1 /* $NetBSD: syslogd.c,v 1.39 2000/07/02 02:15:34 jwise Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1988, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 __COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993, 1994\n\ 39 The Regents of the University of California. All rights reserved.\n"); 40 #endif /* not lint */ 41 42 #ifndef lint 43 #if 0 44 static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; 45 #else 46 __RCSID("$NetBSD: syslogd.c,v 1.39 2000/07/02 02:15:34 jwise Exp $"); 47 #endif 48 #endif /* not lint */ 49 50 /* 51 * syslogd -- log system messages 52 * 53 * This program implements a system log. It takes a series of lines. 54 * Each line may have a priority, signified as "<n>" as 55 * the first characters of the line. If this is 56 * not present, a default priority is used. 57 * 58 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will 59 * cause it to reread its configuration file. 60 * 61 * Defined Constants: 62 * 63 * MAXLINE -- the maximimum line length that can be handled. 64 * DEFUPRI -- the default priority for user messages 65 * DEFSPRI -- the default priority for kernel messages 66 * 67 * Author: Eric Allman 68 * extensive changes by Ralph Campbell 69 * more extensive changes by Eric Allman (again) 70 */ 71 72 #define MAXLINE 1024 /* maximum line length */ 73 #define MAXSVLINE 120 /* maximum saved line length */ 74 #define DEFUPRI (LOG_USER|LOG_NOTICE) 75 #define DEFSPRI (LOG_KERN|LOG_CRIT) 76 #define TIMERINTVL 30 /* interval for checking flush, mark */ 77 #define TTYMSGTIME 1 /* timeout passed to ttymsg */ 78 79 #include <sys/param.h> 80 #include <sys/ioctl.h> 81 #include <sys/stat.h> 82 #include <sys/wait.h> 83 #include <sys/socket.h> 84 #include <sys/msgbuf.h> 85 #include <sys/uio.h> 86 #include <sys/poll.h> 87 #include <sys/un.h> 88 #include <sys/time.h> 89 #include <sys/resource.h> 90 #include <sys/sysctl.h> 91 92 #include <netinet/in.h> 93 #include <netdb.h> 94 #include <arpa/inet.h> 95 96 #include <ctype.h> 97 #include <errno.h> 98 #include <fcntl.h> 99 #include <setjmp.h> 100 #include <signal.h> 101 #include <stdio.h> 102 #include <stdlib.h> 103 #include <string.h> 104 #include <unistd.h> 105 #include <utmp.h> 106 #include <util.h> 107 #include "pathnames.h" 108 109 #define SYSLOG_NAMES 110 #include <sys/syslog.h> 111 112 char *ConfFile = _PATH_LOGCONF; 113 char ctty[] = _PATH_CONSOLE; 114 115 #define FDMASK(fd) (1 << (fd)) 116 117 #define dprintf if (Debug) printf 118 119 #define MAXUNAMES 20 /* maximum number of user names */ 120 121 /* 122 * Flags to logmsg(). 123 */ 124 125 #define IGN_CONS 0x001 /* don't print on console */ 126 #define SYNC_FILE 0x002 /* do fsync on file after printing */ 127 #define ADDDATE 0x004 /* add a date to the message */ 128 #define MARK 0x008 /* this message is a mark */ 129 130 /* 131 * This structure represents the files that will have log 132 * copies printed. 133 */ 134 135 struct filed { 136 struct filed *f_next; /* next in linked list */ 137 short f_type; /* entry type, see below */ 138 short f_file; /* file descriptor */ 139 time_t f_time; /* time this was last written */ 140 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ 141 union { 142 char f_uname[MAXUNAMES][UT_NAMESIZE+1]; 143 struct { 144 char f_hname[MAXHOSTNAMELEN+1]; 145 struct addrinfo *f_addr; 146 } f_forw; /* forwarding address */ 147 char f_fname[MAXPATHLEN]; 148 } f_un; 149 char f_prevline[MAXSVLINE]; /* last message logged */ 150 char f_lasttime[16]; /* time of last occurrence */ 151 char f_prevhost[MAXHOSTNAMELEN+1]; /* host from which recd. */ 152 int f_prevpri; /* pri of f_prevline */ 153 int f_prevlen; /* length of f_prevline */ 154 int f_prevcount; /* repetition cnt of prevline */ 155 int f_repeatcount; /* number of "repeated" msgs */ 156 }; 157 158 /* 159 * Intervals at which we flush out "message repeated" messages, 160 * in seconds after previous message is logged. After each flush, 161 * we move to the next interval until we reach the largest. 