syslogd.c revision 1.44
1 /* $NetBSD: syslogd.c,v 1.44 2001/03/21 17:02:43 itojun Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1988, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 __COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993, 1994\n\ 39 The Regents of the University of California. All rights reserved.\n"); 40 #endif /* not lint */ 41 42 #ifndef lint 43 #if 0 44 static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; 45 #else 46 __RCSID("$NetBSD: syslogd.c,v 1.44 2001/03/21 17:02:43 itojun Exp $"); 47 #endif 48 #endif /* not lint */ 49 50 /* 51 * syslogd -- log system messages 52 * 53 * This program implements a system log. It takes a series of lines. 54 * Each line may have a priority, signified as "<n>" as 55 * the first characters of the line. If this is 56 * not present, a default priority is used. 57 * 58 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will 59 * cause it to reread its configuration file. 60 * 61 * Defined Constants: 62 * 63 * MAXLINE -- the maximimum line length that can be handled. 64 * DEFUPRI -- the default priority for user messages 65 * DEFSPRI -- the default priority for kernel messages 66 * 67 * Author: Eric Allman 68 * extensive changes by Ralph Campbell 69 * more extensive changes by Eric Allman (again) 70 */ 71 72 #define MAXLINE 1024 /* maximum line length */ 73 #define MAXSVLINE 120 /* maximum saved line length */ 74 #define DEFUPRI (LOG_USER|LOG_NOTICE) 75 #define DEFSPRI (LOG_KERN|LOG_CRIT) 76 #define TIMERINTVL 30 /* interval for checking flush, mark */ 77 #define TTYMSGTIME 1 /* timeout passed to ttymsg */ 78 79 #include <sys/param.h> 80 #include <sys/ioctl.h> 81 #include <sys/stat.h> 82 #include <sys/wait.h> 83 #include <sys/socket.h> 84 #include <sys/msgbuf.h> 85 #include <sys/uio.h> 86 #include <sys/poll.h> 87 #include <sys/un.h> 88 #include <sys/time.h> 89 #include <sys/resource.h> 90 #include <sys/sysctl.h> 91 92 #include <netinet/in.h> 93 #include <netdb.h> 94 #include <arpa/inet.h> 95 96 #include <ctype.h> 97 #include <errno.h> 98 #include <fcntl.h> 99 #include <locale.h> 100 #include <setjmp.h> 101 #include <signal.h> 102 #include <stdio.h> 103 #include <stdlib.h> 104 #include <string.h> 105 #include <unistd.h> 106 #include <utmp.h> 107 #include <util.h> 108 #include "pathnames.h" 109 110 #define SYSLOG_NAMES 111 #include <sys/syslog.h> 112 113 char *ConfFile = _PATH_LOGCONF; 114 char ctty[] = _PATH_CONSOLE; 115 116 #define FDMASK(fd) (1 << (fd)) 117 118 #define dprintf if (Debug) printf 119 120 #define MAXUNAMES 20 /* maximum number of user names */ 121 122 /* 123 * Flags to logmsg(). 124 */ 125 126 #define IGN_CONS 0x001 /* don't print on console */ 127 #define SYNC_FILE 0x002 /* do fsync on file after printing */ 128 #define ADDDATE 0x004 /* add a date to the message */ 129 #define MARK 0x008 /* this message is a mark */ 130 131 /* 132 * This structure represents the files that will have log 133 * copies printed. 134 */ 135 136 struct filed { 137 struct filed *f_next; /* next in linked list */ 138 short f_type; /* entry type, see below */ 139 short f_file; /* file descriptor */ 140 time_t f_time; /* time this was last written */ 141 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ 142 union { 143 char f_uname[MAXUNAMES][UT_NAMESIZE+1]; 144 struct { 145 char f_hname[MAXHOSTNAMELEN+1]; 146 struct addrinfo *f_addr; 147 } f_forw; /* forwarding address */ 148 char f_fname[MAXPATHLEN]; 149 } f_un; 150 char f_prevline[MAXSVLINE]; /* last message logged */ 151 char f_lasttime[16]; /* time of last occurrence */ 152 char f_prevhost[MAXHOSTNAMELEN+1]; /* host from which recd. */ 153 int f_prevpri; /* pri of f_prevline */ 154 int f_prevlen; /* length of f_prevline */ 155 int f_prevcount; /* repetition cnt of prevline */ 156 int f_repeatcount; /* number of "repeated" msgs */ 157 }; 158 159 /* 160 * Intervals at which we flush out "message repeated" messages, 161 * in seconds after previous message is logged. After each flush, 162 * we move to the next interval until we reach the largest. 