1 /* $OpenBSD: syslogd.c,v 1.67 2003/09/19 08:15:55 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1988, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef lint 33 static const char copyright[] = 34 "@(#) Copyright (c) 1983, 1988, 1993, 1994\n\ 35 The Regents of the University of California. All rights reserved.\n"; 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static const char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; 41 #else 42 static const char rcsid[] = "$OpenBSD: syslogd.c,v 1.67 2003/09/19 08:15:55 deraadt Exp $"; 43 #endif 44 #endif /* not lint */ 45 46 /* 47 * syslogd -- log system messages 48 * 49 * This program implements a system log. It takes a series of lines. 50 * Each line may have a priority, signified as "<n>" as 51 * the first characters of the line. If this is 52 * not present, a default priority is used. 53 * 54 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will 55 * cause it to reread its configuration file. 56 * 57 * Defined Constants: 58 * 59 * MAXLINE -- the maximum line length that can be handled. 60 * DEFUPRI -- the default priority for user messages 61 * DEFSPRI -- the default priority for kernel messages 62 * 63 * Author: Eric Allman 64 * extensive changes by Ralph Campbell 65 * more extensive changes by Eric Allman (again) 66 */ 67 68 #define MAXLINE 1024 /* maximum line length */ 69 #define MAXSVLINE 120 /* maximum saved line length */ 70 #define DEFUPRI (LOG_USER|LOG_NOTICE) 71 #define DEFSPRI (LOG_KERN|LOG_CRIT) 72 #define TIMERINTVL 30 /* interval for checking flush, mark */ 73 #define TTYMSGTIME 1 /* timeout passed to ttymsg */ 74 75 #include <sys/param.h> 76 #include <sys/ioctl.h> 77 #include <sys/stat.h> 78 #include <sys/wait.h> 79 #include <sys/socket.h> 80 #include <sys/msgbuf.h> 81 #include <sys/uio.h> 82 #include <sys/sysctl.h> 83 #include <sys/un.h> 84 #include <sys/time.h> 85 #include <sys/resource.h> 86 87 #include <netinet/in.h> 88 #include <netdb.h> 89 #include <arpa/inet.h> 90 91 #include <ctype.h> 92 #include <errno.h> 93 #include <err.h> 94 #include <fcntl.h> 95 #include <paths.h> 96 #include <signal.h> 97 #include <stdio.h> 98 #include <stdlib.h> 99 #include <string.h> 100 #include <unistd.h> 101 #include <utmp.h> 102 #include <vis.h> 103 104 #define SYSLOG_NAMES 105 #include <sys/syslog.h> 106 107 #include "syslogd.h" 108 109 char *ConfFile = _PATH_LOGCONF; 110 const char ctty[] = _PATH_CONSOLE; 111 112 #define MAXUNAMES 20 /* maximum number of user names */ 113 114 115 /* 116 * Flags to logmsg(). 117 */ 118 119 #define IGN_CONS 0x001 /* don't print on console */ 120 #define SYNC_FILE 0x002 /* do fsync on file after printing */ 121 #define ADDDATE 0x004 /* add a date to the message */ 122 #define MARK 0x008 /* this message is a mark */ 123 124 /* 125 * This structure represents the files that will have log 126 * copies printed. 