 +			pData->fileGID = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "dircreatemode")) {
 			pData->fDirCreateMode = (int) pvals[i].val.d.n;
 		} else if(!strcmp(actpblk.descr[i].name, "filecreatemode")) {
@@ -1377,9 +1389,13 @@ INITLegCnfVars
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"omfileflushontxend", 0, eCmdHdlrBinary, NULL, &cs.bFlushOnTXEnd, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"omfileiobuffersize", 0, eCmdHdlrSize, NULL, &cs.iIOBufSize, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirowner", 0, eCmdHdlrUID, NULL, &cs.dirUID, STD_LOADABLE_MODULE_ID));
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirownernum", 0, eCmdHdlrInt, NULL, &cs.dirUID, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirgroup", 0, eCmdHdlrGID, NULL, &cs.dirGID, STD_LOADABLE_MODULE_ID));
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirgroupnum", 0, eCmdHdlrInt, NULL, &cs.dirGID, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"fileowner", 0, eCmdHdlrUID, NULL, &cs.fileUID, STD_LOADABLE_MODULE_ID));
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"fileownernum", 0, eCmdHdlrInt, NULL, &cs.fileUID, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filegroup", 0, eCmdHdlrGID, NULL, &cs.fileGID, STD_LOADABLE_MODULE_ID));
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filegroupnum", 0, eCmdHdlrInt, NULL, &cs.fileGID, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dircreatemode", 0, eCmdHdlrFileCreateMode, NULL, &cs.fDirCreateMode, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filecreatemode", 0, eCmdHdlrFileCreateMode, NULL, &cs.fCreateMode, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"createdirs", 0, eCmdHdlrBinary, NULL, &cs.bCreateDirs, STD_LOADABLE_MODULE_ID));
 -- 
 1.8.4.3
--- a/rsyslog-7.4.8-bz1026804-imjournal-message-loss.patch
+++ b/rsyslog-7.4.8-bz1026804-imjournal-message-loss.patch
@ -1,267 +0,0 @@
 From effa35d1ae33c1ac825317802b6e970e68f98af2 Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Fri, 31 Jan 2014 11:35:55 +0100
 Subject: [PATCH] Improve handling of messages without syslog properties
 * Don't drop messages without the MESSAGE field
 * Set default severity for all messages
  Some messages comming from journald don't have the SYSLOG_PRIORITY
  field. These are typically the messages logged through journald's
  native API. Set the default severity for these messages to 'notice'.
 * Set default facility for all messages
  Some messages comming from journald don't have the SYSLOG_FACILITY
  field. These are typically the messages logged through journald's
  native API. Set the default facility for these messages to 'user'.
 * Make default priority configurable
 ---
 doc/imjournal.html            |  16 ++++++
 plugins/imjournal/imjournal.c | 124 +++++++++++++++++++++++++++++++-----------
 2 files changed, 109 insertions(+), 31 deletions(-)
 diff --git a/doc/imjournal.html b/doc/imjournal.html
 index 8f29169..b4d2105 100644
 --- a/doc/imjournal.html
 +++ b/doc/imjournal.html
@@ -69,6 +69,18 @@ journal and read only new messages. This option is only used when there is
 no StateFile to avoid message loss.
 </ul>
 +<li><b>DefaultSeverity</b> &lt;severity&gt;<br>
 +Some messages comming from journald don't have the SYSLOG_PRIORITY
 +field. These are typically the messages logged through journald's
 +native API. This option specifies the default severity for these
 +messages. Defaults to 'notice'.
 +
 +<li><b>DefaultFacility</b> &lt;facility&gt;<br>
 +Some messages comming from journald don't have the SYSLOG_FACILITY
 +field. These are typically the messages logged through journald's
 +native API. This option specifies the default facility for these
 +messages. Defaults to 'user'.