163 */ 164 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ 165 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1) 166 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount]) 167 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \ 168 (f)->f_repeatcount = MAXREPEAT; \ 169 } 170 171 /* values for f_type */ 172 #define F_UNUSED 0 /* unused entry */ 173 #define F_FILE 1 /* regular file */ 174 #define F_TTY 2 /* terminal */ 175 #define F_CONSOLE 3 /* console terminal */ 176 #define F_FORW 4 /* remote machine */ 177 #define F_USERS 5 /* list of users */ 178 #define F_WALL 6 /* everyone logged on */ 179 180 char *TypeNames[7] = { 181 "UNUSED", "FILE", "TTY", "CONSOLE", 182 "FORW", "USERS", "WALL" 183 }; 184 185 struct filed *Files; 186 struct filed consfile; 187 188 int Debug; /* debug flag */ 189 char LocalHostName[MAXHOSTNAMELEN+1]; /* our hostname */ 190 char *LocalDomain; /* our local domain name */ 191 int *finet = NULL; /* Internet datagram sockets */ 192 int Initialized = 0; /* set when we have initialized ourselves */ 193 int MarkInterval = 20 * 60; /* interval between marks in seconds */ 194 int MarkSeq = 0; /* mark sequence number */ 195 int SecureMode = 0; /* listen only on unix domain socks */ 196 int NumForwards = 0; /* number of forwarding actions in conf file */ 197 char **LogPaths; /* array of pathnames to read messages from */ 198 199 void cfline __P((char *, struct filed *)); 200 char *cvthname __P((struct sockaddr_storage *)); 201 int decode __P((const char *, CODE *)); 202 void die __P((int)); 203 void domark __P((int)); 204 void fprintlog __P((struct filed *, int, char *)); 205 int getmsgbufsize __P((void)); 206 int* socksetup __P((int)); 207 void init __P((int)); 208 void logerror __P((char *)); 209 void logmsg __P((int, char *, char *, int)); 210 void printline __P((char *, char *)); 211 void printsys __P((char *)); 212 void reapchild __P((int)); 213 void usage __P((void)); 214 void wallmsg __P((struct filed *, struct iovec *)); 215 int main __P((int, char *[])); 216 void logpath_add __P((char ***, int *, int *, char *)); 217 void logpath_fileadd __P((char ***, int *, int *, char *)); 218 219 int 220 main(argc, argv) 221 int argc; 222 char *argv[]; 223 { 224 int ch, *funix, i, j, fklog, len, linesize; 225 int *nfinetix, nfklogix, nfunixbaseix, nfds; 226 int funixsize = 0, funixmaxsize = 0; 227 struct sockaddr_un sunx, fromunix; 228 struct sockaddr_storage frominet; 229 char *p, *line, **pp; 230 struct pollfd *readfds; 231 232 (void)setlocale(LC_ALL, ""); 233 234 while ((ch = getopt(argc, argv, "dsf:m:p:P:")) != -1) 235 switch(ch) { 236 case 'd': /* debug */ 237 Debug++; 238 break; 239 case 'f': /* configuration file */ 240 ConfFile = optarg; 241 break; 242 case 'm': /* mark interval */ 243 MarkInterval = atoi(optarg) * 60; 244 break; 245 case 'p': /* path */ 246 logpath_add(&LogPaths, &funixsize, 247 &funixmaxsize, optarg); 248 break; 249 case 'P': /* file of paths */ 250 logpath_fileadd(&LogPaths, &funixsize, 251 &funixmaxsize, optarg); 252 break; 253 case 's': /* no network listen mode */ 254 SecureMode++; 255 break; 256 case '?': 257 default: 258 usage(); 259 } 260 if ((argc -= optind) != 0) 261 usage(); 262 263 if (!Debug) 264 (void)daemon(0, 0); 265 else 266 setlinebuf(stdout); 267 268 consfile.f_type = F_CONSOLE; 269 (void)strcpy(consfile.f_un.f_fname, ctty); 270 (void)gethostname(LocalHostName, sizeof(LocalHostName)); 271 LocalHostName[sizeof(LocalHostName) - 1] = '\0'; 272 if ((p = strchr(LocalHostName, '.')) != NULL) { 273 *p++ = '\0'; 274 LocalDomain = p; 275 } else 276 LocalDomain = ""; 277 linesize = getmsgbufsize(); 278 if (linesize < MAXLINE) 279 linesize = MAXLINE; 280 linesize++; 281 line = malloc(linesize); 282 if (line == NULL) { 283 logerror("couldn't allocate line buffer"); 284 die(0); 285 } 286 (void)signal(SIGTERM, die); 287 (void)signal(SIGINT, Debug ? die : SIG_IGN); 288 (void)signal(SIGQUIT, Debug ? die : SIG_IGN); 289 (void)signal(SIGCHLD, reapchild); 290 (void)signal(SIGALRM, domark); 291 (void)alarm(TIMERINTVL); 292 293 #ifndef SUN_LEN 294 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) 295 #endif 296 if (funixsize == 0) 297 logpath_add(&LogPaths, &funixsize, 298 &funixmaxsize, _PATH_LOG); 299 funix = (int *)malloc(sizeof(int) * funixsize); 300 if (funix == NULL) { 301 logerror("couldn't allocate funix descriptors"); 302 die(0); 303 } 304 for (j = 0, pp = LogPaths; *pp; pp++, j++) { 305 dprintf("making unix dgram socket %s\n", *pp); 306 unlink(*pp); 307 memset(&sunx, 0, sizeof(sunx)); 308 sunx.sun_family = AF_LOCAL; 