[Mimedefang] Woes following an OS upgrade

[Damrose, Mark]

> -----Original Message-----
> From: Philip Prindeville

> We were running FC3 on an x86_64 platform (good bang for the 
> buck) and decided to finally "upgrade" to FC5... 

> Lastly, I noticed that (you were probably wondering when this 
> was going to actually be relevant to MdF, weren't you?) all 
> of the mimedefang-filter logging was absent in the maillog 
> files... even though the script was copied over and seemed to 
> be working.

> No idea why this is.  Anyone else seen this?  Ideas where to 
> start looking?

Yes.
http://lists.roaringpenguin.com/pipermail/mimedefang/2006-September/030880.html

The problem seems to be a combination of how MD initializes Sys::Syslog and Fedora's syslogd

    sub md_openlog ($$) {
        my($tag, $facility) = @_;
        $MDOpenLogCalled = 1;
        if ($Features{"Unix::Syslog"}) {
            my $num_fac = convert_log_facility_to_number($facility);
            openlog($tag, LOG_PID | LOG_NDELAY, $num_fac);
        } else {
            if ("no" eq "yes") {
                unless (defined(setlogsock('unix'))) {
                    setlogsock('inet');
                }
            } else {
                setlogsock('inet');
            }
            openlog($tag, "pid,ndelay", $facility);
        }
    }

Now I don't claim to be a wizard at perl, but to my eyes ("no" eq "yes") will never evaluate to true, so Sys::Syslog will always open with 'inet' which forces Sys::Syslog to communicate with syslogd via port 514 on an IP address.

By default Fedora does not have a listener on an IP address, but only accepts messages via a socket.
man syslogd
       -r     This option will enable the facility to receive message from the  network
              using  an  internet  domain  socket  with  the  syslog  service (see ser-
              vices(5)).  The default is to not receive any messages from the  network.

              This option is introduced in version 1.3 of the sysklogd package.  Please
              note that the default behavior is the  opposite  of  how  older  versions
              behave, so you might have to turn this on.

You can change /etc/sysconfig/syslog, and add " -r" to SYSLOGD_OPTIONS (forcing it to listen on port 514) or 
modify mimedefang.pl to use setlogsock('unix') or comment out the setlogsock entirely, which will allow Sys::Syslog to figure it out.

from man Sys::Syslog
           A value of "unix" will connect to the UNIX domain socket (in some systems a
           character special device) returned by the "_PATH_LOG" macro (if your system
           defines it), or /dev/log or /dev/conslog, whatever is writable.  A value of
           âstreamâ will connect to the stream indicated by the pathname provided as
           the optional second parameter.  (For example Solaris and IRIX require
           "stream" instead of "unix".)  A value of "inet" will connect to an INET
           socket (either "tcp" or "udp", tried in that order) returned by "getservby-
           name()". "tcp" and "udp" can also be given as values. The value "console"
           will send messages directly to the console, as for the "cons" option in the
           logopts in "openlog()".
...
           The default is to try "tcp", "udp", "unix", "stream", "console".