diff --git a/SOURCES/rsyslog-8.2102.0-rhbz1984489-remove-abort-on-id-resolution-fail.patch b/SOURCES/rsyslog-8.2102.0-rhbz1984489-remove-abort-on-id-resolution-fail.patch
new file mode 100644
index 0000000..344eef6
--- /dev/null
+++ b/SOURCES/rsyslog-8.2102.0-rhbz1984489-remove-abort-on-id-resolution-fail.patch
@@ -0,0 +1,102 @@
+diff -up rsyslog-8.2102.0/runtime/cfsysline.c.orig rsyslog-8.2102.0/runtime/cfsysline.c
+--- rsyslog-8.2102.0/runtime/cfsysline.c.orig 2021-08-04 07:16:02.663163106 +0200
++++ rsyslog-8.2102.0/runtime/cfsysline.c 2021-08-04 07:18:05.952490008 +0200
+@@ -353,13 +353,8 @@ static rsRetVal doGetGID(uchar **pp, rsR
+ assert(*pp != NULL);
+
+ if(getSubString(pp, (char*) szName, sizeof(szName), ' ') != 0) {
+- if(loadConf->globals.abortOnIDResolutionFail) {
+- fprintf(stderr, "could not extract group name: %s\n", (char*)szName);
+- exit(1); /* good exit */
+- } else {
+- LogError(0, RS_RET_NOT_FOUND, "could not extract group name");
+- ABORT_FINALIZE(RS_RET_NOT_FOUND);
+- }
++ LogError(0, RS_RET_NOT_FOUND, "could not extract group name");
++ ABORT_FINALIZE(RS_RET_NOT_FOUND);
+ }
+
+ do {
+@@ -380,10 +375,6 @@ static rsRetVal doGetGID(uchar **pp, rsR
+ LogError(0, RS_RET_NOT_FOUND, "ID for group '%s' could not be found", szName);
+ }
+ iRet = RS_RET_NOT_FOUND;
+- if(loadConf->globals.abortOnIDResolutionFail) {
+- fprintf(stderr, "ID for group '%s' could not be found or error\n", szName);
+- exit(1); /* good exit */
+- }
+ } else {
+ if(pSetHdlr == NULL) {
+ /* we should set value directly to var */
+@@ -418,25 +409,15 @@ static rsRetVal doGetUID(uchar **pp, rsR
+ assert(*pp != NULL);
+
+ if(getSubString(pp, (char*) szName, sizeof(szName), ' ') != 0) {
+- if(loadConf->globals.abortOnIDResolutionFail) {
+- fprintf(stderr, "could not extract user name: %s\n", (char*)szName);
+- exit(1); /* good exit */
+- } else {
+- LogError(0, RS_RET_NOT_FOUND, "could not extract user name");
+- ABORT_FINALIZE(RS_RET_NOT_FOUND);
+- }
++ LogError(0, RS_RET_NOT_FOUND, "could not extract user name");
++ ABORT_FINALIZE(RS_RET_NOT_FOUND);
+ }
+
+ getpwnam_r((char*)szName, &pwBuf, stringBuf, sizeof(stringBuf), &ppwBuf);
+
+ if(ppwBuf == NULL) {
+- if(loadConf->globals.abortOnIDResolutionFail) {
+- fprintf(stderr, "ID for user '%s' could not be found or error\n", (char*)szName);
+- exit(1); /* good exit */
+- } else {
+- LogError(0, RS_RET_NOT_FOUND, "ID for user '%s' could not be found or error", (char*)szName);
+- iRet = RS_RET_NOT_FOUND;
+- }
++ LogError(0, RS_RET_NOT_FOUND, "ID for user '%s' could not be found or error", (char*)szName);
++ iRet = RS_RET_NOT_FOUND;
+ } else {
+ if(pSetHdlr == NULL) {
+ /* we should set value directly to var */