309 (void)strncpy(sunx.sun_path, *pp, sizeof(sunx.sun_path)); 310 funix[j] = socket(AF_LOCAL, SOCK_DGRAM, 0); 311 if (funix[j] < 0 || bind(funix[j], 312 (struct sockaddr *)&sunx, SUN_LEN(&sunx)) < 0 || 313 chmod(*pp, 0666) < 0) { 314 int serrno = errno; 315 (void)snprintf(line, sizeof line, 316 "cannot create %s", *pp); 317 errno = serrno; 318 logerror(line); 319 errno = serrno; 320 dprintf("cannot create %s (%d)\n", *pp, errno); 321 die(0); 322 } 323 dprintf("listening on unix dgram socket %s\n", *pp); 324 } 325 326 init(0); 327 328 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) < 0) { 329 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno); 330 } else { 331 dprintf("listening on kernel log %s\n", _PATH_KLOG); 332 } 333 334 /* tuck my process id away, if i'm not in debug mode */ 335 if (Debug == 0) 336 pidfile(NULL); 337 338 dprintf("off & running....\n"); 339 340 (void)signal(SIGHUP, init); 341 342 /* setup pollfd set. */ 343 readfds = (struct pollfd *)malloc(sizeof(struct pollfd) * 344 (funixsize + (finet ? *finet : 0) + 1)); 345 if (readfds == NULL) { 346 logerror("couldn't allocate pollfds"); 347 die(0); 348 } 349 nfds = 0; 350 if (fklog >= 0) { 351 nfklogix = nfds++; 352 readfds[nfklogix].fd = fklog; 353 readfds[nfklogix].events = POLLIN | POLLPRI; 354 } 355 if (finet && !SecureMode) { 356 nfinetix = malloc(*finet * sizeof(*nfinetix)); 357 for (j = 0; j < *finet; j++) { 358 nfinetix[j] = nfds++; 359 readfds[nfinetix[j]].fd = finet[j+1]; 360 readfds[nfinetix[j]].events = POLLIN | POLLPRI; 361 } 362 } 363 nfunixbaseix = nfds; 364 for (j = 0, pp = LogPaths; *pp; pp++) { 365 readfds[nfds].fd = funix[j++]; 366 readfds[nfds++].events = POLLIN | POLLPRI; 367 } 368 369 for (;;) { 370 int rv; 371 372 rv = poll(readfds, nfds, INFTIM); 373 if (rv == 0) 374 continue; 375 if (rv < 0) { 376 if (errno != EINTR) 377 logerror("poll"); 378 continue; 379 } 380 dprintf("got a message (%d)\n", rv); 381 if (fklog >= 0 && 382 (readfds[nfklogix].revents & (POLLIN | POLLPRI))) { 383 dprintf("kernel log active\n"); 384 i = read(fklog, line, linesize - 1); 385 if (i > 0) { 386 line[i] = '\0'; 387 printsys(line); 388 } else if (i < 0 && errno != EINTR) { 389 logerror("klog"); 390 fklog = -1; 391 } 392 } 393 for (j = 0, pp = LogPaths; *pp; pp++, j++) { 394 if ((readfds[nfunixbaseix + j].revents & 395 (POLLIN | POLLPRI)) == 0) 396 continue; 397 398 dprintf("unix socket (%s) active\n", *pp); 399 len = sizeof(fromunix); 400 i = recvfrom(funix[j], line, MAXLINE, 0, 401 (struct sockaddr *)&fromunix, &len); 402 if (i > 0) { 403 line[i] = '\0'; 404 printline(LocalHostName, line); 405 } else if (i < 0 && errno != EINTR) { 406 char buf[MAXPATHLEN]; 407 int serrno = errno; 408 409 (void)snprintf(buf, sizeof buf, 410 "recvfrom unix %s", *pp); 411 errno = serrno; 412 logerror(buf); 413 } 414 } 415 if (finet && !SecureMode) { 416 for (j = 0; j < *finet; j++) { 417 if (readfds[nfinetix[j]].revents & 418 (POLLIN | POLLPRI)) { 419 dprintf("inet socket active\n"); 420 len = sizeof(frominet); 421 i = recvfrom(finet[j+1], line, MAXLINE, 422 0, (struct sockaddr *)&frominet, 423 &len); 424 if (i > 0) { 425 line[i] = '\0'; 426 printline(cvthname(&frominet), 427 line); 428 } else if (i < 0 && errno != EINTR) 429 logerror("recvfrom inet"); 430 } 431 } 432 } 433 } 434 } 435 436 void 437 usage() 438 { 439 440 (void)fprintf(stderr, 441 "usage: %s [-ds] [-f conffile] [-m markinterval] [-P logpathfile] [-p logpath1] [-p logpath2 ..]\n", 442 getprogname()); 443 exit(1); 444 } 445 446 /* 447 * given a pointer to an array of char *'s, a pointer to it's current 448 * size and current allocated max size, and a new char * to add, add 449 * it, update everything as necessary, possibly allocating a new array 450 */ 451 void 452 logpath_add(lp, szp, maxszp, new) 453 char ***lp; 454 int *szp; 455 int *maxszp; 456 char *new; 457 { 458 459 dprintf("adding %s to the %p logpath list\n", new, *lp); 460 if (*szp == *maxszp) { 461 if (*maxszp == 0) { 462 *maxszp = 4; /* start of with enough for now */ 463 *lp = NULL; 464 } 465 else 466 *maxszp *= 2; 467 *lp = realloc(*lp, sizeof(char *) * (*maxszp + 1)); 468 if (*lp == NULL) { 469 logerror("couldn't allocate line buffer"); 470 die(0); 471 } 472 } 473 (*lp)[(*szp)++] = new; 474 (*lp)[(*szp)] = NULL; /* always keep it NULL terminated */ 475 } 476 477 /* do a file of log sockets */ 478 void 479 logpath_fileadd(lp, szp, maxszp, file) 480 char ***lp; 481 int *szp; 482 int *maxszp; 483 char *file; 484 { 485 FILE *fp; 486 char *line; 487 size_t len; 488 489 fp = fopen(file, "r"); 490 if (fp == NULL) { 491 int serrno = errno; 492 493 dprintf("can't open %s (%d)\n", file, errno); 494 errno = serrno; 495 logerror("could not open socket file list"); 496 die(0); 497 } 498 499 while ((line = fgetln(fp, &len))) { 500 line[len - 1] = 0; 501 logpath_add(lp, szp, maxszp, line); 502 } 503 fclose(fp); 504 } 505 506 /* 507 * Take a raw input line, decode the message, and print the message 508 * on the appropriate log files. 509 */ 510 void 511 printline(hname, msg) 512 char *hname; 513 char *msg; 514 { 515 int c, pri; 516 char *p, *q, line[MAXLINE + 1]; 517 518 /* test for special codes */ 519 pri = DEFUPRI; 520 p = msg; 521 if (*p == '<') { 522 pri = 0; 523 while (isdigit(*++p)) 524 pri = 10 * pri + (*p - '0'); 525 if (*p == '>') 526 ++p; 527 } 528 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 529 pri = DEFUPRI; 530 531 /* don't allow users to log kernel messages */ 532 if (LOG_FAC(pri) == LOG_KERN) 533 pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri)); 534 535 q = line; 536 537 while ((c = *p++) != '\0' && 538 q < &line[sizeof(line) - 2]) { 539 c &= 0177; 540 if (iscntrl(c)) 541 if (c == '\n') 542 *q++ = ' '; 543 else if (c == '\t') 544 *q++ = '\t'; 545 else { 546 *q++ = '^'; 547 *q++ = c ^ 0100; 548 } 549 else 550 *q++ = c; 551 } 552 *q = '\0'; 553 554 logmsg(pri, line, hname, 0); 555 } 556 557 /* 558 * Take a raw input line from /dev/klog, split and format similar to syslog(). 559 */ 560 void 561 printsys(msg) 562 char *msg; 563 { 564 int c, pri, flags; 565 char *lp, *p, *q, line[MAXLINE + 1]; 566 567 (void)strcpy(line, _PATH_UNIX); 568 (void)strcat(line, ": "); 569 lp = line + strlen(line); 570 for (p = msg; *p != '\0'; ) { 571 flags = SYNC_FILE | ADDDATE; /* fsync file after write */ 572 pri = DEFSPRI; 573 if (*p == '<') { 574 pri = 0; 575 while (isdigit(*++p)) 576 pri = 10 * pri + (*p - '0'); 577 if (*p == '>') 578 ++p; 579 } else { 580 /* kernel printf's come out on console */ 581 flags |= IGN_CONS; 582 } 583 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 584 pri = DEFSPRI; 585 q = lp; 586 while (*p != '\0' && (c = *p++) != '\n' && 587 q < &line[MAXLINE]) 588 *q++ = c; 589 *q = '\0'; 590 logmsg(pri, line, LocalHostName, flags); 591 } 592 } 593 594 time_t now; 595 596 /* 597 * Log a message to the appropriate log files, users, etc. based on 598 * the priority. 599 */ 600 void 601 logmsg(pri, msg, from, flags) 602 int pri; 603 char *msg, *from; 604 int flags; 605 { 606 struct filed *f; 607 int fac, msglen, omask, prilev; 608 char *timestamp; 609 610 dprintf("logmsg: pri 0%o, flags 0x%x, from %s, msg %s\n", 611 pri, flags, from, msg); 612 613 omask = sigblock(sigmask(SIGHUP)|sigmask(SIGALRM)); 614 615 /* 616 * Check to see if msg looks non-standard. 617 */ 618 msglen = strlen(msg); 619 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' || 620 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ') 621 flags |= ADDDATE; 622 623 (void)time(&now); 624 if (flags & ADDDATE) 625 timestamp = ctime(&now) + 4; 626 else { 627 timestamp = msg; 628 msg += 16; 629 msglen -= 16; 630 } 631 632 /* extract facility and priority level */ 633 if (flags & MARK) 634 fac = LOG_NFACILITIES; 635 else 636 fac = LOG_FAC(pri); 637 prilev = LOG_PRI(pri); 638 639 /* log the message to the particular outputs */ 640 if (!Initialized) { 641 f = &consfile; 642 f->f_file = open(ctty, O_WRONLY, 0); 643 644 if (f->f_file >= 0) { 645 fprintlog(f, flags, msg); 646 (void)close(f->f_file); 647 } 648 (void)sigsetmask(omask); 649 return; 650 } 651 for (f = Files; f; f = f->f_next) { 652 /* skip messages that are incorrect priority */ 653 if (f->f_pmask[fac] < prilev || 654 f->f_pmask[fac] == INTERNAL_NOPRI) 655 continue; 656 657 if (f->f_type == F_CONSOLE && (flags & IGN_CONS)) 658 continue; 659 660 /* don't output marks to recently written files */ 661 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2) 662 continue; 663 664 /* 665 * suppress duplicate lines to this file 666 */ 667 if ((flags & MARK) == 0 && msglen == f->f_prevlen && 668 !strcmp(msg, f->f_prevline) && 669 !strcmp(from, f->f_prevhost)) { 670 (void)strncpy(f->f_lasttime, timestamp, 15); 671 f->f_prevcount++; 672 dprintf("msg repeated %d times, %ld sec of %d\n", 673 f->f_prevcount, (long)(now - f->f_time), 674 repeatinterval[f->f_repeatcount]); 675 /* 676 * If domark would have logged this by now, 677 * flush it now (so we don't hold isolated messages), 678 * but back off so we'll flush less often 679 * in the future. 