 +
 <b>Caveats/Known Bugs:</b>
 <p>
 <ul>
@@ -105,6 +117,10 @@ Equivalent to: ratelimit.interval</li>
 Equivalent to: ratelimit.burst</li>
 <li><strong>$ImjournalIgnorePreviousMessages</strong><br>
 Equivalent to: ignorePreviousMessages</li>
 +<li><strong>$ImjournalDefaultSeverity</strong><br>
 +Equivalent to: DefaultSeverity</li>
 +<li><strong>$ImjournalDefaultFacility</strong><br>
 +Equivalent to: DefaultFacility</li>
 </ul>
 </body>
 diff --git a/plugins/imjournal/imjournal.c b/plugins/imjournal/imjournal.c
 index 36c7e04..7d42b84 100755
 --- a/plugins/imjournal/imjournal.c
 +++ b/plugins/imjournal/imjournal.c
@@ -68,15 +68,21 @@ static struct configSettings_s {
 	int ratelimitInterval;
 	int ratelimitBurst;
 	int bIgnorePrevious;
 +	int iDfltSeverity;
 +	int iDfltFacility;
 } cs;
 +static rsRetVal facilityHdlr(uchar **pp, void *pVal);
 +
 /* module-global parameters */
 static struct cnfparamdescr modpdescr[] = {
 	{ "statefile", eCmdHdlrGetWord, 0 },
 	{ "ratelimit.interval", eCmdHdlrInt, 0 },
 	{ "ratelimit.burst", eCmdHdlrInt, 0 },
 	{ "persiststateinterval", eCmdHdlrInt, 0 },
 -	{ "ignorepreviousmessages", eCmdHdlrBinary, 0 }
 +	{ "ignorepreviousmessages", eCmdHdlrBinary, 0 },
 +	{ "defaultseverity", eCmdHdlrSeverity, 0 },
 +	{ "defaultfacility", eCmdHdlrString, 0 }
 };
 static struct cnfparamblk modpblk =
 	{ CNFPARAMBLK_VERSION,
@@ -85,6 +91,8 @@ static struct cnfparamblk modpblk =
 	};
 #define DFLT_persiststateinterval 10
 +#define DFLT_SEVERITY LOG_PRI(LOG_NOTICE)
 +#define DFLT_FACILITY LOG_FAC(LOG_USER)
 static int bLegacyCnfModGlobalsPermitted = 1;/* are legacy module-global config parameters permitted? */
@@ -94,6 +102,37 @@ static prop_t *pLocalHostIP = NULL;	/* a pseudo-constant propterty for 127.0.0.1
 static ratelimit_t *ratelimiter = NULL;
 static sd_journal *j;
 +/* ugly workaround to handle facility numbers; values
 +   derived from names need to be eight times smaller */
 +static rsRetVal facilityHdlr(uchar **pp, void *pVal)
 +{
 +	DEFiRet;
 +	char *p;
 +
 +	skipWhiteSpace(pp);
 +	p = (char *) *pp;
 +
 +	if (isdigit((int) *p)) {
 +		*((int *) pVal) = (int) strtol(p, (char **) pp, 10);
 +	} else {
 +		int len;
 +		syslogName_t *c;
 +
 +		for (len = 0; p[len] && !isspace((int) p[len]); len++)
 +			/* noop */;
 +		for (c = syslogFacNames; c->c_name; c++) {
 +			if (!strncasecmp(p, (char *) c->c_name, len)) {
 +				*((int *) pVal) = LOG_FAC(c->c_val);
 +				break;
 +			}
 +		}
 +		*pp += len;
 +	}
 +
 +	RETiRet;
 +}
 +
 +
 /* enqueue the the journal message into the message queue.
  * The provided msg string is not freed - thus must be done
  * by the caller.
@@ -158,7 +197,6 @@ readjournal() {
 	const void *get;
 	const void *pidget;
 	char *parse;
 -	char *get2;
 	size_t length;
 	size_t pidlength;
@@ -170,45 +208,52 @@ readjournal() {
 	long prefixlen = 0;
 -	int priority = 0;
 -	int facility = 0;
 +	int severity = cs.iDfltSeverity;
 +	int facility = cs.iDfltFacility;
 	/* Get message text */
 	if (sd_journal_get_data(j, "MESSAGE", &get, &length) < 0) {
 -		logmsgInternal(NO_ERRCODE, LOG_SYSLOG|LOG_INFO, (uchar *)"log message from journal doesn't have MESSAGE", 0);
 -		iRet = RS_RET_OK;
 -		goto ret;
 -	}
 -	message = strndup(get+8, length-8);
 -	if (message == NULL) {
 -		iRet = RS_RET_OUT_OF_MEMORY;
 -		goto ret;
 +		message = strdup("");
 +	} else {
 +		message = strndup(get+8, length-8);
 +		if (message == NULL) {
 +			iRet = RS_RET_OUT_OF_MEMORY;
 +			goto ret;
 +		}
 	}
 -	/* Get message priority */
 +	/* Get message severity ("priority" in journald's terminology) */
 	if (sd_journal_get_data(j, "PRIORITY", &get, &length) >= 0) {
 -		get2 = strndup(get, length);
 -		priority = ((char *)get2)[9] - '0';
 -		free (get2);