+diff -up rsyslog-8.2102.0/runtime/glbl.c.orig rsyslog-8.2102.0/runtime/glbl.c
+--- rsyslog-8.2102.0/runtime/glbl.c.orig 2021-08-04 07:18:19.301633677 +0200
++++ rsyslog-8.2102.0/runtime/glbl.c 2021-08-04 07:19:02.409019106 +0200
+@@ -210,7 +210,6 @@ static struct cnfparamdescr cnfparamdesc
+ { "environment", eCmdHdlrArray, 0 },
+ { "processinternalmessages", eCmdHdlrBinary, 0 },
+ { "umask", eCmdHdlrFileCreateMode, 0 },
+- { "security.abortonidresolutionfail", eCmdHdlrBinary, 0 },
+ { "internal.developeronly.options", eCmdHdlrInt, 0 },
+ { "internalmsg.ratelimit.interval", eCmdHdlrPositiveInt, 0 },
+ { "internalmsg.ratelimit.burst", eCmdHdlrPositiveInt, 0 },
+@@ -1443,8 +1442,6 @@ glblDoneLoadCnf(void)
+ glblInputTimeoutShutdown = (int) cnfparamvals[i].val.d.n;
+ } else if(!strcmp(paramblk.descr[i].name, "privdrop.group.keepsupplemental")) {
+ loadConf->globals.gidDropPrivKeepSupplemental = (int) cnfparamvals[i].val.d.n;
+- } else if(!strcmp(paramblk.descr[i].name, "security.abortonidresolutionfail")) {
+- loadConf->globals.abortOnIDResolutionFail = (int) cnfparamvals[i].val.d.n;
+ } else if(!strcmp(paramblk.descr[i].name, "net.acladdhostnameonfail")) {
+ *(net.pACLAddHostnameOnFail) = (int) cnfparamvals[i].val.d.n;
+ } else if(!strcmp(paramblk.descr[i].name, "net.aclresolvehostname")) {
+diff -up rsyslog-8.2102.0/runtime/rsconf.c.orig rsyslog-8.2102.0/runtime/rsconf.c
+--- rsyslog-8.2102.0/runtime/rsconf.c.orig 2021-08-04 07:19:13.103104854 +0200
++++ rsyslog-8.2102.0/runtime/rsconf.c 2021-08-04 07:19:44.635357684 +0200
+@@ -156,7 +156,6 @@ static void cnfSetDefaults(rsconf_t *pTh
+ pThis->globals.maxErrMsgToStderr = -1;
+ pThis->globals.umask = -1;
+ pThis->globals.gidDropPrivKeepSupplemental = 0;
+- pThis->globals.abortOnIDResolutionFail = 1;
+ pThis->templates.root = NULL;
+ pThis->templates.last = NULL;
+ pThis->templates.lastStatic = NULL;
+diff -up rsyslog-8.2102.0/runtime/rsconf.h.orig rsyslog-8.2102.0/runtime/rsconf.h
+--- rsyslog-8.2102.0/runtime/rsconf.h.orig 2021-08-04 07:20:15.848607958 +0200
++++ rsyslog-8.2102.0/runtime/rsconf.h 2021-08-04 07:20:42.782823920 +0200
+@@ -73,7 +73,6 @@ struct globals_s {
+ int uidDropPriv; /* user-id to which priveleges should be dropped to */
+ int gidDropPriv; /* group-id to which priveleges should be dropped to */
+ int gidDropPrivKeepSupplemental; /* keep supplemental groups when dropping? */
+- int abortOnIDResolutionFail;
+ int umask; /* umask to use */
+ uchar *pszConfDAGFile; /* name of config DAG file, non-NULL means generate one */
+
diff --git a/SOURCES/rsyslog-8.2102.0-rhbz1984616-imuxsock-ratelimit.patch b/SOURCES/rsyslog-8.2102.0-rhbz1984616-imuxsock-ratelimit.patch
new file mode 100644
index 0000000..710f48c
--- /dev/null
