“How can I install the unofficial syslog-ng packages on a machine without Internet access?” This question has been raised several times recently. As it entails more than simply downloading the repository containing the packages, syslog-ng lead developer Laszlo Budai created a script that solves the problem for Debian and Ubuntu users. The script downloads syslog-ng along with its dependencies using a container, and produces an archive containing all DEB packages necessary to install syslog-ng as well as a simple script responsible for the installation. Using a container in this case might seem like over complication, but it is still the easiest way to ensure that all dependencies are included in the archive.

Before you begin

The script is portable, so it will most likely run on any Linux distribution where Bash and Docker (or Podman) are available. Personally, I tested it on Ubuntu 18.10 and openSUSE 15.1. If you use Docker, make sure that the daemon is started on your machine.

You can download the scripts using Git:

git clone https://github.com/lbudai/syslog-ng-offline-deb-installer

Alternatively, you can download all files from the URL above using your browser or wget, and make all sh files executable. However using Git is more convenient.

Once your download is ready, check if the script supports your target system. To do that,change to the freshly checked out directory and start the main script without any arguments:

# ./create-syslog-ng-obs-bundle.sh
  is not supported
list of supported distros:
Debian_8.0 Debian_9.0 xUbuntu_14.04 xUbuntu_16.04 xUbuntu_18.04 xUbuntu_18.10

Preparing the archive

The script needs two or more arguments. The first one refers to your target Debian/Ubuntu distribution of choice. The second one is always syslog-ng-core, the DEB package containing syslog-ng core features. Many syslog-ng features are packaged into separate sub packages. For example, PostgreSQL support is available in syslog-ng-mod-pgsql. Entering the following command will compile an archive for Ubuntu 18.10, which contains syslog-ng together with PostgreSQL support and all their dependencies, as well as an installer script:

./create-syslog-ng-obs-bundle.sh xUbuntu_18.10 syslog-ng-core syslog-ng-mod-pgsql

You should now transfer the resulting installer.tgz to the target computer without an Internet connection.

Installing syslog-ng

Before you start the installer, make sure that rsyslog is not installed on the target machine:

apt-get remove rsyslog

Once you have removed rsyslog, extract installer.tgz:

tar xvf installer.tgz

You will find a new directory (called installer) containing two files: bundle.tgz and install.sh. Change to the installer directory and run install.sh:

./install.sh

Now you should be able to check if syslog-ng and its modules are properly installed by starting syslog-ng with the -V option:

root@czpubuntu:~/installer# syslog-ng -V
syslog-ng 3 (3.23.1)
Config version: 3.23
Installer-Version: 3.23.1
Revision: 3.23.1-1
Compile-Date: Aug 26 2019 06:59:04
Module-Directory: /usr/lib/syslog-ng/3.23
Module-Path: /usr/lib/syslog-ng/3.23
Include-Path: /usr/share/syslog-ng/include
Available-Modules: xml,cryptofuncs,linux-kmsg-format,sdjournal,appmodel,pseudofile,disk-buffer,kvformat,date,afuser,confgen,basicfuncs,json-plugin,affile,hook-commands,cef,afsocket,dbparser,tags-parser,afprog,system-source,syslogformat,csvparser,afsql
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: on
Enable-Systemd: on

Using the script with Podman

If you prefer using Podman instead of Docker, or if your OS only provides Podman, you can still use this script. Just open up start-docker.sh in your favorite text editor and replace docker with podman at the beginning of the last line. Apart from this, everything works the same way as with the method described for Docker, so there is no need for separate usage instructions.

If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/balabit/syslog-ng. On Twitter, I am available as @PCzanik.


Anonymous
Related Content