 +		if (length == 10) {
 +			severity = ((char *)get)[9] - '0';
 +			if (severity < 0 || 7 < severity) {
 +				dbgprintf("The value of the 'PRIORITY' field is "
 +					"out of bounds: %d, resetting\n", severity);
 +				severity = cs.iDfltSeverity;
 +			}
 +		} else {
 +			dbgprintf("The value of the 'PRIORITY' field has an "
 +				"unexpected length: %d\n", length);
 +		}
 	}
 	/* Get syslog facility */
 	if (sd_journal_get_data(j, "SYSLOG_FACILITY", &get, &length) >= 0) {
 -		get2 = strndup(get, length);
 -		char f = ((char *)get2)[16];
 -		if (f >= '0' && f <= '9') {
 -			facility += f - '0';
 -		}
 -		f = ((char *)get2)[17];
 -		if (f >= '0' && f <= '9') {
 -			facility *= 10;
 -			facility += (f - '0');
 +		if (length == 17 || length == 18) {
 +			facility = ((char *)get)[16] - '0';
 +			if (length == 18) {
 +				facility *= 10;
 +				facility += ((char *)get)[17] - '0';
 +			}
 +			if (facility < 0 || 23 < facility) {
 +				dbgprintf("The value of the 'FACILITY' field is "
 +					"out of bounds: %d, resetting\n", facility);
 +				facility = cs.iDfltFacility;
 +			}
 +		} else {
 +			dbgprintf("The value of the 'FACILITY' field has an "
 +				"unexpected length: %d\n", length);
 		}
 -		free (get2);
 -	} else {
 -		/* message is missing facility -> internal systemd journal msg, drop */
 -		iRet = RS_RET_OK;
 -		goto free_message;
 	}
 	/* Get message identifier, client pid and add ':' */
@@ -349,7 +394,7 @@ readjournal() {
 	}
 	/* submit message */
 -	enqMsg((uchar *)message, (uchar *) sys_iden_help, facility, priority, &tv, json);
 +	enqMsg((uchar *)message, (uchar *) sys_iden_help, facility, severity, &tv, json);
 finalize_it:
 	free(sys_iden_help);
@@ -569,6 +614,8 @@ CODESTARTbeginCnfLoad
 	cs.stateFile = NULL;
 	cs.ratelimitBurst = 20000;
 	cs.ratelimitInterval = 600;
 +	cs.iDfltSeverity = DFLT_SEVERITY;
 +	cs.iDfltFacility = DFLT_FACILITY;
 ENDbeginCnfLoad
@@ -657,6 +704,17 @@ CODESTARTsetModCnf
 			cs.ratelimitInterval = (int) pvals[i].val.d.n;
 		} else if (!strcmp(modpblk.descr[i].name, "ignorepreviousmessages")) {
 			cs.bIgnorePrevious = (int) pvals[i].val.d.n; 
 +		} else if (!strcmp(modpblk.descr[i].name, "defaultseverity")) {
 +			cs.iDfltSeverity = (int) pvals[i].val.d.n;
 +		} else if (!strcmp(modpblk.descr[i].name, "defaultfacility")) {
 +			/* ugly workaround to handle facility numbers; values
 +			   derived from names need to be eight times smaller */
 +
 +			char *fac, *p;
 +
 +			fac = p = es_str2cstr(pvals[i].val.d.estr, NULL);
 +			facilityHdlr((uchar **) &p, (void *) &cs.iDfltFacility);
 +			free(fac);
 		} else {
 			dbgprintf("imjournal: program error, non-handled "
 				"param '%s' in beginCnfLoad\n", modpblk.descr[i].name);
@@ -710,6 +768,10 @@ CODEmodInit_QueryRegCFSLineHdlr
 		NULL, &cs.stateFile, STD_LOADABLE_MODULE_ID));
 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournalignorepreviousmessages", 0, eCmdHdlrBinary,
 		NULL, &cs.bIgnorePrevious, STD_LOADABLE_MODULE_ID)); 
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournaldefaultseverity", 0, eCmdHdlrSeverity,
 +		NULL, &cs.iDfltSeverity, STD_LOADABLE_MODULE_ID));
 +	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournaldefaultfacility", 0, eCmdHdlrCustomHandler,
 +		facilityHdlr, &cs.iDfltFacility, STD_LOADABLE_MODULE_ID));
 ENDmodInit
 -- 
 1.8.4.3
--- a/rsyslog-7.4.8-dont-link-libee.patch
+++ b/rsyslog-7.4.8-dont-link-libee.patch
@ -1,42 +0,0 @@
 diff -ur a/runtime/Makefile.am b/runtime/Makefile.am
 --- a/runtime/Makefile.am	2014-01-20 13:00:47.922000000 -0500
 +++ b/runtime/Makefile.am	2014-01-20 12:57:44.048000000 -0500
@@ -102,8 +102,8 @@
 librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS -D_PATH_MODDIR=\"$(pkglibdir)/\" -I\$(top_srcdir) -I\$(top_srcdir)/grammar