162 */ 163 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ 164 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1) 165 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount]) 166 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \ 167 (f)->f_repeatcount = MAXREPEAT; \ 168 } 169 170 /* values for f_type */ 171 #define F_UNUSED 0 /* unused entry */ 172 #define F_FILE 1 /* regular file */ 173 #define F_TTY 2 /* terminal */ 174 #define F_CONSOLE 3 /* console terminal */ 175 #define F_FORW 4 /* remote machine */ 176 #define F_USERS 5 /* list of users */ 177 #define F_WALL 6 /* everyone logged on */ 178 179 char *TypeNames[7] = { 180 "UNUSED", "FILE", "TTY", "CONSOLE", 181 "FORW", "USERS", "WALL" 182 }; 183 184 struct filed *Files; 185 struct filed consfile; 186 187 int Debug; /* debug flag */ 188 char LocalHostName[MAXHOSTNAMELEN+1]; /* our hostname */ 189 char *LocalDomain; /* our local domain name */ 190 int *finet = NULL; /* Internet datagram sockets */ 191 int Initialized = 0; /* set when we have initialized ourselves */ 192 int MarkInterval = 20 * 60; /* interval between marks in seconds */ 193 int MarkSeq = 0; /* mark sequence number */ 194 int SecureMode = 0; /* listen only on unix domain socks */ 195 int NumForwards = 0; /* number of forwarding actions in conf file */ 196 char **LogPaths; /* array of pathnames to read messages from */ 197 198 void cfline __P((char *, struct filed *)); 199 char *cvthname __P((struct sockaddr_storage *)); 200 int decode __P((const char *, CODE *)); 201 void die __P((int)); 202 void domark __P((int)); 203 void fprintlog __P((struct filed *, int, char *)); 204 int getmsgbufsize __P((void)); 205 int* socksetup __P((int)); 206 void init __P((int)); 207 void logerror __P((char *)); 208 void logmsg __P((int, char *, char *, int)); 209 void printline __P((char *, char *)); 210 void printsys __P((char *)); 211 void reapchild __P((int)); 212 void usage __P((void)); 213 void wallmsg __P((struct filed *, struct iovec *)); 214 int main __P((int, char *[])); 215 void logpath_add __P((char ***, int *, int *, char *)); 216 void logpath_fileadd __P((char ***, int *, int *, char *)); 217 218 int 219 main(argc, argv) 220 int argc; 221 char *argv[]; 222 { 223 int ch, *funix, i, j, fklog, len, linesize; 224 int *nfinetix, nfklogix, nfunixbaseix, nfds; 225 int funixsize = 0, funixmaxsize = 0; 226 struct sockaddr_un sunx, fromunix; 227 struct sockaddr_storage frominet; 228 char *p, *line, **pp; 229 struct pollfd *readfds; 230 231 while ((ch = getopt(argc, argv, "dsf:m:p:P:")) != -1) 232 switch(ch) { 233 case 'd': /* debug */ 234 Debug++; 235 break; 236 case 'f': /* configuration file */ 237 ConfFile = optarg; 238 break; 239 case 'm': /* mark interval */ 240 MarkInterval = atoi(optarg) * 60; 241 break; 242 case 'p': /* path */ 243 logpath_add(&LogPaths, &funixsize, 244 &funixmaxsize, optarg); 245 break; 246 case 'P': /* file of paths */ 247 logpath_fileadd(&LogPaths, &funixsize, 248 &funixmaxsize, optarg); 249 break; 250 case 's': /* no network listen mode */ 251 SecureMode++; 252 break; 253 case '?': 254 default: 255 usage(); 256 } 257 if ((argc -= optind) != 0) 258 usage(); 259 260 if (!Debug) 261 (void)daemon(0, 0); 262 else 263 setlinebuf(stdout); 264 265 consfile.f_type = F_CONSOLE; 266 (void)strcpy(consfile.f_un.f_fname, ctty); 267 (void)gethostname(LocalHostName, sizeof(LocalHostName)); 268 LocalHostName[sizeof(LocalHostName) - 1] = '\0'; 269 if ((p = strchr(LocalHostName, '.')) != NULL) { 270 *p++ = '\0'; 271 LocalDomain = p; 272 } else 273 LocalDomain = ""; 274 linesize = getmsgbufsize(); 275 if (linesize < MAXLINE) 276 linesize = MAXLINE; 277 linesize++; 278 line = malloc(linesize); 279 if (line == NULL) { 280 logerror("couldn't allocate line buffer"); 281 die(0); 282 } 283 (void)signal(SIGTERM, die); 284 (void)signal(SIGINT, Debug ? die : SIG_IGN); 285 (void)signal(SIGQUIT, Debug ? die : SIG_IGN); 286 (void)signal(SIGCHLD, reapchild); 287 (void)signal(SIGALRM, domark); 288 (void)alarm(TIMERINTVL); 289 290 #ifndef SUN_LEN 291 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) 292 #endif 293 if (funixsize == 0) 294 logpath_add(&LogPaths, &funixsize, 295 &funixmaxsize, _PATH_LOG); 296 funix = (int *)malloc(sizeof(int) * funixsize); 297 if (funix == NULL) { 298 logerror("couldn't allocate funix descriptors"); 299 die(0); 300 } 301 for (j = 0, pp = LogPaths; *pp; pp++, j++) { 302 dprintf("making unix dgram socket %s\n", *pp); 303 unlink(*pp); 304 memset(&sunx, 0, sizeof(sunx)); 305 sunx.sun_family = AF_LOCAL; 306 (void)strncpy(sunx.sun_path, *pp, sizeof(sunx.sun_path)); 307 funix[j] = socket(AF_LOCAL, SOCK_DGRAM, 0); 308 if (funix[j] < 0 || bind(funix[j], 309 (struct sockaddr *)&sunx, SUN_LEN(&sunx)) < 0 || 310 chmod(*pp, 0666) < 0) { 311 int serrno = errno; 312 (void)snprintf(line, sizeof line, 313 "cannot create %s", *pp); 314 errno = serrno; 315 logerror(line); 316 errno = serrno; 317 dprintf("cannot create %s (%d)\n", *pp, errno); 318 die(0); 319 } 320 dprintf("listening on unix dgram socket %s\n", *pp); 321 } 322 323 init(0); 324 325 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) < 0) { 326 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno); 327 } else { 328 dprintf("listening on kernel log %s\n", _PATH_KLOG); 329 } 330 331 /* tuck my process id away, if i'm not in debug mode */ 332 if (Debug == 0) 333 pidfile(NULL); 334 335 dprintf("off & running....\n"); 336 337 (void)signal(SIGHUP, init); 338 339 /* setup pollfd set. */ 340 readfds = (struct pollfd *)malloc(sizeof(struct pollfd) * 341 (funixsize + (finet ? *finet : 0) + 1)); 342 if (readfds == NULL) { 343 logerror("couldn't allocate pollfds"); 344 die(0); 345 } 346 nfds = 0; 347 if (fklog >= 0) { 348 nfklogix = nfds++; 349 readfds[nfklogix].fd = fklog; 350 readfds[nfklogix].events = POLLIN | POLLPRI; 351 } 352 if (finet && !SecureMode) { 353 nfinetix = malloc(*finet * sizeof(*nfinetix)); 354 for (j = 0; j < *finet; j++) { 355 nfinetix[j] = nfds++; 356 readfds[nfinetix[j]].fd = finet[j+1]; 357 readfds[nfinetix[j]].events = POLLIN | POLLPRI; 358 } 359 } 360 nfunixbaseix = nfds; 361 for (j = 0, pp = LogPaths; *pp; pp++) { 362 readfds[nfds].fd = funix[j++]; 363 readfds[nfds++].events = POLLIN | POLLPRI; 364 } 365 366 for (;;) { 367 int rv; 368 369 rv = poll(readfds, nfds, INFTIM); 370 if (rv == 0) 371 continue; 372 if (rv < 0) { 373 if (errno != EINTR) 374 logerror("poll"); 375 continue; 376 } 377 dprintf("got a message (%d)\n", rv); 378 if (fklog >= 0 && 379 (readfds[nfklogix].revents & (POLLIN | POLLPRI))) { 380 dprintf("kernel log active\n"); 381 i = read(fklog, line, linesize - 1); 382 if (i > 0) { 383 line[i] = '\0'; 384 printsys(line); 385 } else if (i < 0 && errno != EINTR) { 386 logerror("klog"); 387 fklog = -1; 388 } 389 } 390 for (j = 0, pp = LogPaths; *pp; pp++, j++) { 391 if ((readfds[nfunixbaseix + j].revents & 392 (POLLIN | POLLPRI)) == 0) 393 continue; 394 395 dprintf("unix socket (%s) active\n", *pp); 396 len = sizeof(fromunix); 397 i = recvfrom(funix[j], line, MAXLINE, 0, 398 (struct sockaddr *)&fromunix, &len); 399 if (i > 0) { 400 line[i] = '\0'; 401 printline(LocalHostName, line); 402 } else if (i < 0 && errno != EINTR) { 403 char buf[MAXPATHLEN]; 404 int serrno = errno; 405 406 (void)snprintf(buf, sizeof buf, 407 "recvfrom unix %s", *pp); 408 errno = serrno; 409 logerror(buf); 410 } 411 } 412 if (finet && !SecureMode) { 413 for (j = 0; j < *finet; j++) { 414 if (readfds[nfinetix[j]].revents & 415 (POLLIN | POLLPRI)) { 416 dprintf("inet socket active\n"); 417 len = sizeof(frominet); 418 i = recvfrom(finet[j+1], line, MAXLINE, 419 0, (struct sockaddr *)&frominet, 420 &len); 421 if (i > 0) { 422 line[i] = '\0'; 423 printline(cvthname(&frominet), 424 line); 425 } else if (i < 0 && errno != EINTR) 426 logerror("recvfrom inet"); 427 } 428 } 429 } 430 } 431 } 432 433 void 434 usage() 435 { 436 extern char *__progname; 437 438 (void)fprintf(stderr, 439 "usage: %s [-ds] [-f conffile] [-m markinterval] [-P logpathfile] [-p logpath1] [-p logpath2 ..]\n", 440 __progname); 441 exit(1); 442 } 443 444 /* 445 * given a pointer to an array of char *'s, a pointer to it's current 446 * size and current allocated max size, and a new char * to add, add 447 * it, update everything as necessary, possibly allocating a new array 448 */ 449 void 450 logpath_add(lp, szp, maxszp, new) 451 char ***lp; 452 int *szp; 453 int *maxszp; 454 char *new; 455 { 456 457 dprintf("adding %s to the %p logpath list\n", new, *lp); 458 if (*szp == *maxszp) { 459 if (*maxszp == 0) { 460 *maxszp = 4; /* start of with enough for now */ 461 *lp = NULL; 462 } 463 else 464 *maxszp *= 2; 465 *lp = realloc(*lp, sizeof(char *) * (*maxszp + 1)); 466 if (*lp == NULL) { 467 logerror("couldn't allocate line buffer"); 468 die(0); 469 } 470 } 471 (*lp)[(*szp)++] = new; 472 (*lp)[(*szp)] = NULL; /* always