Commit Graph

82 Commits

Author SHA1 Message Date
ps
41b31bd1e0 Update the usage string to reflect -n as an option. 2000-08-07 01:09:25 +00:00
ps
045b3ce333 Actually make syslogd understand the new -n option by putting it
in getopt.

Submitted by:	Clive Lin <clive@CirX.ORG>
2000-08-07 01:00:01 +00:00
dwmalone
09a589b8f1 Sort cases in getopt switch statement.
Remove extra parens from my host selection commit.
Add white space after if, while, for and switch.
Get rid of braces around a single statement if.

There should be no functional changes in this commit.

Reviewed by:	sheldonh
2000-08-03 15:19:27 +00:00
dwmalone
91c8cf2367 Replace two calls to strlen+calloc+strcpy with strdup.
Reviewed by:	sheldonh
2000-08-03 15:12:06 +00:00
ps
b0760261f3 Change option -r to -n inline with conventions we use elsewhere.
I guess it serves me right for using a patch directly from Jan
Koum.  :)

Requested by:	many
2000-07-29 04:02:34 +00:00
ps
fd6c9310b6 Add option 'r' to syslogd which will disable dns queries for every
request.  This is useful when you have a large site pointed at a
single syslog server.

Submitted by:	Jan Koum <jkb@yahoo-inc.com>
2000-07-29 01:37:37 +00:00
dwmalone
c0626c7786 Allow syslogd to select messages based on the originating host in
a similar way to the way it can select messages from a given program.

Lines beginning with "+hostname" or "#+hostname" select messaes
from that hostname and lines beginning with "-hostname" or "#-hostname"
match messages not from that hostname.

There are some significant style issues left in the original program
selection code and the man page. This should be cleared up in some
later commits.

Reviewed by:	sheldonh
Based on an original patch by:    Bernd Walter <ticso@cicely8.cicely.de>
Man page stylist:	sheldonh
2000-07-24 14:10:17 +00:00
kris
c8fe54863b Prevent a non-exploitable remote buffer overflow.
Reported by:	twitch <twitch@vicar.org>
Submitted by:	Guido van Rooij <guido@gvr.org>
Reviewed by:	security-officer
2000-06-08 03:54:45 +00:00
jake
961b97d434 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
jake
d93fbc9916 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
ache
2e1592d902 Enable 8bit chars excepting high controls 2000-04-18 01:12:27 +00:00
sheldonh
b2240fc1c0 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 14:09:25 +00:00
joerg
7d18be033d Fix a nit in my previous commit: make SIGHUP and SIGCHLD restartable
as they ought to be.  The description of SA_RESTART was a little
unobvious to me in the man page, so i missed it.  Thanks to Bruce for
spotting this.

Submitted by:	bde
2000-02-29 08:02:29 +00:00
joerg
e52757e9dd Fix a serious bug in syslogd regarding the handling of pipes. The bug
would cause syslogd to eventually kill innocent processes in the
system over time (note: not `could' but `would').  Many thanks to my
colleague Mirko for digging into the kernel structures and providing
me with the debugging framework to find out about the nature of this
bug (and to isolate that syslogd was the culprit) in a rather large
set of distributed machines at client sites where this happened
occasionally.

Whenever a child process was no longer responsive, or when syslogd
receives a SIGHUP so it closes all its logging file descriptors, for
any descriptor that refers to a pipe syslogd enters the data about the
old logging child process into a `dead queue', where it is being
removed from (and the status of the dead kitten being fetched) upon
receipt of a SIGCHLD.  However, there's a high probability that the
SIGCHLD already arrives before the child's data are actually entered
into the dead queue inside the SIGHUP handler, so the SIGCHLD handler
has nothing to fetch and remove and simply continues.  Whenever this
happens, the process'es data remain on the dead queue forever, and
since domark() tried to get rid of totally unresponsive children by
first sending a SIGTERM and later a SIGKILL, it was only a matter of
time until the system had recycled enough PIDs so an innocent process
got shot to death.