 endif
 #librsyslog_la_LDFLAGS = -module -avoid-version
 -librsyslog_la_CPPFLAGS += $(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) $(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
 -librsyslog_la_LIBADD =  $(DL_LIBS) $(RT_LIBS) $(LIBEE_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
 +librsyslog_la_CPPFLAGS += $(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
 +librsyslog_la_LIBADD =  $(DL_LIBS) $(RT_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
 #
 # regular expression support
 diff -ur a/runtime/Makefile.in b/runtime/Makefile.in
 --- a/runtime/Makefile.in	2014-01-20 13:00:47.924000000 -0500
 +++ b/runtime/Makefile.in	2014-01-20 12:57:44.050000000 -0500
@@ -574,19 +574,17 @@
 @WITH_MODDIRS_FALSE@librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS \
 @WITH_MODDIRS_FALSE@	-D_PATH_MODDIR=\"$(pkglibdir)/\" \
 @WITH_MODDIRS_FALSE@	-I\$(top_srcdir) -I\$(top_srcdir)/grammar \
 -@WITH_MODDIRS_FALSE@	$(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) \
 -@WITH_MODDIRS_FALSE@	$(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) \
 -@WITH_MODDIRS_FALSE@	-I\$(top_srcdir)/tools
 +@WITH_MODDIRS_FALSE@	$(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) \
 +@WITH_MODDIRS_FALSE@	$(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
 # the files with ../ we need to work on - so that they either become part of the
 # runtime or will no longer be needed. -- rgerhards, 2008-06-13
 #
 #librsyslog_la_LDFLAGS = -module -avoid-version
 @WITH_MODDIRS_TRUE@librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS \
 @WITH_MODDIRS_TRUE@	-D_PATH_MODDIR=\"$(pkglibdir)/:$(moddirs)\" \
 -@WITH_MODDIRS_TRUE@	$(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) \
 -@WITH_MODDIRS_TRUE@	$(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) \
 -@WITH_MODDIRS_TRUE@	-I\$(top_srcdir)/tools
 -librsyslog_la_LIBADD = $(DL_LIBS) $(RT_LIBS) $(LIBEE_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
 +@WITH_MODDIRS_TRUE@	$(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) \
 +@WITH_MODDIRS_TRUE@	$(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
 +librsyslog_la_LIBADD = $(DL_LIBS) $(RT_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
 @ENABLE_REGEXP_TRUE@lmregexp_la_SOURCES = regexp.c regexp.h
 @ENABLE_REGEXP_TRUE@lmregexp_la_CPPFLAGS = $(PTHREADS_CFLAGS) $(RSRT_CFLAGS)
 @ENABLE_REGEXP_TRUE@lmregexp_la_LDFLAGS = -module -avoid-version
--- a/rsyslog-7.4.8-imuxsock-wrn.patch
+++ b/rsyslog-7.4.8-imuxsock-wrn.patch
@ -1,39 +0,0 @@
 From 8e0ac9576056a71dd7ad69157a94d56d433afbf6 Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Mon, 20 Jan 2014 16:23:17 +0100
 Subject: [PATCH] imuxsock: don't issue a warning if there are no sockets
 configured
 ---
 plugins/imuxsock/imuxsock.c | 8 ++++++++
 1 file changed, 8 insertions(+)
 diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
 index df504dd..aadb853 100644
 --- a/plugins/imuxsock/imuxsock.c
 +++ b/plugins/imuxsock/imuxsock.c
@@ -1291,6 +1291,10 @@ CODESTARTactivateCnfPrePrivDrop
 	for(inst = runModConf->root ; inst != NULL ; inst = inst->next) {
 		addListner(inst);
 	}
 +	if(runModConf->bOmitLocalLogging && nfd == 1) {
 +		/* No sockets were configured, no reason to run. */
 +		ABORT_FINALIZE(RS_RET_OK);
 +	}
 	CHKiRet(activateListeners());
 finalize_it:
 ENDactivateCnfPrePrivDrop
@@ -1329,6 +1333,10 @@ BEGINrunInput
 #endif
 CODESTARTrunInput
 +	if(runModConf->bOmitLocalLogging && nfd == 1) {
 +		/* No sockets were configured, no reason to run. */
 +		ABORT_FINALIZE(RS_RET_OK);
 +	}
 	/* this is an endless loop - it is terminated when the thread is
 	 * signalled to do so. This, however, is handled by the framework,
 	 * right into the sleep below.
