Work in progress

techniques/system/common/1.0/metadata.xml

@@ -129,6 +129,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     <NAME>RUDDER_NODE_GROUPS_VARS</NAME>
     <NAME>RUDDER_NODE_GROUPS_CLASSES</NAME>
     <NAME>REPORTING_PROTOCOL</NAME>
+    <NAME>SYSLOG_PROTOCOL_DISABLED</NAME>
     <NAME>RUDDER_INVENTORY_VARS</NAME>
   </SYSTEMVARS>
 

techniques/system/common/1.0/promises.st

@@ -36,6 +36,7 @@ bundle common rudder_roles
       "changes_only"           expression => "changes_only_mode.!force_full_compliance";
       "reports_disabled"       expression => "reports_disabled_mode.!force_full_compliance";
       "rudder_reporting_https" expression => strcmp("&REPORTING_PROTOCOL&", "HTTPS");
+      "rsyslog_disabled"       expression => strcmp("&SYSLOG_PROTOCOL_DISABLED&", "true");
 
       # full compliance is the default mode
       "full_compliance" not => "changes_only|reports_disabled";

techniques/system/distributePolicy/1.0/rsyslogConf.cf

@@ -62,7 +62,7 @@ bundle agent install_rsyslogd
 
   files:
 
-    policy_server.!reports_disabled.!role_rudder_relay_promises_only::
+    policy_server.!(reports_disabled|rsyslog_disabled).!role_rudder_relay_promises_only::
 
       "/etc/rsyslog.d/rudder.conf"
         create    => "true",
@@ -84,20 +84,28 @@ bundle agent install_rsyslogd
         classes => classes_generic("rudder_rsyslog_historical_conf"),
         comment => "Deleting historical rudder-agent.conf file if it is there";
 
-    (root_server|role_rudder_relay_top).debian.!reports_disabled.!role_rudder_relay_promises_only::
+    (root_server|role_rudder_relay_top).debian.!(reports_disabled|rsyslog_disabled).!role_rudder_relay_promises_only::
       "/etc/rsyslog.d/pgsql.conf"
         edit_line => comment_all(),
         edit_defaults => noempty_backup,
         classes => classes_generic("rudder_rsyslog_pgsql"),
         comment => "Removing the logging of all in the database";  
 
+    # If reports are disabled, or if rsyslog is disabled, we remove rudder rsyslog conf
+    policy_server.(reports_disabled|rsyslog_disabled)
+      "/etc/rsyslog.d/rudder.conf"
+        delete  => tidy,
+        classes => classes_generic("remove_rudder_rsyslog_conf");
+
+
+
   commands:
-    policy_server.!SuSE.(rudder_rsyslog_conf_repaired|rsyslog_inc_repaired|rudder_rsyslog_historical_conf_repaired|rudder_rsyslog_pgsql_repaired)::
+    policy_server.!SuSE.(rudder_rsyslog_conf_repaired|rsyslog_inc_repaired|rudder_rsyslog_historical_conf_repaired|rudder_rsyslog_pgsql_repaired|remove_rudder_rsyslog_conf_repaired)::
       "${paths.path[service]} rsyslog"
         args => "restart",
         classes => classes_generic("rsyslog_restarted"),
         comment => "restarting rsyslog";
-    policy_server.SuSE.(rudder_rsyslog_conf_repaired|rsyslog_inc_repaired|rudder_rsyslog_historical_conf_repaired|rudder_rsyslog_pgsql_repaired)::
+    policy_server.SuSE.(rudder_rsyslog_conf_repaired|rsyslog_inc_repaired|rudder_rsyslog_historical_conf_repaired|rudder_rsyslog_pgsql_repaired|remove_rudder_rsyslog_conf_repaired)::
       "${paths.path[service]} syslog"
         args => "restart",
         classes => classes_generic("rsyslog_restarted"),