Fix the race by masking SIGHUP and SIGCHLD from both handlers mutually.

Add additional bandaids ``just in case'', i. e. don't enter a process
into the dead queue if we can't signal it (this should only happen in
case it is already dead by that time so we can fetch the status
immediately instead of deferring this to the SIGCHLD handler); for the
kill(2) inside domark(), check for an error status (/* Can't happen */
:) and remove it from the dead queue in this case (which if it would
have been there in the first place would have reduced the problem to a
statistically minimal likelihood so i certainly would never have
noticed the bug at all :).

Mirko also reviewed the fix in priciple (mutual blocking of both
signals inside the handlers), but not the actual code.

Reviewed by:	Mirko Kaffka <mirko@interface-business.de>
Approved by:	jkh
2000-02-28 17:49:43 +00:00
peter
6dd3ee93f0 s|/dev/log|/var/run/log| 2000-02-14 13:26:57 +00:00
charnier
eb44a9737f Add section number to .Xr. Use .Pa for filenames.
fprintf -> warnx.
2000-01-23 20:22:23 +00:00
des
4e26c2b9bd Do this the Right Way (tm), i.e. use shutdown() instead of fooling around
with the size of the receive buffer.

Pointed out by:	ru
2000-01-14 15:37:18 +00:00
des
cb9a455cbe Reflect the change in secure mode semantics, and document fascist mode
properly.
2000-01-14 15:10:36 +00:00
des
3663c2376b Slight change of secure mode semantics: instead of reading (and counting)
vogons, set the size of the receive buffer to 1 and rely on the kernel to
simply drop incoming packets. The logging code was buggy anyway.

Use socklen_t instead of int for the length argument to recvfrom.

Add a 'continue' at the end of a loop for ANSI conformance.
2000-01-14 15:09:06 +00:00
ru
acb5ac51e9 Fix page fault in -vv mode.
PR:		16098
Submitted by:	Alan.Judge@indigo.ie
Reviewed by:	ru
2000-01-13 12:59:58 +00:00
peter
efabb9ccb1 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
green
1d06e20aed This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by:	rgrimes, imp, chris
1999-08-21 18:24:29 +00:00
brian
0fa185e8a0 Make hostname comparisons case insensitive 1999-08-17 01:25:16 +00:00
dt
14f270d531 readklog(): rename variable 'l' to 'len', to avoid possible confusion with 'i'
and '1'.

Requested by:	mckay
1999-05-06 13:57:57 +00:00
des
6c7b6a78d0 Is there a limit to how stupid I can get? 1999-05-04 18:03:59 +00:00
dt
528b186dfe Little fix in previous: watch NUL-termination. 1999-05-02 17:44:16 +00:00
dt
a60c9cfa3a Fight with false newlines in kernel message logs. Output a line into log only
after we read a newline, or we have nothing to read from /dev/klog. Read
/dev/klog in non-blocking mode.
1999-05-02 12:47:09 +00:00
des
83538ea9d0 Implement fascist mode (do not open a datagram socket at all). 1999-04-30 12:51:20 +00:00
cwt
233301419f Ensure a terminating null when processing hostname strings from
arbitrary sources.
Obtained from:	OpenBSD
1998-12-29 23:14:50 +00:00
cwt
c65223bc89 Accept "!*" as a valid all-programs tag line as documented.
PR:		8447
Submitted by:	Gaspar Chilingarov <nightmar@lemming.acc.am>
1998-12-29 20:36:22 +00:00
cwt
1effc86f47 Block SIGHUP during call to gethostbyaddr().
PR: 5548
Reviewed by: Matthew Dillon <dillon@apollo.backplane.com>
Obtained from: OpenBSD
1998-12-28 00:39:14 +00:00
jkh
20107e8f47 Allow either tabs or spaces in configuration files.
PR:		8762
Submitted by:	Igor Roshchin <str@giganda.komkon.org>
1998-12-04 06:49:20 +00:00
dg
60b560b337 When warning about discarding packets in secure mode, include the IP
address of the most recent offender.
1998-11-05 10:51:21 +00:00
julian
ea1d22b2ff Submitted by: archie@whistle.com
quieten cc -Wall
1998-08-25 21:16:47 +00:00
phk
a1a5f020ed Harlan.Stenn@pfcs.com added two (very interesting) options to syslogd for
-current (Thanks Harald). However, on my attempt to try this on -STABLE,
I found that when forwarding to another host the actual messages gets lost.
This is due to a wrong index because when the -v option was added, the
indexes shifted one place.