 -- 
 1.8.4.3
--- a/rsyslog-7.4.8-omjournal-warning.patch
+++ b/rsyslog-7.4.8-omjournal-warning.patch
@ -1,25 +0,0 @@
 From e921bfe82068a1767311181ad7f4c78ed86e2577 Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Thu, 16 Jan 2014 11:43:55 +0100
 Subject: [PATCH] bugfix: invert the logic for issuing a warning
 ---
 plugins/omjournal/omjournal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/plugins/omjournal/omjournal.c b/plugins/omjournal/omjournal.c
 index 160c369..937d277 100644
 --- a/plugins/omjournal/omjournal.c
 +++ b/plugins/omjournal/omjournal.c
@@ -153,7 +153,7 @@ ENDdoAction
 BEGINparseSelectorAct
 CODESTARTparseSelectorAct
 CODE_STD_STRING_REQUESTparseSelectorAct(1)
 -	if(strncmp((char*) p, ":omjournal:", sizeof(":omjournal:") - 1)) {
 +	if(!strncmp((char*) p, ":omjournal:", sizeof(":omjournal:") - 1)) {
 		errmsg.LogError(0, RS_RET_LEGA_ACT_NOT_SUPPORTED,
 			"omjournal supports only v6+ config format, use: "
 			"action(type=\"omjournal\" ...)");
 -- 
 1.8.4.3
--- a/rsyslog-8.8.0-immutable-json-props.patch
+++ b/rsyslog-8.8.0-immutable-json-props.patch
@ -0,0 +1,32 @@
 diff -up ./runtime/msg.c.orig ./runtime/msg.c
 --- a/runtime/msg.c	2015-01-15 19:30:02.351699869 +0100
 +++ b/runtime/msg.c	2015-01-15 19:35:58.667176642 +0100
@@ -4267,22 +4267,19 @@ jsonPathFindParent(struct json_object *j
 	RETiRet;
 }
 +/* In case of duplicate names, the original value is kept. */
 static rsRetVal
 jsonMerge(struct json_object *existing, struct json_object *json)
 {
 -	/* TODO: check & handle duplicate names */
 	DEFiRet;
 	struct json_object_iter it;
 -	json_object_object_foreachC(json, it) {
 -		json_object_object_add(existing, it.key,
 -			json_object_get(it.val));
 +	json_object_object_foreachC(existing, it) {
 +		json_object_object_add(json, it.key, json_object_get(it.val));
 	}
 -	/* note: json-c does ref counting. We added all descandants refcounts
 -	 * in the loop above. So when we now free(_put) the root object, only
 -	 * root gets freed().
 -	 */
 -	json_object_put(json);
 +
 +	iRet = jsonMerge(existing, json);
 +
 	RETiRet;
 }
--- a/rsyslog-8.8.0-missing-test-data.patch
+++ b/rsyslog-8.8.0-missing-test-data.patch
@ -0,0 +1,45 @@
 From e07210a7eb47df978b958d1489b91084732fdd47 Mon Sep 17 00:00:00 2001
 From: Tomas Heinrich <theinric@redhat.com>
 Date: Sun, 15 Mar 2015 16:25:33 +0100
 Subject: [PATCH] Add missing test data
 ---
 tests/testsuites/mmnormalize_regex.rulebase     | 1 +
 tests/testsuites/mmnormalize_tokenized.rulebase | 5 +++++
 tests/testsuites/mmnormalize_variable.rulebase  | 1 +
 3 files changed, 7 insertions(+)
 create mode 100644 tests/testsuites/mmnormalize_regex.rulebase
 create mode 100644 tests/testsuites/mmnormalize_tokenized.rulebase
 create mode 100644 tests/testsuites/mmnormalize_variable.rulebase
 diff --git a/tests/testsuites/mmnormalize_regex.rulebase b/tests/testsuites/mmnormalize_regex.rulebase
 new file mode 100644
 index 0000000..f58e8f2
 --- /dev/null
 +++ b/tests/testsuites/mmnormalize_regex.rulebase
@@ -0,0 +1 @@
 +rule=:http host ports are %hps:regex:([0-9.\x3a]+(, )?)+% etc
 \ No newline at end of file
 diff --git a/tests/testsuites/mmnormalize_tokenized.rulebase b/tests/testsuites/mmnormalize_tokenized.rulebase
 new file mode 100644
 index 0000000..da5242d
 --- /dev/null
 +++ b/tests/testsuites/mmnormalize_tokenized.rulebase
@@ -0,0 +1,5 @@
 +rule=only_ips:%only_ips:tokenized:, :ipv4%
 +rule=local_ips:local ips are %local_ips:tokenized:, :ipv4%
 +rule=external_ips:%external_ips:tokenized:, :ipv4% are external ips
 +rule=paths:for %user:char-to:@%@localhost path was %fragments:tokenized:\x3a:char-sep:\x3a%
 +rule=recur_comma_colon_nos:comma separated list of colon separated numbers: %some_nos:tokenized:, :tokenized: \x3a :tokenized:#:number%
 \ No newline at end of file
 diff --git a/tests/testsuites/mmnormalize_variable.rulebase b/tests/testsuites/mmnormalize_variable.rulebase
 new file mode 100644
 index 0000000..4d40d4c
 --- /dev/null
 +++ b/tests/testsuites/mmnormalize_variable.rulebase
@@ -0,0 +1 @@
 +rule=hms:%hr:number%:%min:number%:%sec:number% %zone:word%
 \ No newline at end of file
 -- 
 1.9.3
--- a/rsyslog-8.8.0-sd-service.patch
+++ b/rsyslog-8.8.0-sd-service.patch
@ -1,7 +1,7 @@
 diff -up rsyslog-7.4.1/rsyslog.service.in.orig rsyslog-7.4.1/rsyslog.service.in
 --- rsyslog-7.4.1/rsyslog.service.in.orig	2013-06-17 15:28:54.430023493 +0200
 +++ rsyslog-7.4.1/rsyslog.service.in	2013-06-17 15:30:05.874378084 +0200
