Commit Graph

253 Commits

Author SHA1 Message Date
cem
b35b6ea132 newsyslog(8): Reject configurations that specify setuid or executable logs
Prevent some classes of foot-shooting that may result in permissions
problems.

Reviewed by:	dab, delphij, vangyzen (earlier version)
Relnotes:	yes (behavior change)
Sponsored by:	Dell EMC Isilon
Differential Revision:	D16831
2018-08-21 23:12:46 +00:00
brd
4d85960ed8 Move all the newsyslog related configs to usr.sbin/newsyslog/
This is related to pkgbase and changes these to use CONFS so that these are
tagged as config files.

Approved by:	AllanJude (mentor)
Sponsored by:	Essen Hackathon
Differential Revision:	https://reviews.freebsd.org/D16694
2018-08-12 13:24:53 +00:00
markj
f21f9cc77c Simplify compression code.
- Remove the compression suffix macros and move them directly into the
  compress_type array.
- Remove the hardcoded sizes on the suffix and compression args arrays.
- Simplify the compression args arrays at the expense of a __DECONST
  when calling execv().
- Rewrite do_zipwork.  The COMPRESS_* macros can directly index the
  compress_types array, so the outer loop is not needed. Convert
  fixed-length strings into asprintf or sbuf calls.

Submitted by:	Dan Nelson <dnelson_1901@yahoo.com>
Reviewed by:	gad
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16518
2018-08-08 17:26:51 +00:00
markj
a86549a733 Fix a flag collision introduced in r327451.
PR:		230350
MFC after:	3 days
2018-08-04 15:30:56 +00:00
markj
2e6b904ec5 Remove ARGS_NUM, accidentally left over after r337050. 2018-08-01 18:49:40 +00:00
markj
59ae15e1bd Don't hard-code the number of compression utility arguments.
The zstd invocation constructed by newsyslog contains one more parameter
than invocations for the other supported compression utilities.  However,
the maximum number of arguments was hard-coded, leading to an
out-of-bounds array access when using zstd compression.
2018-08-01 18:45:33 +00:00
markj
32ba85e04a Adjust the number of tests after r336913. 2018-08-01 18:41:43 +00:00
bapt
c562453022 newsyslog: fix compression arglist construction
Reuse of the index variable in two nested loops resulted in only the first
argument in the list being used (fine for gzip, not fine for zstd). Also
add tests for xz and zstd, and fix the COMPRESS_SUFFIX_MAXLEN macro.

Submitted by:	dnelson_1901_yahoo.com
Differential Revision:	https://reviews.freebsd.org/D16509
2018-07-30 15:46:24 +00:00
cem
0410664768 newsyslog.8: Remove cutesy nonsense
Sponsored by:	Dell EMC Isilon
2018-07-19 16:03:20 +00:00
ed
0bb8232d50 Use the FQDN in the newsyslog log message when RFC 5424 is enabled.
The RFC 5424 spec mentions that logging FQDNs over short hostnames is
preferred. Alter this code, so that the hostname doesn't get truncated
on startup. Keep track of the length of the short hostname, so that
fprintf() can do the truncation where necessary.

MFC after:	1 month
2018-07-08 10:08:24 +00:00
eadler
14200d5f67 newsyslog: fix typeo for 'zstd'
Reported by:	swildner@DragonFlyBSD.org
MFC After:	1 week
2018-02-03 20:53:21 +00:00
jhb
440c9e5a95 Sort the list of flags in newsyslog.conf entries.
Move the 'X' and 'Y' entries into their sorted location in the list
of flags just above 'Z'.

Reviewed by:	bcr
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D13904
2018-01-16 00:47:53 +00:00
eadler
a910215b9b newsyslog: implement 'p' flag
Implement the 'p' flag for newsyslog from NetBSD. This flag results in
the first log file for a given file to not be compressed.

While here, don't change file attributes during a no-op run

PR:		162798
Submitted by:	heas@shrubbery.net
MFC After:	1 month
2017-12-31 22:01:36 +00:00
bapt
83ea734edb newsyslog: Fix issues after r326616
When building the command to execute for compression, newsyslog was modifying
the generic arguments array instead of its own copy.
Meaning on the second file to compress with the same arguments, the command line
was not the one expected.
Fix it by creating one copy of the arguments per execution and modifying that
copy.

While here, print the command line executed in verbose mode.