680 */ 681 if (now > REPEATTIME(f)) { 682 fprintlog(f, flags, (char *)NULL); 683 BACKOFF(f); 684 } 685 } else { 686 /* new line, save it */ 687 if (f->f_prevcount) 688 fprintlog(f, 0, (char *)NULL); 689 f->f_repeatcount = 0; 690 f->f_prevpri = pri; 691 (void)strncpy(f->f_lasttime, timestamp, 15); 692 (void)strncpy(f->f_prevhost, from, 693 sizeof(f->f_prevhost)); 694 if (msglen < MAXSVLINE) { 695 f->f_prevlen = msglen; 696 (void)strcpy(f->f_prevline, msg); 697 fprintlog(f, flags, (char *)NULL); 698 } else { 699 f->f_prevline[0] = 0; 700 f->f_prevlen = 0; 701 fprintlog(f, flags, msg); 702 } 703 } 704 } 705 (void)sigsetmask(omask); 706 } 707 708 void 709 fprintlog(f, flags, msg) 710 struct filed *f; 711 int flags; 712 char *msg; 713 { 714 struct iovec iov[6]; 715 struct iovec *v; 716 struct addrinfo *r; 717 int j, l, lsent; 718 char line[MAXLINE + 1], repbuf[80], greetings[200]; 719 720 v = iov; 721 if (f->f_type == F_WALL) { 722 v->iov_base = greetings; 723 v->iov_len = snprintf(greetings, sizeof greetings, 724 "\r\n\7Message from syslogd@%s at %.24s ...\r\n", 725 f->f_prevhost, ctime(&now)); 726 v++; 727 v->iov_base = ""; 728 v->iov_len = 0; 729 v++; 730 } else { 731 v->iov_base = f->f_lasttime; 732 v->iov_len = 15; 733 v++; 734 v->iov_base = " "; 735 v->iov_len = 1; 736 v++; 737 } 738 v->iov_base = f->f_prevhost; 739 v->iov_len = strlen(v->iov_base); 740 v++; 741 v->iov_base = " "; 742 v->iov_len = 1; 743 v++; 744 745 if (msg) { 746 v->iov_base = msg; 747 v->iov_len = strlen(msg); 748 } else if (f->f_prevcount > 1) { 749 v->iov_base = repbuf; 750 v->iov_len = snprintf(repbuf, sizeof repbuf, 751 "last message repeated %d times", f->f_prevcount); 752 } else { 753 v->iov_base = f->f_prevline; 754 v->iov_len = f->f_prevlen; 755 } 756 v++; 757 758 dprintf("Logging to %s", TypeNames[f->f_type]); 759 f->f_time = now; 760 761 switch (f->f_type) { 762 case F_UNUSED: 763 dprintf("\n"); 764 break; 765 766 case F_FORW: 767 dprintf(" %s\n", f->f_un.f_forw.f_hname); 768 /* 769 * check for local vs remote messages 770 * (from FreeBSD PR#bin/7055) 771 */ 772 if (strcmp(f->f_prevhost, LocalHostName)) { 773 l = snprintf(line, sizeof(line) - 1, 774 "<%d>%.15s [%s]: %s", 775 f->f_prevpri, (char *) iov[0].iov_base, 776 f->f_prevhost, (char *) iov[4].iov_base); 777 } else { 778 l = snprintf(line, sizeof(line) - 1, "<%d>%.15s %s", 779 f->f_prevpri, (char *) iov[0].iov_base, 780 (char *) iov[4].iov_base); 781 } 782 if (l > MAXLINE) 783 l = MAXLINE; 784 if (finet) { 785 for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) { 786 for (j = 0; j < *finet; j++) { 787 #if 0 788 /* 789 * should we check AF first, or just 790 * trial and error? FWD 791 */ 792 if (r->ai_family == 793 address_family_of(finet[j+1])) 794 #endif 795 lsent = sendto(finet[j+1], line, l, 0, 796 r->ai_addr, r->ai_addrlen); 797 if (lsent == l) 798 break; 799 } 800 } 801 if (lsent != l) { 802 f->f_type = F_UNUSED; 803 logerror("sendto"); 804 } 805 } 806 break; 807 808 case F_CONSOLE: 809 if (flags & IGN_CONS) { 810 dprintf(" (ignored)\n"); 811 break; 812 } 813 /* FALLTHROUGH */ 814 815 case F_TTY: 816 case F_FILE: 817 dprintf(" %s\n", f->f_un.f_fname); 818 if (f->f_type != F_FILE) { 819 v->iov_base = "\r\n"; 820 v->iov_len = 2; 821 } else { 822 v->iov_base = "\n"; 823 v->iov_len = 1; 824 } 825 again: 826 if (writev(f->f_file, iov, 6) < 0) { 827 int e = errno; 828 (void)close(f->f_file); 829 /* 830 * Check for errors on TTY's due to loss of tty 831 */ 832 if ((e == EIO || e == EBADF) && f->f_type != F_FILE) { 833 f->f_file = open(f->f_un.f_fname, 834 O_WRONLY|O_APPEND, 0); 835 if (f->f_file < 0) { 836 f->f_type = F_UNUSED; 837 logerror(f->f_un.f_fname); 838 } else 839 goto again; 840 } else { 841 f->f_type = F_UNUSED; 842 errno = e; 843 logerror(f->f_un.f_fname); 844 } 845 } else if (flags & SYNC_FILE) 846 (void)fsync(f->f_file); 847 break; 848 849 case F_USERS: 850 case F_WALL: 851 dprintf("\n"); 852 v->iov_base = "\r\n"; 853 v->iov_len = 2; 854 wallmsg(f, iov); 855 break; 856 } 857 f->f_prevcount = 0; 858 } 859 860 /* 861 * WALLMSG -- Write a message to the world at large 862 * 863 * Write the specified message to either the entire 864 * world, or a list of approved users. 