-@@ -4,7 +4,8 @@ Requires=syslog.socket
+@@ -6,7 +6,8 @@ Requires=syslog.socket
 [Service]
 Type=notify
@ -9,5 +9,5 @@ diff -up rsyslog-7.4.1/rsyslog.service.in.orig rsyslog-7.4.1/rsyslog.service.in
 +EnvironmentFile=-/etc/sysconfig/rsyslog
 +ExecStart=@sbindir@/rsyslogd -n $SYSLOGD_OPTIONS
 StandardOutput=null
 Restart=on-failure
 [Install]
--- a/rsyslog.conf
+++ b/rsyslog.conf
@ -6,9 +6,8 @@
 #### MODULES ####
 # The imjournal module bellow is now used as a message source instead of imuxsock.
 $ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
 $ModLoad imjournal # provides access to the systemd journal
-$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
+#$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
 #$ModLoad immark  # provides --MARK-- message capability
 # Provides UDP syslog reception
@ -19,6 +18,13 @@ $ModLoad imklog   # provides kernel logging support (previously done by rklogd)
 #$ModLoad imtcp
 #$InputTCPServerRun 514
 # By default, all system logs are read from journald through the
 # imjournal module. To read messages from the syslog socket, the
 # imuxsock module has to be loaded and a path to the socket specified.
 #$ModLoad imuxsock
 # The default path to the syslog socket provided by journald:
 #$SystemLogSocketName /run/systemd/journal/syslog
 #### GLOBAL DIRECTIVES ####
@ -35,13 +41,12 @@ $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
 # Include all config files in /etc/rsyslog.d/
 $IncludeConfig /etc/rsyslog.d/*.conf
 # Turn off message reception via local log socket;
 # local messages are retrieved through imjournal now.
 $OmitLocalLogging on
 # File to store the position in the journal
 $IMJournalStateFile imjournal.state
-
+# If there is no saved state yet, don't read in the whole bulk of messages.
 # This means some of the older messages won't be collected by rsyslog,
 # but it also prevents a potential huge spike in resource utilization.
 $IMJournalIgnorePreviousMessages on
 #### RULES ####
--- a/rsyslog.spec
+++ b/rsyslog.spec
@ -1,5 +1,6 @@
 %define rsyslog_statedir %{_sharedstatedir}/rsyslog
 %define rsyslog_pkidir %{_sysconfdir}/pki/rsyslog
 %define rsyslog_docdir %{_docdir}/rsyslog
 %if 0%{?rhel} >= 7
 %global want_hiredis 0
 %global want_mongodb 0
@ -10,32 +11,24 @@
 Summary: Enhanced system logging and kernel message trapping daemon
 Name: rsyslog
-Version: 7.4.10
+Version: 8.8.0
-Release: 5%{?dist}
+Release: 1%{?dist}
 License: (GPLv3+ and ASL 2.0)
 Group: System Environment/Daemons
 URL: http://www.rsyslog.com/
 Source0: http://www.rsyslog.com/files/download/rsyslog/%{name}-%{version}.tar.gz
 Source1: http://www.rsyslog.com/files/download/rsyslog/%{name}-doc-%{version}.tar.gz
 Source2: rsyslog.conf
 Source3: rsyslog.sysconfig
 Source4: rsyslog.log
 # tweak the upstream service file to honour configuration from /etc/sysconfig/rsyslog
-Patch0: rsyslog-7.4.1-sd-service.patch
+Patch0: rsyslog-8.8.0-sd-service.patch
 Patch1: rsyslog-7.2.2-manpage-dbg-mode.patch
 # prevent modification of trusted properties (proposed upstream)
-Patch2: rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
+Patch1: rsyslog-8.8.0-immutable-json-props.patch
-# merged upstream
+Patch2: rsyslog-8.8.0-missing-test-data.patch
 Patch3: rsyslog-7.4.8-imuxsock-wrn.patch
 # merged upstream
 Patch5: rsyslog-7.4.7-numeric-uid.patch
 Patch6: rsyslog-7.4.7-atomicops.patch
 # merged upstream
 Patch8: rsyslog-7.4.8-bz1026804-imjournal-message-loss.patch
 # json_tokener_errors is gone in current json-c
 Patch9: rsyslog-7.4.10-json-c-fix.patch
 Patch10: rsyslog-7.4.10-cve-2014-3634.patch
 BuildRequires: bison
 BuildRequires: dos2unix
 BuildRequires: flex
 BuildRequires: json-c-devel
 BuildRequires: libestr-devel >= 0.1.9
@ -63,7 +56,7 @@ Requires: %name = %version-%release
 BuildRequires: libgcrypt-devel
 %package doc
-Summary: Documentation for rsyslog
+Summary: HTML documentation for rsyslog
 Group: Documentation
 %package elasticsearch
@ -89,7 +82,7 @@ Requires: %name = %version-%release
 Summary: Log normalization support for rsyslog
 Group: System Environment/Daemons
 Requires: %name = %version-%release
-BuildRequires: libestr-devel libee-devel liblognorm-devel
+BuildRequires: libestr-devel libee-devel liblognorm-devel >= 1.0.2
 %package mmaudit
 Summary: Message modification module supporting Linux audit format
@ -249,16 +242,15 @@ spoof the sender address. Also, it enables to circle through a number
 of source ports.