Reported by:	many
2017-12-18 09:35:04 +00:00
bapt
b9ad623604 Really fix typo and improve wording of the comment 2017-12-06 10:47:50 +00:00
bapt
eb7252a3e9 Fix typo
Reported by:	danfe
2017-12-06 10:20:01 +00:00
bapt
19f5c9ddd5 Allow newsyslog to execute compression commands which
have a semantic different than the traditional gzip(1)

This is done to allow to use zstd(1) as a compression tool without
having to patch it to change its default behavior.
2017-12-06 09:44:35 +00:00
pfg
7551d83c35 various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:37:16 +00:00
bdrewery
a598c4b809 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
ngie
d26727d972 Add HAS_TESTS to all Makefiles that are currently using the
`SUBDIR.${MK_TESTS}+= tests` idiom.

This is a follow up to r321912.
2017-08-02 08:50:42 +00:00
ngie
734d081ed1 MFhead@r321912 2017-08-02 08:38:36 +00:00
ngie
b9997cb3ae Clean up leading whitespace (convert single column spaces to hard tabs)
MFC after:	now
2017-07-20 00:40:03 +00:00
ngie
160ccf3347 Remove TODO for sub testcases added for bug 212160
On closer inspection, the past failures no longer occur on ^/head.

PR:		212160
Sponsored by:	Dell EMC Isilon
2017-06-03 18:20:23 +00:00
ngie
9d4f43c496 Fix the testplan after ^/head@r318960
The number of executed testcases is 128, not 126.

MFC after:	18 days
MFC with:	r318960
Sponsored by:	Dell EMC Isilon
2017-06-03 18:12:00 +00:00
ngie
004b9db92d Don't execute the TODO cases in a subshell
This messes up the testcase counter, as seen in bug 219756.

PR:		212160, 219756
Sponsored by:	Dell EMC Isilon
2017-06-03 18:10:04 +00:00
dab
09536a56e6 Add newsyslog capability to write RFC5424 compliant rotation message.
This modification adds the capability to newsyslog to write the
rotation message in a format that is compliant with RFC5424. This
capability is enabled on a per-log file basis through a new value
("T") in the flags field in newsyslog.conf. This is useful on systems
that use the RFC5424 format for log files so that the rotation message
format matches that of the other log messages. There has been recent
mention of adding an RFC5424 compliant mode to syslogd and at least
one alternative system log daemon (rsyslogd) that already has the
capability to use that format.

Reviewed by:	vangyzen, ngie
Approved by:	vangyzen (mentor)
MFC after:	2 months
Relnotes:	yes
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D10253
2017-05-26 16:36:30 +00:00
bapt
7453e3e0ef Add a new Y flag to newsyslog.conf
This makes newsyslog use zstandard to compress log files.

Given Z is already taken for gzip and zstandard compression level stands in
between gzip and xz (which has the X flag) chosing Y sounds ok :)
2017-04-15 20:37:34 +00:00
bdrewery
30f99dbeef Fix improper use of "its".
Sponsored by:	Dell EMC Isilon
2016-11-08 23:59:41 +00:00
ed
d9c54409f0 Properly patch up dirname()/basename() calls to not clobber ent->log.
It turns out that we had a couple of more calls to dirname()/basename()
in newsyslog(8) that assume the input isn't clobbered. This is bad,
because it apparently breaks log rotation now that the new dirname()
implementation has been merged.

Fix this by first copying the input and then calling
dirname()/basename(). While there, improve the naming of variables in
this function a bit.

Reported by:	Ryan Steinmetz, gjb
Reviewed by:	bdrewery, allanjude
Differential Revision:	https://reviews.freebsd.org/D7838
2016-09-09 07:10:50 +00:00
ngie
066f92fa7d Expect sub testcases 2-4 in :tests_time_rotate to fail today due to changes
to newsyslog, etc made in the past month.

The issue is being root-caused as part of the bug noted below. This commit
will need to be partially reverted once the issue has been found/fixed

PR:		212160
Reported by:	Jenkins
Sponsored by:	EMC / Isilon Storage Division
2016-08-29 18:46:04 +00:00
ed
90506dd628 Clean up use of basename() and dirname().
Pull copies of the input pathname string before calling basename() and
dirname() to make this comply to POSIX. Free these copies at the end of
this function. While there, remove the duplication of the 's' ->
'logfname' string. There is no need for this.
2016-07-28 16:02:30 +00:00
vangyzen
87e8d06bb3 newsyslog: Eliminate unnecessary sleep(10) when -R and -s are specified
After going through the signal work list, during which do_sigwork()
is called and essentially does nothing because -s and -R were
specified on the command line, newsyslog will sleep for 10 seconds
as the (verbose) code says: "Pause 10 seconds to allow daemon(s)
to close log file(s)".