127 */ 128 129 struct filed { 130 struct filed *f_next; /* next in linked list */ 131 short f_type; /* entry type, see below */ 132 short f_file; /* file descriptor */ 133 time_t f_time; /* time this was last written */ 134 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ 135 char *f_program; /* program this applies to */ 136 union { 137 char f_uname[MAXUNAMES][UT_NAMESIZE+1]; 138 struct { 139 char f_hname[MAXHOSTNAMELEN]; 140 struct sockaddr_in f_addr; 141 } f_forw; /* forwarding address */ 142 char f_fname[MAXPATHLEN]; 143 } f_un; 144 char f_prevline[MAXSVLINE]; /* last message logged */ 145 char f_lasttime[16]; /* time of last occurrence */ 146 char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */ 147 int f_prevpri; /* pri of f_prevline */ 148 int f_prevlen; /* length of f_prevline */ 149 int f_prevcount; /* repetition cnt of prevline */ 150 int f_repeatcount; /* number of "repeated" msgs */ 151 }; 152 153 /* 154 * Intervals at which we flush out "message repeated" messages, 155 * in seconds after previous message is logged. After each flush, 156 * we move to the next interval until we reach the largest. 157 */ 158 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ 159 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1) 160 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount]) 161 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \ 162 (f)->f_repeatcount = MAXREPEAT; \ 163 } 164 165 /* values for f_type */ 166 #define F_UNUSED 0 /* unused entry */ 167 #define F_FILE 1 /* regular file */ 168 #define F_TTY 2 /* terminal */ 169 #define F_CONSOLE 3 /* console terminal */ 170 #define F_FORW 4 /* remote machine */ 171 #define F_USERS 5 /* list of users */ 172 #define F_WALL 6 /* everyone logged on */ 173 174 char *TypeNames[7] = { 175 "UNUSED", "FILE", "TTY", "CONSOLE", 176 "FORW", "USERS", "WALL" 177 }; 178 179 struct filed *Files; 180 struct filed consfile; 181 182 int Debug; /* debug flag */ 183 int Startup = 1; /* startup flag */ 184 char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */ 185 char *LocalDomain; /* our local domain name */ 186 int InetInuse = 0; /* non-zero if INET sockets are being used */ 187 int finet = -1; /* Internet datagram socket */ 188 int fklog = -1; /* Kernel log device socket */ 189 int LogPort; /* port number for INET connections */ 190 int Initialized = 0; /* set when we have initialized ourselves */ 191 192 int MarkInterval = 20 * 60; /* interval between marks in seconds */ 193 int MarkSeq = 0; /* mark sequence number */ 194 int SecureMode = 1; /* when true, speak only unix domain socks */ 195 int NoDNS = 0; /* when true, will refrain from doing DNS lookups */ 196 197 volatile sig_atomic_t MarkSet; 198 volatile sig_atomic_t WantDie; 199 volatile sig_atomic_t DoInit; 200 201 void cfline(char *, struct filed *, char *); 202 void cvthname(struct sockaddr_in *, char *, size_t); 203 int decode(const char *, const CODE *); 204 void dodie(int); 205 void doinit(int); 206 void die(int); 207 void domark(int); 208 void markit(void); 209 void fprintlog(struct filed *, int, char *); 210 void init(void); 211 void logerror(char *); 212 void logmsg(int, char *, char *, int); 213 void printline(char *, char *); 214 void printsys(char *); 215 void reapchild(int); 216 char *ttymsg(struct iovec *, int, char *, int); 217 void usage(void); 218 void wallmsg(struct filed *, struct iovec *); 219 int getmsgbufsize(void); 220 221 #define MAXFUNIX 21 222 223 int nfunix = 1; 224 char *funixn[MAXFUNIX] = { _PATH_LOG }; 225 int funix[MAXFUNIX]; 226 227 int 228 main(int argc, char *argv[]) 229 { 230 int ch, i, linesize, fdsrmax = 0; 231 struct sockaddr_un sunx, fromunix; 232 struct sockaddr_in sin, frominet; 233 socklen_t slen, len; 234 fd_set *fdsr = NULL; 235 char *p, *line; 236 char resolve[MAXHOSTNAMELEN]; 237 int lockpipe[2], nullfd = -1; 238 FILE *fp; 239 240 while ((ch = getopt(argc, argv, "dnuf:m:p:a:")) != -1) 241 switch (ch) { 242 case 'd': /* debug */ 243 Debug++; 244 break; 245 case 'f': /* configuration file */ 246 ConfFile = optarg; 247 break; 248 case 'm': /* mark interval */ 249 MarkInterval = atoi(optarg) * 60; 250 break; 251 case 'n': /* don't do DNS lookups */ 252 NoDNS = 1; 253 break; 254 case 'p': /* path */ 255 if (strlen(optarg) >= sizeof(sunx.sun_path)) { 256 fprintf(stderr, 257 "syslogd: socket path too long, exiting\n"); 258 exit(1); 259 } else 260 funixn[0] = optarg; 261 break; 262 case 'u': /* allow udp input port */ 263 SecureMode = 0; 264 break; 265 case 'a': 266 if (nfunix >= MAXFUNIX) 267 fprintf(stderr, 268 "syslogd: out of descriptors, ignoring %s\n", 269 optarg); 270 else if (strlen(optarg) >= sizeof(sunx.sun_path)) 271 fprintf(stderr, 272 "syslogd: path too long, ignoring %s\n", 273 optarg); 274 else 275 funixn[nfunix++] = optarg; 276 break; 277 default: 278 usage(); 279 } 280 if ((argc -= optind) != 0) 281 usage(); 282 283 if (Debug) 284 setlinebuf(stdout); 285 286 consfile.f_type = F_CONSOLE; 287 (void)strlcpy(consfile.f_un.f_fname, ctty, 288 sizeof(consfile.f_un.f_fname)); 289 (void)gethostname(LocalHostName, sizeof(LocalHostName)); 290 if ((p = strchr(LocalHostName, '.')) != NULL) { 291 *p++ = '\0'; 292 LocalDomain = p; 293 } else 294 LocalDomain = ""; 295 296 linesize = getmsgbufsize(); 297 if (linesize < MAXLINE) 298 linesize = MAXLINE; 299 linesize++; 300 line = malloc(linesize); 301 302 #ifndef SUN_LEN 303 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) 304 #endif 305 for (i = 0; i < nfunix; i++) { 306 (void)unlink(funixn[i]); 307 308 memset(&sunx, 0, sizeof(sunx)); 309 sunx.sun_family = AF_UNIX; 310 (void)strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); 311 funix[i] = socket(AF_UNIX, SOCK_DGRAM, 0); 312 if (funix[i] < 0 || 313 bind(funix[i], (struct sockaddr *)&sunx, 314 SUN_LEN(&sunx)) < 0 || 315 chmod(funixn[i], 0666) < 0) { 316 (void)snprintf(line, linesize, "cannot create %s", 317 funixn[i]); 318 logerror(line); 319 dprintf("cannot create %s (%d)\n", funixn[i], errno); 320 if (i == 0) 321 die(0); 322 } 323 /* double socket receive buffer size */ 324 if (getsockopt(funix[i], SOL_SOCKET, SO_RCVBUF, &len, 325 &slen) == 0) { 326 len *= 2; 327 (void)setsockopt(funix[i], SOL_SOCKET, SO_RCVBUF, &len, 328 slen); 329 } 330 } 331 finet = socket(AF_INET, SOCK_DGRAM, 0); 332 if (finet >= 0) { 333 struct servent *sp; 334 335 sp = getservbyname("syslog", "udp"); 336 if (sp == NULL) { 337 errno = 0; 338 logerror("syslog/udp: unknown service"); 339 die(0); 340 } 341 memset(&sin, 0, sizeof(sin)); 342 sin.sin_len = sizeof(sin); 343 sin.sin_family = AF_INET; 344 sin.sin_port = LogPort = sp->s_port; 345 if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 346 logerror("bind"); 347 if (!Debug) 348 die(0); 349 } else { 350 InetInuse = 1; 351 /* double socket receive buffer size */ 352 if (getsockopt(finet, SOL_SOCKET, SO_RCVBUF, &len, 353 &slen) == 0) { 354 len *= 2; 355 (void)setsockopt(finet, SOL_SOCKET, 356 SO_RCVBUF, &len, slen); 357 } 358 } 359 } 360 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) < 0) 361 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno); 362 363 dprintf("off & running....\n"); 364 365 chdir("/"); 366 367 tzset(); 368 369 if (!Debug) { 370 char c; 371 372 pipe(lockpipe); 373 374 switch(fork()) { 375 case -1: 376 exit(1); 377 case 0: 378 setsid(); 379 nullfd = open(_PATH_DEVNULL, O_RDWR); 380 close(lockpipe[0]); 381 break; 382 default: 383 close(lockpipe[1]); 384 read(lockpipe[0], &c, 1); 385 _exit(0); 386 } 387 } 388 389 /* tuck my process id away */ 390 if (!Debug) { 391 fp = fopen(_PATH_LOGPID, "w"); 392 if (fp != NULL) { 393 fprintf(fp, "%ld\n", (long)getpid()); 394 (void) fclose(fp); 395 } 396 } 397 398 /* Privilege separation begins here */ 399 if (priv_init(ConfFile, NoDNS, lockpipe[1], nullfd, argv) < 0) 400 errx(1, "unable to privsep"); 401 402 /* Process is now unprivileged and inside a chroot */ 403 init(); 404 405 Startup = 0; 406 407 if (!Debug) { 408 dup2(nullfd, STDIN_FILENO); 409 dup2(nullfd, STDOUT_FILENO); 410 dup2(nullfd, STDERR_FILENO); 411 if (nullfd > 2) 412 close(nullfd); 413 close(lockpipe[1]); 414 } 415 416 /* 417 * Signal to the priv process that the initial config parsing is done 418 * so that it will reject any future attempts to open more files 419 */ 420 priv_config_parse_done(); 421 422 (void)signal(SIGHUP, doinit); 423 (void)signal(SIGTERM, dodie); 424 (void)signal(SIGINT, Debug ? dodie : SIG_IGN); 425 (void)signal(SIGQUIT, Debug ? dodie : SIG_IGN); 426 (void)signal(SIGCHLD, reapchild); 427 (void)signal(SIGALRM, domark); 428 (void)alarm(TIMERINTVL); 429 430 if (fklog != -1 && fklog > fdsrmax) 431 fdsrmax = fklog; 432 if (finet != -1 && finet > fdsrmax) 433 fdsrmax = finet; 434 for (i = 0; i < nfunix; i++) { 435 if (funix[i] != -1 && funix[i] > fdsrmax) 436 fdsrmax = funix[i]; 437 } 438 439 fdsr = (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS), 440 sizeof(fd_mask)); 441 if (fdsr == NULL) 442 errx(1, "calloc fd_set"); 443 444 for (;;) { 445 if (MarkSet) 446 markit(); 447 if (WantDie) 448 die(WantDie); 449 450 if (DoInit) { 451 init(); 452 DoInit = 0; 453 } 454 455 bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * 456 sizeof(fd_mask)); 457 458 if (fklog != -1) 459 FD_SET(fklog, fdsr); 460 if (finet != -1) 461 FD_SET(finet, fdsr); 462 for (i = 0; i < nfunix; i++) { 463 if (funix[i] != -1) 464 FD_SET(funix[i], fdsr); 465 } 466 467 switch (select(fdsrmax+1, fdsr, NULL, NULL, NULL)) { 468 case 0: 469 continue; 470 case -1: 471 if (errno != EINTR) 472 logerror("select"); 473 continue; 474 } 475 476 if (fklog != -1 && FD_ISSET(fklog, fdsr)) { 477 i = read(fklog, line, linesize - 1); 478 if (i > 0) { 479 line[i] = '\0'; 480 printsys(line); 481 } else if (i < 0 && errno != EINTR) { 482 