 %prep
-%setup -q
+# set up rsyslog-doc sources
 %setup -q -a 1 -T -c
 rm -r LICENSE README.md build.sh source build/objects.inv
 mv build doc
 # set up rsyslog sources
 %setup -q -D
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
 %patch5 -p1
 %patch6 -p1
 %patch8 -p1
 %patch9 -p1 -b .jsonfix
 %patch10 -p1
 %build
 %ifarch sparc64
@ -278,7 +270,6 @@ export HIREDIS_LIBS="-L%{_libdir} -lhiredis"
 %configure \
 	--prefix=/usr \
 	--disable-static \
 	--disable-testbench \
 	--enable-elasticsearch \
 	--enable-gnutls \
 	--enable-gssapi-krb5 \
@ -291,6 +282,7 @@ export HIREDIS_LIBS="-L%{_libdir} -lhiredis"
 	--enable-mail \
 	--enable-mmanon \
 	--enable-mmaudit \
 	--enable-mmcount \
 	--enable-mmjsonparse \
 	--enable-mmnormalize \
 	--enable-mmsnmptrapd \
@ -315,31 +307,45 @@ export HIREDIS_LIBS="-L%{_libdir} -lhiredis"
 	--enable-pmsnare \
 	--enable-relp \
 	--enable-snmp \
 	--enable-testbench \
 	--enable-unlimited-select \
 	--enable-usertools \
-make
+make V=1
 # small portion of the test suite seems to be consistently failing (this is more severe on arm*)
 # there are also some random failures (~1 test out of the whole batch) on i686 and x86_64
 # thus the test suite is disabled for now until these issues are sorted out
 %check
 %if 0
 make V=1 check
 %endif
 %install
-make DESTDIR=%{buildroot} install
+make V=1 DESTDIR=%{buildroot} install
 install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig
 install -d -m 755 %{buildroot}%{_sysconfdir}/logrotate.d
 install -d -m 755 %{buildroot}%{_sysconfdir}/rsyslog.d
 install -d -m 700 %{buildroot}%{rsyslog_statedir}
 install -d -m 700 %{buildroot}%{rsyslog_pkidir}
 install -d -m 755 %{buildroot}%{rsyslog_docdir}/html
 install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/rsyslog.conf
 install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/rsyslog
 install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/syslog
-
+install -p -m 644 plugins/ommysql/createDB.sql %{buildroot}%{rsyslog_docdir}/mysql-createDB.sql
-# get rid of *.la
+install -p -m 644 plugins/ompgsql/createDB.sql %{buildroot}%{rsyslog_docdir}/pgsql-createDB.sql
 dos2unix tools/recover_qi.pl
 install -p -m 644 tools/recover_qi.pl %{buildroot}%{rsyslog_docdir}/recover_qi.pl
 # extract documentation
 cp -r doc/* %{buildroot}%{rsyslog_docdir}/html
 # get rid of libtool libraries
 rm -f %{buildroot}%{_libdir}/rsyslog/*.la
 # get rid of socket activation by default
 sed -i '/^Alias/s/^/;/;/^Requires=syslog.socket/s/^/;/' %{buildroot}%{_unitdir}/rsyslog.service
-
+# imdiag is only used for testing
-# convert line endings from "\r\n" to "\n"
+rm -f %{buildroot}%{_libdir}/rsyslog/imdiag.so
 cat tools/recover_qi.pl | tr -d '\r' > %{buildroot}%{_bindir}/rsyslog-recover-qi.pl
 %post
 for n in /var/log/{messages,secure,maillog,spooler}
@ -359,13 +365,15 @@ done
 %defattr(-,root,root,-)
 %{!?_licensedir:%global license %%doc}
 %license COPYING*
-%doc AUTHORS NEWS README ChangeLog
+%doc AUTHORS ChangeLog README.md
 %exclude %{rsyslog_docdir}/html