keep it NULL terminated */ 473 } 474 475 /* do a file of log sockets */ 476 void 477 logpath_fileadd(lp, szp, maxszp, file) 478 char ***lp; 479 int *szp; 480 int *maxszp; 481 char *file; 482 { 483 FILE *fp; 484 char *line; 485 size_t len; 486 487 fp = fopen(file, "r"); 488 if (fp == NULL) { 489 int serrno = errno; 490 491 dprintf("can't open %s (%d)\n", file, errno); 492 errno = serrno; 493 logerror("could not open socket file list"); 494 die(0); 495 } 496 497 while ((line = fgetln(fp, &len))) { 498 line[len - 1] = 0; 499 logpath_add(lp, szp, maxszp, line); 500 } 501 fclose(fp); 502 } 503 504 /* 505 * Take a raw input line, decode the message, and print the message 506 * on the appropriate log files. 507 */ 508 void 509 printline(hname, msg) 510 char *hname; 511 char *msg; 512 { 513 int c, pri; 514 char *p, *q, line[MAXLINE + 1]; 515 516 /* test for special codes */ 517 pri = DEFUPRI; 518 p = msg; 519 if (*p == '<') { 520 pri = 0; 521 while (isdigit(*++p)) 522 pri = 10 * pri + (*p - '0'); 523 if (*p == '>') 524 ++p; 525 } 526 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 527 pri = DEFUPRI; 528 529 /* don't allow users to log kernel messages */ 530 if (LOG_FAC(pri) == LOG_KERN) 531 pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri)); 532 533 q = line; 534 535 while ((c = *p++ & 0177) != '\0' && 536 q < &line[sizeof(line) - 1]) 537 if (iscntrl(c)) 538 if (c == '\n') 539 *q++ = ' '; 540 else if (c == '\t') 541 *q++ = '\t'; 542 else { 543 *q++ = '^'; 544 *q++ = c ^ 0100; 545 } 546 else 547 *q++ = c; 548 *q = '\0'; 549 550 logmsg(pri, line, hname, 0); 551 } 552 553 /* 554 * Take a raw input line from /dev/klog, split and format similar to syslog(). 555 */ 556 void 557 printsys(msg) 558 char *msg; 559 { 560 int c, pri, flags; 561 char *lp, *p, *q, line[MAXLINE + 1]; 562 563 (void)strcpy(line, _PATH_UNIX); 564 (void)strcat(line, ": "); 565 lp = line + strlen(line); 566 for (p = msg; *p != '\0'; ) { 567 flags = SYNC_FILE | ADDDATE; /* fsync file after write */ 568 pri = DEFSPRI; 569 if (*p == '<') { 570 pri = 0; 571 while (isdigit(*++p)) 572 pri = 10 * pri + (*p - '0'); 573 if (*p == '>') 574 ++p; 575 } else { 576 /* kernel printf's come out on console */ 577 flags |= IGN_CONS; 578 } 579 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 580 pri = DEFSPRI; 581 q = lp; 582 while (*p != '\0' && (c = *p++) != '\n' && 583 q < &line[MAXLINE]) 584 *q++ = c; 585 *q = '\0'; 586 logmsg(pri, line, LocalHostName, flags); 587 } 588 } 589 590 time_t now; 591 592 /* 593 * Log a message to the appropriate log files, users, etc. based on 594 * the priority. 595 */ 596 void 597 logmsg(pri, msg, from, flags) 598 int pri; 599 char *msg, *from; 600 int flags; 601 { 602 struct filed *f; 603 int fac, msglen, omask, prilev; 604 char *timestamp; 605 606 dprintf("logmsg: pri 0%o, flags 0x%x, from %s, msg %s\n", 607 pri, flags, from, msg); 608 609 omask = sigblock(sigmask(SIGHUP)|sigmask(SIGALRM)); 610 611 /* 612 * Check to see if msg looks non-standard. 613 */ 614 msglen = strlen(msg); 615 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' || 616 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ') 617 flags |= ADDDATE; 618 619 (void)time(&now); 620 if (flags & ADDDATE) 621 timestamp = ctime(&now) + 4; 622 else { 623 timestamp = msg; 624 msg += 16; 625 msglen -= 16; 626 } 627 628 /* extract facility and priority level */ 629 if (flags & MARK) 630 fac = LOG_NFACILITIES; 631 else 632 fac = LOG_FAC(pri); 633 prilev = LOG_PRI(pri); 634 635 /* log the message to the particular outputs */ 636 if (!Initialized) { 637 f = &consfile; 638 f->f_file = open(ctty, O_WRONLY, 0); 639 640 if (f->f_file >= 0) { 641 fprintlog(f, flags, msg); 642 (void)close(f->f_file); 643 } 644 (void)sigsetmask(omask); 645 return; 646 } 647 for (f = Files; f; f = f->f_next) { 648 /* skip messages that are incorrect priority */ 649 if (f->f_pmask[fac] < prilev || 650 f->f_pmask[fac] == INTERNAL_NOPRI) 651 continue; 652 653 if (f->f_type == F_CONSOLE && (flags & IGN_CONS)) 654 continue; 655 656 /* don't output marks to recently written files */ 657 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2) 658 continue; 659 660 /* 661 * suppress duplicate lines to this file 662 */ 663 if ((flags & MARK) == 0 && msglen == f->f_prevlen && 664 !strcmp(msg, f->f_prevline) && 665 !strcmp(from, f->f_prevhost)) { 666 (void)strncpy(f->f_lasttime, timestamp, 15); 667 f->f_prevcount++; 668 dprintf("msg repeated %d times, %ld sec of %d\n", 669 f->f_prevcount, (long)(now - f->f_time), 670 repeatinterval[f->f_repeatcount]); 671 /* 672 * If domark would have logged this by now, 673 * flush it now (so we don't hold isolated messages), 674 * but back off so we'll flush less often 675 * in the future. 