logerror("klog"); 483 fklog = -1; 484 } 485 } 486 if (finet != -1 && FD_ISSET(finet, fdsr)) { 487 len = sizeof(frominet); 488 i = recvfrom(finet, line, MAXLINE, 0, 489 (struct sockaddr *)&frominet, &len); 490 if (SecureMode) { 491 /* silently drop it */ 492 } else { 493 if (i > 0) { 494 line[i] = '\0'; 495 cvthname(&frominet, resolve, sizeof resolve); 496 dprintf("cvthname res: %s\n", resolve); 497 printline(resolve, line); 498 } else if (i < 0 && errno != EINTR) 499 logerror("recvfrom inet"); 500 } 501 } 502 503 for (i = 0; i < nfunix; i++) { 504 if (funix[i] != -1 && FD_ISSET(funix[i], fdsr)) { 505 len = sizeof(fromunix); 506 len = recvfrom(funix[i], line, MAXLINE, 0, 507 (struct sockaddr *)&fromunix, &len); 508 if (len > 0) { 509 line[len] = '\0'; 510 printline(LocalHostName, line); 511 } else if (len < 0 && errno != EINTR) 512 logerror("recvfrom unix"); 513 } 514 } 515 } 516 if (fdsr) 517 free(fdsr); 518 } 519 520 void 521 usage(void) 522 { 523 524 (void)fprintf(stderr, 525 "usage: syslogd [-dnu] [-f config_file] [-m mark_interval] " 526 "[-a path] [-p log_socket]\n"); 527 exit(1); 528 } 529 530 /* 531 * Take a raw input line, decode the message, and print the message 532 * on the appropriate log files. 533 */ 534 void 535 printline(char *hname, char *msg) 536 { 537 int pri; 538 char *p, *q, line[MAXLINE + 1]; 539 540 /* test for special codes */ 541 pri = DEFUPRI; 542 p = msg; 543 if (*p == '<') { 544 pri = 0; 545 while (isdigit(*++p)) 546 pri = 10 * pri + (*p - '0'); 547 if (*p == '>') 548 ++p; 549 } 550 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 551 pri = DEFUPRI; 552 553 /* 554 * Don't allow users to log kernel messages. 555 * NOTE: since LOG_KERN == 0 this will also match 556 * messages with no facility specified. 557 */ 558 if (LOG_FAC(pri) == LOG_KERN) 559 pri = LOG_USER | LOG_PRI(pri); 560 561 for (q = line; *p && q < &line[sizeof(line) - 4]; p++) { 562 if (*p == '\n') 563 *q++ = ' '; 564 else 565 q = vis(q, *p, 0, 0); 566 } 567 *q = '\0'; 568 569 logmsg(pri, line, hname, 0); 570 } 571 572 /* 573 * Take a raw input line from /dev/klog, split and format similar to syslog(). 574 */ 575 void 576 printsys(char *msg) 577 { 578 int c, pri, flags; 579 char *lp, *p, *q, line[MAXLINE + 1]; 580 581 (void)snprintf(line, sizeof line, "%s: ", _PATH_UNIX); 582 lp = line + strlen(line); 583 for (p = msg; *p != '\0'; ) { 584 flags = SYNC_FILE | ADDDATE; /* fsync file after write */ 585 pri = DEFSPRI; 586 if (*p == '<') { 587 pri = 0; 588 while (isdigit(*++p)) 589 pri = 10 * pri + (*p - '0'); 590 if (*p == '>') 591 ++p; 592 } else { 593 /* kernel printf's come out on console */ 594 flags |= IGN_CONS; 595 } 596 if (pri &~ (LOG_FACMASK|LOG_PRIMASK)) 597 pri = DEFSPRI; 598 599 q = lp; 600 while (*p && (c = *p++) != '\n' && q < &line[sizeof(line) - 4]) 601 q = vis(q, c, 0, 0); 602 603 logmsg(pri, line, LocalHostName, flags); 604 } 605 } 606 607 time_t now; 608 609 /* 610 * Log a message to the appropriate log files, users, etc. based on 611 * the priority. 