All the '.conf' files not beginning with a '.' contained int he directory
following the keyword will be included.
This keyword can only be used in the first level configuration files.
Modify the default syslogd.conf to 'include' /etc/syslog.d and
/usr/local/etc/syslog.d
It simplify a lot handling of syslog from automation tools.
Reviewed by: markj, kib (via irc)
Approved by: markj
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D8402
Enable repeated line compression for lines of any length, instead of only
short lines. AFAICT repeated line compression was limited to short lines as
a RAM optimization, which made sense when karels added it in 1988, but no
longer. The penalty is a paltry 904B of RAM per file logged.
Reviewed by: rpaulo
MFC after: 32 days
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D4475
This will help ensure we don't trash file descriptors that get used later on
in the daemon
Found via internal Coverity scan
MFC after: 2 weeks
Discussed with: cem, ed, markj
Differential Revision: https://reviews.freebsd.org/D3081
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
syslogd already re-reads the configuration file and the hostname when
receiving a SIGHUP, so it makes sense to reset the timezone.
Special care was taken to ensure we don't break installations running
with a custom TZ variable.
PR: 196905
Submitted by: Kurt Lidl <lidl pix.net>
Sponsored by: Pi-Coral, Inc.
foreground.
This allows a separate process to monitor when and how
syslogd exits. That process can then restart syslogd if needed.
Differential Revision: https://reviews.freebsd.org/D1985
Submitted by: Ravi Pokala
Reviewed by: allanjude (man page)
On POSIX conformant systems, shutdown() should return ENOTCONN when not
connected. We attempted to fix this once (kern/84761), but this change
got backed out because it 'breaks code' (r150155).
I just reapplied the patch and indeed, syslogd fails on startup. Make it
easier to re-enable this change in the future by paching up syslogd to
do the right thing.
MFC after: 3 weeks
Sponsored by: Nuxi
usr.sbin/syslogd/syslogd.c:1023:10: error: address of array 'f->f_prevline' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
f->f_prevline && !strcmp(msg, f->f_prevline) &&
~~~^~~~~~~~~~
usr.sbin/syslogd/syslogd.c:1178:16: error: address of array 'f->f_prevline' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
} else if (f->f_prevline) {
~~ ~~~^~~~~~~~~~
In both cases, the f_prevline field of struct filed is a char array, so
it can never be null. Remove the checks.
Reviewed by: jilles
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D1716
parsing programm specification. It is safe to not check out of bounds
access, because !isprint(p[i]) check will stop reading, when '\0'
character will be read from the input string.
Obtained from: Yandex LLC
MFC after: 1 week
Sponsored by: Yandex LLC
- A call was misplaced at the wrong level of nested if blocks, so that
the buffers for unix domain sockets (/dev/log, /dev/klog) were never
increased at all; they remained at a way-too-small default size of 4096.
- The function that was supposed to double the size of the buffer
sometimes did nothing, and sometimes installed a wildly-wrong buffer
size (either too large or too small) due to an unitialized 'slen'
variable passed to getsockopt(). Most often it doubled the UDP buffers
from 40k to 80k because accidentally there would be harmless stack
garbage in the unitialized variables.
- The whole concept of blindly doubling a socket's buffer size without
knowing what size it started at is a design flaw that has to be called a
bug. If the double_rbuf() function had worked at all (I.E., if the
other two bugs didn't exist) this would lead to UDP sockets having an
80k buffer while unix dgram sockets get an 8k buffer. There's nothing
about the problem being solved that requires larger buffers for UDP than
for unix dgram sockets -- the buffering requirements are the same
regardless of socket type.
This change renames the double_rbuf() function to increase_rbuf() and
increases the buffer size on all types of sockets to 80k. 80k was
chosen only because it appears to be the size the original change was
shooting for, and it certainly seems to be reasonably large (I might
have picked 64k in the absence of any historical guidance).
PR: 160433
Submitted by: me, in 2011.
When syslogd forks a process for '|' destinations, it closes all file
descriptors greater than 2.
Use closefrom() for this instead of a getdtablesize()/close() loop because
it is both faster and avoids leaving file descriptors open because the limit
was lowered after they were opened.
MFC after: 1 week
Checking if it is > 0 doesn't make sense, because snprintf returns
how much space is needed if the buffer is too small. Instead, check
if the return value was greater than the buffer size, and truncate
the message if it was too long.
It isn't clear if snprintf can return a negative value in the case
of an error - I don't believe it can. If it can, then testing
v->iov_len won't help 'cos it is a size_t, not an ssize_t.
Also, as clang points out, we must always increment v here, because
later code depends on the message being in iov[5].
standard ports, but it can't *receive* them (port 514 is
hardcoded). This commit adds that missing feature.
(NB: I actually needed this feature for a server farm where
multiple jails run with shared IP addresses, and every jail
should have its own syslogd process.)
As a side effect, syslogd now compiles with WARNS=6.
Approved by: des (mentor)
MFC after: 3 weeks
environments.
Please note that this can't be done while such processes run in jails.
Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.
Obtained from: Sandvine Incorporated
Reviewed by: emaste, arch@
Sponsored by: Sandvine Incorporated
MFC: 1 month
messages from the network. We already replace malformatted timestamps
and this option lets us replace timestamps that are correctly formatted
but wrong.
PR: 120891
Submitted by: Thomas Vogt <thomas@bsdunix.ch>
MFC after: 1 week
1) Use [AP]F_LOCAL rather than [AP]F_UNIX.
2) When copying a pipe's name, use f->f_un.f_pipe.f_pname, not f->f_un.f_fname.
PR: 20889
Submitted by: Damieon Stark
PR: 116642
Submitted by: Jim Pirzyk
Reviewed by: md5
for the port to drain).
+ Handle "*" as a priority properly.
+ Test what is free'ed.
+ Dynamically determine length vs. hardcoding it.
+ Free the previous message buffer (f_prevline) only after logging all the
messages and just before the process exit. Also check f_prevline for NULL
before using it.
+ The time displayed is not synchornized with the other log destinations.
+ Fix a comment.
Obtained from: Juniper Networks
internal list of logfiles. So if writev(2) fails for potentially transient
errors like ENOSPC, syslogd requires a restart, even if the filesystem has
purged.
This change allows syslogd to ignore ENOSPC space errors, so that when the
filesystem is cleaned up, syslogd will automatically start logging again
without requiring the reset. This makes syslogd(8) a bit more reliable.
MFC after: 1 week
when they don't exist, but sometimes its quite useful (eg. we use
non-standard log files and memory backed /var/, which is populated on
boot).
Add -C option which tells syslogd(8) to create log files if they don't
exist.
Glanced at by: phk
MFC after: 3 days
catch all transient errors. This fixes situations where transient
error conditions such as network interfaces losing carrier signals
or the system running out of mbufs would result in the permanent
removal of forwarding syslog messages.
MFC after: 1 week