676 */ 677 if (now > REPEATTIME(f)) { 678 fprintlog(f, flags, (char *)NULL); 679 BACKOFF(f); 680 } 681 } else { 682 /* new line, save it */ 683 if (f->f_prevcount) 684 fprintlog(f, 0, (char *)NULL); 685 f->f_repeatcount = 0; 686 f->f_prevpri = pri; 687 (void)strncpy(f->f_lasttime, timestamp, 15); 688 (void)strncpy(f->f_prevhost, from, 689 sizeof(f->f_prevhost)); 690 if (msglen < MAXSVLINE) { 691 f->f_prevlen = msglen; 692 (void)strcpy(f->f_prevline, msg); 693 fprintlog(f, flags, (char *)NULL); 694 } else { 695 f->f_prevline[0] = 0; 696 f->f_prevlen = 0; 697 fprintlog(f, flags, msg); 698 } 699 } 700 } 701 (void)sigsetmask(omask); 702 } 703 704 void 705 fprintlog(f, flags, msg) 706 struct filed *f; 707 int flags; 708 char *msg; 709 { 710 struct iovec iov[6]; 711 struct iovec *v; 712 struct addrinfo *r; 713 int j, l, lsent; 714 char line[MAXLINE + 1], repbuf[80], greetings[200]; 715 716 v = iov; 717 if (f->f_type == F_WALL) { 718 v->iov_base = greetings; 719 v->iov_len = snprintf(greetings, sizeof greetings, 720 "\r\n\7Message from syslogd@%s at %.24s ...\r\n", 721 f->f_prevhost, ctime(&now)); 722 v++; 723 v->iov_base = ""; 724 v->iov_len = 0; 725 v++; 726 } else { 727 v->iov_base = f->f_lasttime; 728 v->iov_len = 15; 729 v++; 730 v->iov_base = " "; 731 v->iov_len = 1; 732 v++; 733 } 734 v->iov_base = f->f_prevhost; 735 v->iov_len = strlen(v->iov_base); 736 v++; 737 v->iov_base = " "; 738 v->iov_len = 1; 739 v++; 740 741 if (msg) { 742 v->iov_base = msg; 743 v->iov_len = strlen(msg); 744 } else if (f->f_prevcount > 1) { 745 v->iov_base = repbuf; 746 v->iov_len = snprintf(repbuf, sizeof repbuf, 747 "last message repeated %d times", f->f_prevcount); 748 } else { 749 v->iov_base = f->f_prevline; 750 v->iov_len = f->f_prevlen; 751 } 752 v++; 753 754 dprintf("Logging to %s", TypeNames[f->f_type]); 755 f->f_time = now; 756 757 switch (f->f_type) { 758 case F_UNUSED: 759 dprintf("\n"); 760 break; 761 762 case F_FORW: 763 dprintf(" %s\n", f->f_un.f_forw.f_hname); 764 /* 765 * check for local vs remote messages 766 * (from FreeBSD PR#bin/7055) 767 */ 768 if (strcmp(f->f_prevhost, LocalHostName)) { 769 l = snprintf(line, sizeof(line) - 1, 770 "<%d>%.15s [%s]: %s", 771 f->f_prevpri, (char *) iov[0].iov_base, 772 f->f_prevhost, (char *) iov[4].iov_base); 773 } else { 774 l = snprintf(line, sizeof(line) - 1, "<%d>%.15s %s", 775 f->f_prevpri, (char *) iov[0].iov_base, 776 (char *) iov[4].iov_base); 777 } 778 if (l > MAXLINE) 779 l = MAXLINE; 780 if (finet) { 781 for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) { 782 for (j = 0; j < *finet; j++) { 783 #if 0 784 /* 785 * should we check AF first, or just 786 * trial and error? FWD 787 */ 788 if (r->ai_family == 789 address_family_of(finet[j+1])) 790 #endif 791 lsent = sendto(finet[j+1], line, l, 0, 792 r->ai_addr, r->ai_addrlen); 793 if (lsent == l) 794 break; 795 } 796 } 797 if (lsent != l) { 798 f->f_type = F_UNUSED; 799 logerror("sendto"); 800 } 801 } 802 break; 803 804 case F_CONSOLE: 805 if (flags & IGN_CONS) { 806 dprintf(" (ignored)\n"); 807 break; 808 } 809 /* FALLTHROUGH */ 810 811 case F_TTY: 812 case F_FILE: 813 dprintf(" %s\n", f->f_un.f_fname); 814 if (f->f_type != F_FILE) { 815 v->iov_base = "\r\n"; 816 v->iov_len = 2; 817 } else { 818 v->iov_base = "\n"; 819 v->iov_len = 1; 820 } 821 again: 822 if (writev(f->f_file, iov, 6) < 0) { 823 int e = errno; 824 (void)close(f->f_file); 825 /* 826 * Check for errors on TTY's due to loss of tty 827 */ 828 if ((e == EIO || e == EBADF) && f->f_type != F_FILE) { 829 f->f_file = open(f->f_un.f_fname, 830 O_WRONLY|O_APPEND, 0); 831 if (f->f_file < 0) { 832 f->f_type = F_UNUSED; 833 logerror(f->f_un.f_fname); 834 } else 835 goto again; 836 } else { 837 f->f_type = F_UNUSED; 838 errno = e; 839 logerror(f->f_un.f_fname); 840 } 841 } else if (flags & SYNC_FILE) 842 (void)fsync(f->f_file); 843 break; 844 845 case F_USERS: 846 case F_WALL: 847 dprintf("\n"); 848 v->iov_base = "\r\n"; 849 v->iov_len = 2; 850 wallmsg(f, iov); 851 break; 852 } 853 f->f_prevcount = 0; 854 } 855 856 /* 857 * WALLMSG -- Write a message to the world at large 858 * 859 * Write the specified message to either the entire 860 * world, or a list of approved users. 