However, the man page verbiage for -R (and -s) seems quite clear
that this sleep() is unnecessary because the daemon was expected
to have already closed the log file before calling newsyslog.

PR:		210020
Submitted by:	David A. Bright <david_a_bright@dell.com>
MFC after:	1 week
Sponsored by:	Dell Inc.
Differential Revision:	https://reviews.freebsd.org/D6727
2016-06-06 22:54:08 +00:00
ngie
92100036c8 Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed
after r298107

Summary of changes:

- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
  namespacing is kept with FILES appropriately, and that this shouldn't need
  to be repeated if the namespace changes -- only the definition of PACKAGE
  needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
  `tests`. In the event we get to the point where things can be split up
  enough in the base system, it would make more sense to group the tests
  with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
  previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
  bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
  ${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
  and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)

Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.

MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
2016-05-04 23:20:53 +00:00
gjb
1c7e318a9a MFH
Sponsored by:	The FreeBSD Foundation
2016-03-10 21:16:01 +00:00
bdrewery
aab40fdc3d DIRDEPS_BUILD: Connect MK_TESTS.
Sponsored by:	EMC / Isilon Storage Division
2016-03-09 22:46:01 +00:00
gjb
a6998ad84f First pass to fix the 'tests' packages.
Sponsored by:	The FreeBSD Foundation
2016-02-02 22:26:49 +00:00
bapt
cab8578a14 newsyslog: treat 'c' flag in the config as 'C'
When -C was introduced in r114137 the plan was to have -C and -c being used for
"create" due to a typo in FreeBSD <= 4.8 a temporary compatibility hack has been
added to make -c being like -G aka GLOB and a warning was issued for the user to
be aware of the futur change for -c.

12 years later it is more than time to remove that hack and finish the what was
intent in r114137

Submitted by:	Alexandre Perrin <alex@kaworu.ch>
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D4000
2015-10-31 09:45:11 +00:00
bapt
a0408328fb newsyslog.conf: allow to configure the signal using the signal name.
Submitted by:	Alexandre Perrin <alex@kaworu.ch>
MFC after:	1 week
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D3961
2015-10-24 13:55:12 +00:00
eadler
21a3003f8f Fix a ton of speelling errors
arc lint is helpful

Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com
Differential Revision: https://reviews.freebsd.org/D3337
2015-10-21 05:37:09 +00:00
ngie
dd1f618367 Refactor the test/ Makefiles after recent changes to bsd.test.mk (r289158) and
netbsd-tests.test.mk (r289151)

- Eliminate explicit OBJTOP/SRCTOP setting
- Convert all ad hoc NetBSD test integration over to netbsd-tests.test.mk
- Remove unnecessary TESTSDIR setting
- Use SRCTOP where possible for clarity

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Divison
2015-10-12 08:16:03 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
b137080f19 Merge from head@274682 2014-11-19 01:07:58 +00:00
markj
ae5107476a If we fail to send a signal after rotation, print the pidfile from which
the corresponding PID was obtained.

PR:		194143
Submitted by:	Lyndon Nerenberg <lyndon@orthanc.ca>
MFC after:	1 week
2014-10-08 17:44:30 +00:00
bdrewery
aace37bc20 Make it more explicitly clear that -t will not change filename.
MFC after:	3 days
2014-09-23 13:58:39 +00:00
sjg
d7cd1d425c Merge head from 7/28 2014-08-19 06:50:54 +00:00
bdrewery
03ffe04fa7 - Include /etc/newsyslog.conf.d/* and /usr/local/etc/newsyslog.conf.d/* by
default for newsyslog(8).

  The /usr/local/etc/newsyslog.conf.d will give packages an opportunity to
  install a default configuration to handle their own log files.

MFC after:	2 weeks
Relnotes:	yes
2014-05-20 03:00:20 +00:00
sjg
5860f0d106 Updated dependencies 2014-05-16 14:09:51 +00:00
sjg
1a7e48acf1 Updated dependencies 2014-05-10 05:16:28 +00:00
sjg
ed3fc70bf5 Merge from head 2014-05-08 23:54:15 +00:00