865 */ 866 void 867 wallmsg(f, iov) 868 struct filed *f; 869 struct iovec *iov; 870 { 871 static int reenter; /* avoid calling ourselves */ 872 FILE *uf; 873 struct utmp ut; 874 int i; 875 char *p; 876 char line[sizeof(ut.ut_line) + 1]; 877 878 if (reenter++) 879 return; 880 if ((uf = fopen(_PATH_UTMP, "r")) == NULL) { 881 logerror(_PATH_UTMP); 882 reenter = 0; 883 return; 884 } 885 /* NOSTRICT */ 886 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) { 887 if (ut.ut_name[0] == '\0') 888 continue; 889 strncpy(line, ut.ut_line, sizeof(ut.ut_line)); 890 line[sizeof(ut.ut_line)] = '\0'; 891 if (f->f_type == F_WALL) { 892 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) != NULL) { 893 errno = 0; /* already in msg */ 894 logerror(p); 895 } 896 continue; 897 } 898 /* should we send the message to this user? */ 899 for (i = 0; i < MAXUNAMES; i++) { 900 if (!f->f_un.f_uname[i][0]) 901 break; 902 if (!strncmp(f->f_un.f_uname[i], ut.ut_name, 903 UT_NAMESIZE)) { 904 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) 905 != NULL) { 906 errno = 0; /* already in msg */ 907 logerror(p); 908 } 909 break; 910 } 911 } 912 } 913 (void)fclose(uf); 914 reenter = 0; 915 } 916 917 void 918 reapchild(signo) 919 int signo; 920 { 921 union wait status; 922 923 while (wait3((int *)&status, WNOHANG, (struct rusage *)NULL) > 0) 924 ; 925 } 926 927 /* 928 * Return a printable representation of a host address. 929 */ 930 char * 931 cvthname(f) 932 struct sockaddr_storage *f; 933 { 934 int error; 935 char *p; 936 #ifdef KAME_SCOPEID 937 const int niflag = NI_DGRAM | NI_WITHSCOPEID; 938 #else 939 const int niflag = NI_DGRAM; 940 #endif 941 static char host[NI_MAXHOST], ip[NI_MAXHOST]; 942 943 error = getnameinfo((struct sockaddr*)f, ((struct sockaddr*)f)->sa_len, 944 ip, sizeof ip, NULL, 0, NI_NUMERICHOST|niflag); 945 946 dprintf("cvthname(%s)\n", ip); 947 948 if (error) { 949 dprintf("Malformed from address %s\n", gai_strerror(error)); 950 return ("???"); 951 } 952 953 error = getnameinfo((struct sockaddr*)f, ((struct sockaddr*)f)->sa_len, 954 host, sizeof host, NULL, 0, niflag); 955 if (error) { 956 dprintf("Host name for your address (%s) unknown\n", ip); 957 return (ip); 958 } 959 if ((p = strchr(host, '.')) && strcmp(p + 1, LocalDomain) == 0) 960 *p = '\0'; 961 return (host); 962 } 963 964 void 965 domark(signo) 966 int signo; 967 { 968 struct filed *f; 969 970 now = time((time_t *)NULL); 971 MarkSeq += TIMERINTVL; 972 if (MarkSeq >= MarkInterval) { 973 logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK); 974 MarkSeq = 0; 975 } 976 977 for (f = Files; f; f = f->f_next) { 978 if (f->f_prevcount && now >= REPEATTIME(f)) { 979 dprintf("flush %s: repeated %d times, %d sec.\n", 980 TypeNames[f->f_type], f->f_prevcount, 981 repeatinterval[f->f_repeatcount]); 982 fprintlog(f, 0, (char *)NULL); 983 BACKOFF(f); 984 } 985 } 986 (void)alarm(TIMERINTVL); 987 } 988 989 /* 990 * Print syslogd errors some place. 991 */ 992 void 993 logerror(type) 994 char *type; 995 { 996 char buf[100]; 997 998 if (errno) 999 (void)snprintf(buf, 1000 sizeof(buf), "syslogd: %s: %s", type, strerror(errno)); 1001 else 1002 (void)snprintf(buf, sizeof(buf), "syslogd: %s", type); 1003 errno = 0; 1004 dprintf("%s\n", buf); 1005 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE); 1006 } 1007 1008 void 1009 die(signo) 1010 int signo; 1011 { 1012 struct filed *f; 1013 char buf[100], **p; 1014 1015 for (f = Files; f != NULL; f = f->f_next) { 1016 /* flush any pending output */ 1017 if (f->f_prevcount) 1018 fprintlog(f, 0, (char *)NULL); 1019 } 1020 if (signo) { 1021 dprintf("syslogd: exiting on signal %d\n", signo); 1022 (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); 1023 errno = 0; 1024 logerror(buf); 1025 } 1026 for (p = LogPaths; p && *p; p++) 1027 unlink(*p); 1028 exit(0); 1029 } 1030 1031 /* 1032 * INIT -- Initialize syslogd from configuration table 1033 */ 1034 void 1035 init(signo) 1036 int signo; 1037 { 1038 int i; 1039 FILE *cf; 1040 struct filed *f, *next, **nextp; 1041 char *p; 1042 char cline[LINE_MAX]; 1043 1044 dprintf("init\n"); 1045 1046 /* 1047 * Close all open log files. 