861 */ 862 void 863 wallmsg(f, iov) 864 struct filed *f; 865 struct iovec *iov; 866 { 867 static int reenter; /* avoid calling ourselves */ 868 FILE *uf; 869 struct utmp ut; 870 int i; 871 char *p; 872 char line[sizeof(ut.ut_line) + 1]; 873 874 if (reenter++) 875 return; 876 if ((uf = fopen(_PATH_UTMP, "r")) == NULL) { 877 logerror(_PATH_UTMP); 878 reenter = 0; 879 return; 880 } 881 /* NOSTRICT */ 882 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) { 883 if (ut.ut_name[0] == '\0') 884 continue; 885 strncpy(line, ut.ut_line, sizeof(ut.ut_line)); 886 line[sizeof(ut.ut_line)] = '\0'; 887 if (f->f_type == F_WALL) { 888 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) != NULL) { 889 errno = 0; /* already in msg */ 890 logerror(p); 891 } 892 continue; 893 } 894 /* should we send the message to this user? */ 895 for (i = 0; i < MAXUNAMES; i++) { 896 if (!f->f_un.f_uname[i][0]) 897 break; 898 if (!strncmp(f->f_un.f_uname[i], ut.ut_name, 899 UT_NAMESIZE)) { 900 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) 901 != NULL) { 902 errno = 0; /* already in msg */ 903 logerror(p); 904 } 905 break; 906 } 907 } 908 } 909 (void)fclose(uf); 910 reenter = 0; 911 } 912 913 void 914 reapchild(signo) 915 int signo; 916 { 917 union wait status; 918 919 while (wait3((int *)&status, WNOHANG, (struct rusage *)NULL) > 0) 920 ; 921 } 922 923 /* 924 * Return a printable representation of a host address. 925 */ 926 char * 927 cvthname(f) 928 struct sockaddr_storage *f; 929 { 930 int error; 931 char *p; 932 #ifdef KAME_SCOPEID 933 const int niflag = NI_DGRAM | NI_WITHSCOPEID; 934 #else 935 const int niflag = NI_DGRAM; 936 #endif 937 static char host[NI_MAXHOST], ip[NI_MAXHOST]; 938 939 error = getnameinfo((struct sockaddr*)f, ((struct sockaddr*)f)->sa_len, 940 ip, sizeof ip, NULL, 0, NI_NUMERICHOST|niflag); 941 942 dprintf("cvthname(%s)\n", ip); 943 944 if (error) { 945 dprintf("Malformed from address %s\n", gai_strerror(error)); 946 return ("???"); 947 } 948 949 error = getnameinfo((struct sockaddr*)f, ((struct sockaddr*)f)->sa_len, 950 host, sizeof host, NULL, 0, niflag); 951 if (error) { 952 dprintf("Host name for your address (%s) unknown\n", ip); 953 return (ip); 954 } 955 if ((p = strchr(host, '.')) && strcmp(p + 1, LocalDomain) == 0) 956 *p = '\0'; 957 return (host); 958 } 959 960 void 961 domark(signo) 962 int signo; 963 { 964 struct filed *f; 965 966 now = time((time_t *)NULL); 967 MarkSeq += TIMERINTVL; 968 if (MarkSeq >= MarkInterval) { 969 logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK); 970 MarkSeq = 0; 971 } 972 973 for (f = Files; f; f = f->f_next) { 974 if (f->f_prevcount && now >= REPEATTIME(f)) { 975 dprintf("flush %s: repeated %d times, %d sec.\n", 976 TypeNames[f->f_type], f->f_prevcount, 977 repeatinterval[f->f_repeatcount]); 978 fprintlog(f, 0, (char *)NULL); 979 BACKOFF(f); 980 } 981 } 982 (void)alarm(TIMERINTVL); 983 } 984 985 /* 986 * Print syslogd errors some place. 987 */ 988 void 989 logerror(type) 990 char *type; 991 { 992 char buf[100]; 993 994 if (errno) 995 (void)snprintf(buf, 996 sizeof(buf), "syslogd: %s: %s", type, strerror(errno)); 997 else 998 (void)snprintf(buf, sizeof(buf), "syslogd: %s", type); 999 errno = 0; 1000 dprintf("%s\n", buf); 1001 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE); 1002 } 1003 1004 void 1005 die(signo) 1006 int signo; 1007 { 1008 struct filed *f; 1009 char buf[100], **p; 1010 1011 for (f = Files; f != NULL; f = f->f_next) { 1012 /* flush any pending output */ 1013 if (f->f_prevcount) 1014 fprintlog(f, 0, (char *)NULL); 1015 } 1016 if (signo) { 1017 dprintf("syslogd: exiting on signal %d\n", signo); 1018 (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); 1019 errno = 0; 1020 logerror(buf); 1021 } 1022 for (p = LogPaths; p && *p; p++) 1023 unlink(*p); 1024 exit(0); 1025 } 1026 1027 /* 1028 * INIT -- Initialize syslogd from configuration table 1029 */ 1030 void 1031 init(signo) 1032 int signo; 1033 { 1034 int i; 1035 FILE *cf; 1036 struct filed *f, *next, **nextp; 1037 char *p; 1038 char cline[LINE_MAX]; 1039 1040 dprintf("init\n"); 1041 1042 /* 1043 * Close all open log files. 