 %exclude %{rsyslog_docdir}/mysql-createDB.sql
 %exclude %{rsyslog_docdir}/pgsql-createDB.sql
 %dir %{_libdir}/rsyslog
 %dir %{_sysconfdir}/rsyslog.d
 %dir %{rsyslog_statedir}
 %dir %{rsyslog_pkidir}
 %{_sbindir}/rsyslogd
 %attr(755,root,root) %{_bindir}/rsyslog-recover-qi.pl
 %{_mandir}/man5/rsyslog.conf.5.gz
 %{_mandir}/man8/rsyslogd.8.gz
 %{_unitdir}/rsyslog.service
@ -373,7 +381,6 @@ done
 %config(noreplace) %{_sysconfdir}/sysconfig/rsyslog
 %config(noreplace) %{_sysconfdir}/logrotate.d/syslog
 # plugins
 %{_libdir}/rsyslog/imdiag.so
 %{_libdir}/rsyslog/imfile.so
 %{_libdir}/rsyslog/imjournal.so
 %{_libdir}/rsyslog/imklog.so
@ -392,17 +399,17 @@ done
 %{_libdir}/rsyslog/lmtcpsrv.so
 %{_libdir}/rsyslog/lmzlibw.so
 %{_libdir}/rsyslog/mmanon.so
 %{_libdir}/rsyslog/mmcount.so
 %{_libdir}/rsyslog/mmexternal.so
 %{_libdir}/rsyslog/omjournal.so
 %{_libdir}/rsyslog/ommail.so
 %{_libdir}/rsyslog/omprog.so
 %{_libdir}/rsyslog/omruleset.so
 %{_libdir}/rsyslog/omstdout.so
 %{_libdir}/rsyslog/omtesting.so
 %{_libdir}/rsyslog/omuxsock.so
 %{_libdir}/rsyslog/pmaixforwardedfrom.so
 %{_libdir}/rsyslog/pmcisconames.so
 %{_libdir}/rsyslog/pmlastmsg.so
 %{_libdir}/rsyslog/pmrfc3164sd.so
 %{_libdir}/rsyslog/pmsnare.so
 %files crypto
@ -413,7 +420,7 @@ done
 %files doc
 %defattr(-,root,root)
-%doc doc/*html
+%doc %{rsyslog_docdir}/html
 %files elasticsearch
 %defattr(-,root,root)
@ -447,7 +454,7 @@ done
 %files mysql
 %defattr(-,root,root)
-%doc plugins/ommysql/createDB.sql
+%doc %{rsyslog_docdir}/mysql-createDB.sql
 %{_libdir}/rsyslog/ommysql.so
 %if %{want_mongodb}
@ -459,7 +466,7 @@ done
 %files pgsql
 %defattr(-,root,root)
-%doc plugins/ompgsql/createDB.sql
+%doc %{rsyslog_docdir}/pgsql-createDB.sql
 %{_libdir}/rsyslog/ompgsql.so
 %files rabbitmq
@ -490,6 +497,30 @@ done
 %{_libdir}/rsyslog/omudpspoof.so
 %changelog
 * Thu Mar 19 2015 Tomas Heinrich <theinric@redhat.com> 8.8.0-1
 - rebase to 8.8.0
  resolves: rhbz#1069690
  - drop patches merged upstream
  - version the dependency on liblognorm-devel
  - enable mmcount, mmexternal modules,
    remove imdiag, omruleset and pmrfc3164sd modules
    resolves: rhbz#1156359
 - add dos2unix to build requirements
 - make the build process more verbose
 - in accordance with an upstream change, the rsyslog service is now
  restarted automatically upon failure
 - adjust the default configuration file for the removal of
  /etc/rsyslog.d/listen.conf by the systemd package
  resolves: rhbz#1116864
 - disable the imklog module by default; kernel messages are read from journald
  resolves: rhbz#1083564
 - if there is no saved position in the journal, log only messages that are
  received after rsyslog is started; this is a safety measure to prevent
  excessive resource utilization
 - use documentation from the standalone rsyslog-docs project
 - move documentation from all subpackages into a single directory
 - mark the recover_qi.pl script as documentation
 * Tue Oct 07 2014 Tomas Heinrich <theinric@redhat.com> 7.4.10-5
 - fix CVE-2014-3634