PR:		7407
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
1998-07-27 13:04:14 +00:00
phk
5835aea78c Add -u, -v and -vv options to syslogd, this improves the control and
logging verbosity about facility & priority levels.
PR:		7278
Reviewed by:	phk
Submitted by:	Harlan Stenn <Harlan.Stenn@pfcs.com>
1998-07-22 06:15:19 +00:00
bde
a5b3c3ea4f Fixed printf format errors. 1998-07-06 20:28:08 +00:00
guido
b7d83099ea Fix off by 1 error. 1998-07-02 19:35:40 +00:00
steve
40b850dd41 Note in log file if messages are being forwarded from a
remote machine.

PR:		7055
Submitted by:	Edwin Groothus <edwin@nwm.wan.philips.com>
1998-06-27 21:45:59 +00:00
guido
c183560752 Implement new argument -l (OpenBSD has -a but we already use that).
This allows one to specify additional sockets in the unix domain
that syslogd listens to. Its primary use is to create log sockets in
chroot environments.
Obtained from:OpenBSD (with a bug fixed d
1998-06-25 19:39:19 +00:00
julian
2b2a057da4 Reviewed by: guido@mouse.gvr.org
Submitted by:	Archie@whistle.com
redo the last patch to allow differentiated kernel logging in
a much better way.
1998-06-24 23:50:20 +00:00
julian
538c54fd9e Allow syslogd to separate out kernel log messages with a known
category.
e.g. separate out ipfw entries to a separate file.

Reviewed by:	(briefly) phk
Submitted by:	archie@whistle.com
Obtained from:	Whistle source tree
1998-06-10 04:34:56 +00:00
phk
9abae418f8 Remove a bogus dependency on the size of the inkernel msgbuf.
This change is likely to introduce a few linebreaks in the boot
messages, but that is not easy to solve without breaking syslogd
semantics.  Maybe the right  fix is to return an integral number
of lines from the kernel driver.

Noticed by:	dg
1998-05-19 12:02:41 +00:00
brian
5cc7cdec73 Make syslogd function in non-secure mode.
Log the correct ^2 packet as per the last commit comment.
1998-05-07 00:39:56 +00:00
phk
8ad123ff43 Augment the last change after some deliberation with rgrimes & peter.
It is important that we keep the ability to send packets to a remote
server and that the packets come from our well-known port, also in
that case.

Reviewed by:	peter, rgrimes.
1998-04-24 17:32:23 +00:00
phk
bd583b94c4 Even with '-s', syslogd still creates an AF_INET socket, although
it is not bind(2)ed.

PR:		6366
Reviewed by:	phk
Submitted by:	Soren S. Jorvang <soren@dt.dk>
1998-04-22 06:28:18 +00:00
jraynard
aaccbfd01d Don't assume sigset_t and int are equivalent. Also, get
sigprocmask arguments the right way round.
1998-02-28 15:14:00 +00:00
charnier
a9eeb3d932 Cosmetic in usage string. 1997-10-20 12:55:49 +00:00
joerg
f3ad79066c Documentation for the LOG_NTP facility. While i was at it, added a
bit of a warning about not all systems providing for the same set of
syslog facilities.
1997-10-06 20:37:50 +00:00
brian
c772a08c0b Use snprintf() instead of sprintf() most of the time.
Obtained from: OpenBSD

Make usage() consistent with man page.
1997-09-19 22:22:04 +00:00