612 */ 613 void 614 logmsg(int pri, char *msg, char *from, int flags) 615 { 616 struct filed *f; 617 int fac, msglen, prilev, i; 618 sigset_t mask, omask; 619 char *timestamp; 620 char prog[NAME_MAX+1]; 621 622 dprintf("logmsg: pri 0%o, flags 0x%x, from %s, msg %s\n", 623 pri, flags, from, msg); 624 625 sigemptyset(&mask); 626 sigaddset(&mask, SIGALRM); 627 sigaddset(&mask, SIGHUP); 628 sigprocmask(SIG_BLOCK, &mask, &omask); 629 630 /* 631 * Check to see if msg looks non-standard. 632 */ 633 msglen = strlen(msg); 634 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' || 635 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ') 636 flags |= ADDDATE; 637 638 (void)time(&now); 639 if (flags & ADDDATE) 640 timestamp = ctime(&now) + 4; 641 else { 642 timestamp = msg; 643 msg += 16; 644 msglen -= 16; 645 } 646 647 /* extract facility and priority level */ 648 if (flags & MARK) 649 fac = LOG_NFACILITIES; 650 else 651 fac = LOG_FAC(pri); 652 prilev = LOG_PRI(pri); 653 654 /* extract program name */ 655 for(i = 0; i < NAME_MAX; i++) { 656 if (!isalnum(msg[i])) 657 break; 658 prog[i] = msg[i]; 659 } 660 prog[i] = 0; 661 662 /* log the message to the particular outputs */ 663 if (!Initialized) { 664 f = &consfile; 665 f->f_file = priv_open_tty(ctty); 666 667 if (f->f_file >= 0) { 668 fprintlog(f, flags, msg); 669 (void)close(f->f_file); 670 f->f_file = -1; 671 } 672 (void)sigprocmask(SIG_SETMASK, &omask, NULL); 673 return; 674 } 675 for (f = Files; f; f = f->f_next) { 676 /* skip messages that are incorrect priority */ 677 if (f->f_pmask[fac] < prilev || 678 f->f_pmask[fac] == INTERNAL_NOPRI) 679 continue; 680 681 /* skip messages with the incorrect program name */ 682 if (f->f_program) 683 if (strcmp(prog, f->f_program) != 0) 684 continue; 685 686 if (f->f_type == F_CONSOLE && (flags & IGN_CONS)) 687 continue; 688 689 /* don't output marks to recently written files */ 690 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2) 691 continue; 692 693 /* 694 * suppress duplicate lines to this file 695 */ 696 if ((flags & MARK) == 0 && msglen == f->f_prevlen && 697 !strcmp(msg, f->f_prevline) && 698 !strcmp(from, f->f_prevhost)) { 699 strlcpy(f->f_lasttime, timestamp, 16); 700 f->f_prevcount++; 701 dprintf("msg repeated %d times, %ld sec of %d\n", 702 f->f_prevcount, (long)(now - f->f_time), 703 repeatinterval[f->f_repeatcount]); 704 /* 705 * If domark would have logged this by now, 706 * flush it now (so we don't hold isolated messages), 707 * but back off so we'll flush less often 708 * in the future. 709 */ 710 if (now > REPEATTIME(f)) { 711 fprintlog(f, flags, (char *)NULL); 712 BACKOFF(f); 713 } 714 } else { 715 /* new line, save it */ 716 if (f->f_prevcount) 717 fprintlog(f, 0, (char *)NULL); 718 f->f_repeatcount = 0; 719 f->f_prevpri = pri; 720 strlcpy(f->f_lasttime, timestamp, 16); 721 strlcpy(f->f_prevhost, from, 722 sizeof(f->f_prevhost)); 723 if (msglen < MAXSVLINE) { 724 f->f_prevlen = msglen; 725 strlcpy(f->f_prevline, msg, sizeof(f->f_prevline)); 726 fprintlog(f, flags, (char *)NULL); 727 } else { 728 f->f_prevline[0] = 0; 729 f->f_prevlen = 0; 730 fprintlog(f, flags, msg); 731 } 732 } 733 } 734 (void)sigprocmask(SIG_SETMASK, &omask, NULL); 735 } 736 737 void 738 fprintlog(struct filed *f, int flags, char *msg) 739 { 740 struct iovec iov[6]; 741 struct iovec *v; 742 int l; 743 char line[MAXLINE + 1], repbuf[80], greetings[500]; 744 745 v = iov; 746 if (f->f_type == F_WALL) { 747 if ((l = snprintf(greetings, sizeof(greetings), 748 "\r\n\7Message from syslogd@%s at %.24s ...