1048 */ 1049 Initialized = 0; 1050 for (f = Files; f != NULL; f = next) { 1051 /* flush any pending output */ 1052 if (f->f_prevcount) 1053 fprintlog(f, 0, (char *)NULL); 1054 1055 switch (f->f_type) { 1056 case F_FILE: 1057 case F_TTY: 1058 case F_CONSOLE: 1059 (void)close(f->f_file); 1060 break; 1061 case F_FORW: 1062 if (f->f_un.f_forw.f_addr) 1063 freeaddrinfo(f->f_un.f_forw.f_addr); 1064 break; 1065 } 1066 next = f->f_next; 1067 free((char *)f); 1068 } 1069 Files = NULL; 1070 nextp = &Files; 1071 1072 /* 1073 * Close all open sockets 1074 */ 1075 1076 if (finet) { 1077 for (i = 0; i < *finet; i++) { 1078 if (close(finet[i+1]) < 0) { 1079 logerror("close"); 1080 die(0); 1081 } 1082 } 1083 } 1084 1085 /* 1086 * Reset counter of forwarding actions 1087 */ 1088 1089 NumForwards=0; 1090 1091 /* open the configuration file */ 1092 if ((cf = fopen(ConfFile, "r")) == NULL) { 1093 dprintf("cannot open %s\n", ConfFile); 1094 *nextp = (struct filed *)calloc(1, sizeof(*f)); 1095 cfline("*.ERR\t/dev/console", *nextp); 1096 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f)); 1097 cfline("*.PANIC\t*", (*nextp)->f_next); 1098 Initialized = 1; 1099 return; 1100 } 1101 1102 /* 1103 * Foreach line in the conf table, open that file. 1104 */ 1105 f = NULL; 1106 while (fgets(cline, sizeof(cline), cf) != NULL) { 1107 /* 1108 * check for end-of-section, comments, strip off trailing 1109 * spaces and newline character. 1110 */ 1111 for (p = cline; isspace(*p); ++p) 1112 continue; 1113 if (*p == '\0' || *p == '#') 1114 continue; 1115 for (p = strchr(cline, '\0'); isspace(*--p);) 1116 continue; 1117 *++p = '\0'; 1118 f = (struct filed *)calloc(1, sizeof(*f)); 1119 *nextp = f; 1120 nextp = &f->f_next; 1121 cfline(cline, f); 1122 } 1123 1124 /* close the configuration file */ 1125 (void)fclose(cf); 1126 1127 Initialized = 1; 1128 1129 if (Debug) { 1130 for (f = Files; f; f = f->f_next) { 1131 for (i = 0; i <= LOG_NFACILITIES; i++) 1132 if (f->f_pmask[i] == INTERNAL_NOPRI) 1133 printf("X "); 1134 else 1135 printf("%d ", f->f_pmask[i]); 1136 printf("%s: ", TypeNames[f->f_type]); 1137 switch (f->f_type) { 1138 case F_FILE: 1139 case F_TTY: 1140 case F_CONSOLE: 1141 printf("%s", f->f_un.f_fname); 1142 break; 1143 1144 case F_FORW: 1145 printf("%s", f->f_un.f_forw.f_hname); 1146 break; 1147 1148 case F_USERS: 1149 for (i = 0; 1150 i < MAXUNAMES && *f->f_un.f_uname[i]; i++) 1151 printf("%s, ", f->f_un.f_uname[i]); 1152 break; 1153 } 1154 printf("\n"); 1155 } 1156 } 1157 1158 finet = socksetup(PF_UNSPEC); 1159 if (finet) { 1160 if (SecureMode) { 1161 for (i = 0; i < *finet; i++) { 1162 if (shutdown(finet[i+1], SHUT_RD) < 0) { 1163 logerror("shutdown"); 1164 die(0); 1165 } 1166 } 1167 } else 1168 dprintf("listening on inet and/or inet6 socket\n"); 1169 dprintf("sending on inet and/or inet6 socket\n"); 1170 } 1171 1172 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE); 1173 dprintf("syslogd: restarted\n"); 1174 } 1175 1176 /* 1177 * Crack a configuration file line 1178 */ 1179 void 1180 cfline(line, f) 1181 char *line; 1182 struct filed *f; 1183 { 1184 struct addrinfo hints, *res; 1185 int error, i, pri; 1186 char *bp, *p, *q; 1187 char buf[MAXLINE], ebuf[100]; 1188 1189 dprintf("cfline(%s)\n", line); 1190 1191 errno = 0; /* keep strerror() stuff out of logerror messages */ 1192 1193 /* clear out file entry */ 1194 memset(f, 0, sizeof(*f)); 1195 for (i = 0; i <= LOG_NFACILITIES; i++) 1196 f->f_pmask[i] = INTERNAL_NOPRI; 1197 1198 /* scan through the list of selectors */ 1199 for (p = line; *p && *p != '\t';) { 1200 1201 /* find the end of this facility name list */ 1202 for (q = p; *q && *q != '\t' && *q++ != '.'; ) 1203 continue; 1204 1205 /* collect priority name */ 1206 for (bp = buf; *q && !strchr("\t,;", *q); ) 1207 *bp++ = *q++; 1208 *bp = '\0'; 1209 1210 /* skip cruft */ 1211 while (strchr(", ;", *q)) 1212 q++; 1213 1214 /* decode priority name */ 1215 if (*buf == '*') 1216 pri = LOG_PRIMASK + 1; 1217 else { 1218 pri = decode(buf, prioritynames); 1219 if (pri < 0) { 1220 (void)snprintf(ebuf, sizeof ebuf, 1221 "unknown priority name \"%s\"", buf); 1222 logerror(ebuf); 1223 return; 1224 } 1225 } 1226 1227 /* scan facilities */ 1228 while (*p && !strchr("\t.;", *p)) { 1229 for (bp = buf; *p && !strchr("\t,;.", *p); ) 1230 *bp++ = *p++; 1231 *bp = '\0'; 1232 if (*buf == '*') 1233 for (i = 0; i < LOG_NFACILITIES; i++) 1234 f->f_pmask[i] = pri; 1235 else { 1236 i = decode(buf, facilitynames); 1237 if (i < 0) { 1238 (void)snprintf(ebuf, sizeof ebuf, 1239 "unknown facility name \"%s\"", 1240 buf); 1241 logerror(ebuf); 1242 return; 1243 } 1244 f->f_pmask[i >> 3] = pri; 1245 } 1246 while (*p == ',' || *p == ' ') 1247 p++; 1248 } 1249 1250 p = q; 1251 } 1252 1253 /* skip to action part */ 1254 while (*p == '\t') 1255 p++; 1256 1257 switch (*p) 1258 { 1259 case '@': 1260 (void)strcpy(f->f_un.f_forw.f_hname, ++p); 1261 memset(&hints, 0, sizeof(hints)); 1262 hints.ai_family = AF_UNSPEC; 1263 hints.ai_socktype = SOCK_DGRAM; 1264 hints.ai_protocol = 0; 1265 error = getaddrinfo(f->f_un.f_forw.f_hname, "syslog", &hints, 1266 &res); 1267 if (error) { 1268 logerror(gai_strerror(error)); 1269 break; 1270 } 1271 f->f_un.f_forw.f_addr = res; 1272 f->f_type = F_FORW; 1273 NumForwards++; 1274 break; 1275 1276 case '/': 1277 (void)strcpy(f->f_un.f_fname, p); 1278 if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) { 1279 f->f_type = F_UNUSED; 1280 logerror(p); 1281 break; 1282 } 1283 if (isatty(f->f_file)) 1284 f->f_type = F_TTY; 1285 else 1286 f->f_type = F_FILE; 1287 if (strcmp(p, ctty) == 0) 1288 f->f_type = F_CONSOLE; 1289 break; 1290 1291 case '*': 1292 f->f_type = F_WALL; 1293 break; 1294 1295 default: 1296 for (i = 0; i < MAXUNAMES && *p; i++) { 1297 for (q = p; *q && *q != ','; ) 1298 q++; 1299 (void)strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE); 1300 if ((q - p) > UT_NAMESIZE) 1301 f->f_un.f_uname[i][UT_NAMESIZE] = '\0'; 1302 else 1303 f->f_un.f_uname[i][q - p] = '\0'; 1304 while (*q == ',' || *q == ' ') 1305 q++; 1306 p = q; 1307 } 1308 f->f_type = F_USERS; 1309 break; 1310 } 1311 } 1312 1313 1314 /* 1315 * Decode a symbolic name to a numeric value 1316 */ 1317 int 1318 decode(name, codetab) 1319 const char *name; 1320 CODE *codetab; 1321 { 1322 CODE *c; 1323 char *p, buf[40]; 1324 1325 if (isdigit(*name)) 1326 return (atoi(name)); 1327 1328 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) { 1329 if (isupper(*name)) 1330 *p = tolower(*name); 1331 else 1332 *p = *name; 1333 } 1334 *p = '\0'; 1335 for (c = codetab; c->c_name; c++) 1336 if (!strcmp(buf, c->c_name)) 1337 return (c->c_val); 1338 1339 return (-1); 1340 } 1341 1342 /* 1343 * Retrieve the size of the kernel message buffer, via sysctl. 1344 */ 1345 int 1346 getmsgbufsize() 1347 { 1348 int msgbufsize, mib[2]; 1349 size_t size; 1350 1351 mib[0] = CTL_KERN; 1352 mib[1] = KERN_MSGBUFSIZE; 1353 size = sizeof msgbufsize; 1354 if (sysctl(mib, 2, &msgbufsize, &size, NULL, 0) == -1) { 1355 dprintf("couldn't get kern.msgbufsize\n"); 1356 return (0); 1357 } 1358 return (msgbufsize); 1359 } 1360 1361 int * 1362 socksetup(af) 1363 int af; 1364 { 1365 struct addrinfo hints, *res, *r; 1366 int error, maxs, *s, *socks; 1367 1368 if(SecureMode && !NumForwards) 1369 return(NULL); 1370 1371 memset(&hints, 0, sizeof(hints)); 1372 hints.ai_flags = AI_PASSIVE; 1373 hints.ai_family = af; 1374 hints.ai_socktype = SOCK_DGRAM; 1375 error = getaddrinfo(NULL, "syslog", &hints, &res); 1376 if (error) { 1377 logerror(gai_strerror(error)); 1378 errno = 0; 1379 die(0); 1380 } 1381 1382 /* Count max number of sockets we may open */ 1383 for (maxs = 0, r = res; r; r = r->ai_next, maxs++) 1384 continue; 1385 socks = malloc ((maxs+1) * sizeof(int)); 1386 if (!socks) { 1387 logerror("couldn't allocate memory for sockets"); 1388 die(0); 1389 } 1390 1391 *socks = 0; /* num of sockets counter at start of array */ 1392 s = socks+1; 1393 for (r = res; r; r = r->ai_next) { 1394 *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); 1395 if (*s < 0) { 1396 logerror("socket"); 1397 continue; 1398 } 1399 if (!SecureMode && bind(*s, r->ai_addr, r->ai_addrlen) < 0) { 1400 close (*s); 1401 logerror("bind"); 1402 continue; 1403 } 1404 1405 *socks = *socks + 1; 1406 s++; 1407 } 1408 1409 if (*socks == 0) { 1410 free (socks); 1411 if(Debug) 1412 return(NULL); 1413 else 1414 die(0); 1415 } 1416 if (res) 1417 freeaddrinfo(res); 1418 1419 return(socks); 1420 } 1421
Indexes created Fri Sep 26 20:09:58 GMT 2025