+++ b/SOURCES/rsyslog-8.2102.0-rhbz1984616-imuxsock-ratelimit.patch
@@ -0,0 +1,26 @@
+diff -up rsyslog-8.2102.0/runtime/ratelimit.c.orig rsyslog-8.2102.0/runtime/ratelimit.c
+--- rsyslog-8.2102.0/runtime/ratelimit.c.orig 2021-07-27 10:37:50.972903104 +0200
++++ rsyslog-8.2102.0/runtime/ratelimit.c 2021-07-27 10:38:26.141002988 +0200
+@@ -235,7 +235,6 @@ ratelimitMsg(ratelimit_t *__restrict__ c
+ {
+ DEFiRet;
+ rsRetVal localRet;
+- int severity = 0;
+
+ *ppRepMsg = NULL;
+
+@@ -246,13 +245,12 @@ ratelimitMsg(ratelimit_t *__restrict__ c
+ DBGPRINTF("Message discarded, parsing error %d\n", localRet);
+ ABORT_FINALIZE(RS_RET_DISCARDMSG);
+ }
+- severity = pMsg->iSeverity;
+ }
+ }
+
+ /* Only the messages having severity level at or below the
+ * treshold (the value is >=) are subject to ratelimiting. */
+- if(ratelimit->interval && (severity >= ratelimit->severity)) {
++ if(ratelimit->interval && (pMsg->iSeverity >= ratelimit->severity)) {
+ char namebuf[512]; /* 256 for FGDN adn 256 for APPNAME should be enough */
+ snprintf(namebuf, sizeof namebuf, "%s:%s", getHOSTNAME(pMsg),
+ getAPPNAME(pMsg, 0));
diff --git a/SPECS/rsyslog.spec b/SPECS/rsyslog.spec
index 1e57107..38af939 100644
--- a/SPECS/rsyslog.spec
+++ b/SPECS/rsyslog.spec
@@ -6,7 +6,7 @@
Summary: Enhanced system logging and kernel message trapping daemon
Name: rsyslog
Version: 8.2102.0
-Release: 3%{?dist}
+Release: 5%{?dist}
License: (GPLv3+ and ASL 2.0)
Group: System Environment/Daemons
ExcludeArch: i686
@@ -52,6 +52,8 @@ Patch0: rsyslog-8.1911.0-rhbz1659898-imjournal-default-tag.patch
Patch1: rsyslog-8.2102.0-rhbz1960536-fdleak-on-fsync.patch
Patch2: rsyslog-8.2102.0-rhbz1886400-reduce-default-timeout.patch
Patch3: rsyslog-8.2102.0-rhbz1866877-unexpected-length.patch
+Patch4: rsyslog-8.2102.0-rhbz1984616-imuxsock-ratelimit.patch
+Patch5: rsyslog-8.2102.0-rhbz1984489-remove-abort-on-id-resolution-fail.patch
%package crypto
Summary: Encryption support
@@ -270,6 +272,8 @@ mv build doc
%patch1 -p1 -b .fd-leak-on-fsync
%patch2 -p1 -b .timeout
%patch3 -p1 -b .unexpected-priority-length
+%patch4 -p1 -b .imuxsock-rate-limit
+%patch5 -p1 -b .abort-on-id-resolution-fail
%build
%ifarch sparc64
@@ -510,6 +514,15 @@ done
%{_libdir}/rsyslog/omudpspoof.so
%changelog
+* Wed Aug 04 2021 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-5
+- Do not exit when user/group can not be found
+ resolves: rhbz#1984489
+- Remove abortOnIDResolution fail
+
+* Tue Jul 27 2021 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-4
+- Allways use message severity when comparing with ratelimit severity
+ resolves: rhbz#1984616
+
* Mon Jun 28 2021 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-3
- Priority field must have valid length
resolves: rhbz#1866877