1044 */ 1045 Initialized = 0; 1046 for (f = Files; f != NULL; f = next) { 1047 /* flush any pending output */ 1048 if (f->f_prevcount) 1049 fprintlog(f, 0, (char *)NULL); 1050 1051 switch (f->f_type) { 1052 case F_FILE: 1053 case F_TTY: 1054 case F_CONSOLE: 1055 (void)close(f->f_file); 1056 break; 1057 } 1058 next = f->f_next; 1059 free((char *)f); 1060 } 1061 Files = NULL; 1062 nextp = &Files; 1063 1064 /* 1065 * Close all open sockets 1066 */ 1067 1068 if (finet) { 1069 for (i = 0; i < *finet; i++) { 1070 if (close(finet[i+1]) < 0) { 1071 logerror("close"); 1072 die(0); 1073 } 1074 } 1075 } 1076 1077 /* 1078 * Reset counter of forwarding actions 1079 */ 1080 1081 NumForwards=0; 1082 1083 /* open the configuration file */ 1084 if ((cf = fopen(ConfFile, "r")) == NULL) { 1085 dprintf("cannot open %s\n", ConfFile); 1086 *nextp = (struct filed *)calloc(1, sizeof(*f)); 1087 cfline("*.ERR\t/dev/console", *nextp); 1088 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f)); 1089 cfline("*.PANIC\t*", (*nextp)->f_next); 1090 Initialized = 1; 1091 return; 1092 } 1093 1094 /* 1095 * Foreach line in the conf table, open that file. 1096 */ 1097 f = NULL; 1098 while (fgets(cline, sizeof(cline), cf) != NULL) { 1099 /* 1100 * check for end-of-section, comments, strip off trailing 1101 * spaces and newline character. 1102 */ 1103 for (p = cline; isspace(*p); ++p) 1104 continue; 1105 if (*p == '\0' || *p == '#') 1106 continue; 1107 for (p = strchr(cline, '\0'); isspace(*--p);) 1108 continue; 1109 *++p = '\0'; 1110 f = (struct filed *)calloc(1, sizeof(*f)); 1111 *nextp = f; 1112 nextp = &f->f_next; 1113 cfline(cline, f); 1114 } 1115 1116 /* close the configuration file */ 1117 (void)fclose(cf); 1118 1119 Initialized = 1; 1120 1121 if (Debug) { 1122 for (f = Files; f; f = f->f_next) { 1123 for (i = 0; i <= LOG_NFACILITIES; i++) 1124 if (f->f_pmask[i] == INTERNAL_NOPRI) 1125 printf("X "); 1126 else 1127 printf("%d ", f->f_pmask[i]); 1128 printf("%s: ", TypeNames[f->f_type]); 1129 switch (f->f_type) { 1130 case F_FILE: 1131 case F_TTY: 1132 case F_CONSOLE: 1133 printf("%s", f->f_un.f_fname); 1134 break; 1135 1136 case F_FORW: 1137 printf("%s", f->f_un.f_forw.f_hname); 1138 break; 1139 1140 case F_USERS: 1141 for (i = 0; 1142 i < MAXUNAMES && *f->f_un.f_uname[i]; i++) 1143 printf("%s, ", f->f_un.f_uname[i]); 1144 break; 1145 } 1146 printf("\n"); 1147 } 1148 } 1149 1150 finet = socksetup(PF_UNSPEC); 1151 if (finet) { 1152 if (SecureMode) { 1153 for (i = 0; i < *finet; i++) { 1154 if (shutdown(finet[i+1], SHUT_RD) < 0) { 1155 logerror("shutdown"); 1156 die(0); 1157 } 1158 } 1159 } else 1160 dprintf("listening on inet and/or inet6 socket\n"); 1161 dprintf("sending on inet and/or inet6 socket\n"); 1162 } 1163 1164 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE); 1165 dprintf("syslogd: restarted\n"); 1166 } 1167 1168 /* 1169 * Crack a configuration file line 1170 */ 1171 void 1172 cfline(line, f) 1173 char *line; 1174 struct filed *f; 1175 { 1176 struct addrinfo hints, *res; 1177 int error, i, pri; 1178 char *bp, *p, *q; 1179 char buf[MAXLINE], ebuf[100]; 1180 1181 dprintf("cfline(%s)\n", line); 1182 1183 errno = 0; /* keep strerror() stuff out of logerror messages */ 1184 1185 /* clear out file entry */ 1186 memset(f, 0, sizeof(*f)); 1187 for (i = 0; i <= LOG_NFACILITIES; i++) 1188 f->f_pmask[i] = INTERNAL_NOPRI; 1189 1190 /* scan through the list of selectors */ 1191 for (p = line; *p && *p != '\t';) { 1192 1193 /* find the end of this facility name list */ 1194 for (q = p; *q && *q != '\t' && *q++ != '.'; ) 1195 continue; 1196 1197 /* collect priority name */ 1198 for (bp = buf; *q && !strchr("\t,;", *q); ) 1199 *bp++ = *q++; 1200 *bp = '\0'; 1201 1202 /* skip cruft */ 1203 while (strchr(", ;", *q)) 1204 q++; 1205 1206 /* decode priority name */ 1207 if (*buf == '*') 1208 pri = LOG_PRIMASK + 1; 1209 else { 1210 pri = decode(buf, prioritynames); 1211 if (pri < 0) { 1212 (void)snprintf(ebuf, sizeof ebuf, 1213 "unknown priority name \"%s\"", buf); 1214 logerror(ebuf); 1215 return; 1216 } 1217 } 1218 1219 /* scan facilities */ 1220 while (*p && !strchr("\t.;", *p)) { 1221 for (bp = buf; *p && !strchr("\t,;.", *p); ) 1222 *bp++ = *p++; 1223 *bp = '\0'; 1224 if (*buf == '*') 1225 for (i = 0; i < LOG_NFACILITIES; i++) 1226 f->f_pmask[i] = pri; 1227 else { 1228 i = decode(buf, facilitynames); 1229 if (i < 0) { 1230 (void)snprintf(ebuf, sizeof ebuf, 1231 "unknown facility name \"%s\"", 1232 buf); 1233 logerror(ebuf); 1234 return; 1235 } 1236 f->f_pmask[i >> 3] = pri; 1237 } 1238 while (*p == ',' || *p == ' ') 1239 p++; 1240 } 1241 1242 p = q; 1243 } 1244 1245 /* skip to action part */ 1246 while (*p == '\t') 1247 p++; 1248 1249 switch (*p) 1250 { 1251 case '@': 1252 (void)strcpy(f->f_un.f_forw.f_hname, ++p); 1253 memset(&hints, 0, sizeof(hints)); 1254 hints.ai_family = AF_UNSPEC; 1255 hints.ai_socktype = SOCK_DGRAM; 1256 hints.ai_protocol = 0; 1257 error = getaddrinfo(f->f_un.f_forw.f_hname, "syslog", &hints, 1258 &res); 1259 if (error) { 1260 logerror(gai_strerror(error)); 1261 break; 1262 } 1263 f->f_un.f_forw.f_addr = res; 1264 f->f_type = F_FORW; 1265 NumForwards++; 1266 break; 1267 1268 case '/': 1269 (void)strcpy(f->f_un.f_fname, p); 1270 if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) { 1271 f->f_type = F_UNUSED; 1272 logerror(p); 1273 break; 1274 } 1275 if (isatty(f->f_file)) 1276 f->f_type = F_TTY; 1277 else 1278 f->f_type = F_FILE; 1279 if (strcmp(p, ctty) == 0) 1280 f->f_type = F_CONSOLE; 1281 break; 1282 1283 case '*': 1284 f->f_type = F_WALL; 1285 break; 1286 1287 default: 1288 for (i = 0; i < MAXUNAMES && *p; i++) { 1289 for (q = p; *q && *q != ','; ) 1290 q++; 1291 (void)strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE); 1292 if ((q - p) > UT_NAMESIZE) 1293 f->f_un.f_uname[i][UT_NAMESIZE] = '\0'; 1294 else 1295 f->f_un.f_uname[i][q - p] = '\0'; 1296 while (*q == ',' || *q == ' ') 1297 q++; 1298 p = q; 1299 } 1300 f->f_type = F_USERS; 1301 break; 1302 } 1303 } 1304 1305 1306 /* 1307 * Decode a symbolic name to a numeric value 1308 */ 1309 int 1310 decode(name, codetab) 1311 const char *name; 1312 CODE *codetab; 1313 { 1314 CODE *c; 1315 char *p, buf[40]; 1316 1317 if (isdigit(*name)) 1318 return (atoi(name)); 1319 1320 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) { 1321 if (isupper(*name)) 1322 *p = tolower(*name); 1323 else 1324 *p = *name; 1325 } 1326 *p = '\0'; 1327 for (c = codetab; c->c_name; c++) 1328 if (!strcmp(buf, c->c_name)) 1329 return (c->c_val); 1330 1331 return (-1); 1332 } 1333 1334 /* 1335 * Retrieve the size of the kernel message buffer, via sysctl. 1336 */ 1337 int 1338 getmsgbufsize() 1339 { 1340 int msgbufsize, mib[2]; 1341 size_t size; 1342 1343 mib[0] = CTL_KERN; 1344 mib[1] = KERN_MSGBUFSIZE; 1345 size = sizeof msgbufsize; 1346 if (sysctl(mib, 2, &msgbufsize, &size, NULL, 0) == -1) { 1347 dprintf("couldn't get kern.msgbufsize\n"); 1348 return (0); 1349 } 1350 return (msgbufsize); 1351 } 1352 1353 int * 1354 socksetup(af) 1355 int af; 1356 { 1357 struct addrinfo hints, *res, *r; 1358 int error, maxs, *s, *socks; 1359 1360 if(SecureMode && !NumForwards) 1361 return(NULL); 1362 1363 memset(&hints, 0, sizeof(hints)); 1364 hints.ai_flags = AI_PASSIVE; 1365 hints.ai_family = af; 1366 hints.ai_socktype = SOCK_DGRAM; 1367 error = getaddrinfo(NULL, "syslog", &hints, &res); 1368 if (error) { 1369 logerror(gai_strerror(error)); 1370 errno = 0; 1371 die(0); 1372 } 1373 1374 /* Count max number of sockets we may open */ 1375 for (maxs = 0, r = res; r; r = r->ai_next, maxs++) 1376 continue; 1377 socks = malloc ((maxs+1) * sizeof(int)); 1378 if (!socks) { 1379 logerror("couldn't allocate memory for sockets"); 1380 die(0); 1381 } 1382 1383 *socks = 0; /* num of sockets counter at start of array */ 1384 s = socks+1; 1385 for (r = res; r; r = r->ai_next) { 1386 *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); 1387 if (*s < 0) { 1388 logerror("socket"); 1389 continue; 1390 } 1391 if (!SecureMode && bind(*s, r->ai_addr, r->ai_addrlen) < 0) { 1392 close (*s); 1393 logerror("bind"); 1394 continue; 1395 } 1396 1397 *socks = *socks + 1; 1398 s++; 1399 } 1400 1401 if (*socks == 0) { 1402 free (socks); 1403 if(Debug) 1404 return(NULL); 1405 else 1406 die(0); 1407 } 1408 if (res) 1409 freeaddrinfo(res); 1410 1411 return(socks); 1412 } 1413