\r\n", 749 f->f_prevhost, ctime(&now))) >= sizeof(greetings) || 750 l == -1) 751 l = strlen(greetings); 752 v->iov_base = greetings; 753 v->iov_len = l; 754 v++; 755 v->iov_base = ""; 756 v->iov_len = 0; 757 v++; 758 } else { 759 v->iov_base = f->f_lasttime; 760 v->iov_len = 15; 761 v++; 762 v->iov_base = " "; 763 v->iov_len = 1; 764 v++; 765 } 766 v->iov_base = f->f_prevhost; 767 v->iov_len = strlen(v->iov_base); 768 v++; 769 v->iov_base = " "; 770 v->iov_len = 1; 771 v++; 772 773 if (msg) { 774 v->iov_base = msg; 775 v->iov_len = strlen(msg); 776 } else if (f->f_prevcount > 1) { 777 if ((l = snprintf(repbuf, sizeof(repbuf), 778 "last message repeated %d times", f->f_prevcount)) >= 779 sizeof(repbuf) || l == -1) 780 l = strlen(repbuf); 781 v->iov_base = repbuf; 782 v->iov_len = l; 783 } else { 784 v->iov_base = f->f_prevline; 785 v->iov_len = f->f_prevlen; 786 } 787 v++; 788 789 dprintf("Logging to %s", TypeNames[f->f_type]); 790 f->f_time = now; 791 792 switch (f->f_type) { 793 case F_UNUSED: 794 dprintf("\n"); 795 break; 796 797 case F_FORW: 798 dprintf(" %s\n", f->f_un.f_forw.f_hname); 799 if ((l = snprintf(line, sizeof(line), "<%d>%.15s %s", 800 f->f_prevpri, (char *)iov[0].iov_base, 801 (char *)iov[4].iov_base)) >= sizeof(line) || l == -1) 802 l = strlen(line); 803 if (sendto(finet, line, l, 0, 804 (struct sockaddr *)&f->f_un.f_forw.f_addr, 805 sizeof(f->f_un.f_forw.f_addr)) != l) { 806 f->f_type = F_UNUSED; 807 logerror("sendto"); 808 } 809 break; 810 811 case F_CONSOLE: 812 if (flags & IGN_CONS) { 813 dprintf(" (ignored)\n"); 814 break; 815 } 816 /* FALLTHROUGH */ 817 818 case F_TTY: 819 case F_FILE: 820 dprintf(" %s\n", f->f_un.f_fname); 821 if (f->f_type != F_FILE) { 822 v->iov_base = "\r\n"; 823 v->iov_len = 2; 824 } else { 825 v->iov_base = "\n"; 826 v->iov_len = 1; 827 } 828 again: 829 if (writev(f->f_file, iov, 6) < 0) { 830 int e = errno; 831 (void)close(f->f_file); 832 /* 833 * Check for errors on TTY's due to loss of tty 834 */ 835 if (e == EAGAIN) { 836 /* 837 * Silently drop messages on blocked write. 838 * This can happen when logging to a locked tty. 839 */ 840 break; 841 } else if ((e == EIO || e == EBADF) && 842 f->f_type != F_FILE) { 843 f->f_file = priv_open_tty(f->f_un.f_fname); 844 if (f->f_file < 0) { 845 f->f_type = F_UNUSED; 846 logerror(f->f_un.f_fname); 847 } else 848 goto again; 849 } else { 850 f->f_type = F_UNUSED; 851 f->f_file = -1; 852 errno = e; 853 logerror(f->f_un.f_fname); 854 } 855 } else if (flags & SYNC_FILE) 856 (void)fsync(f->f_file); 857 break; 858 859 case F_USERS: 860 case F_WALL: 861 dprintf("\n"); 862 v->iov_base = "\r\n"; 863 v->iov_len = 2; 864 wallmsg(f, iov); 865 break; 866 } 867 f->f_prevcount = 0; 868 } 869 870 /* 871 * WALLMSG -- Write a message to the world at large 872 * 873 * Write the specified message to either the entire 874 * world, or a list of approved users. 875 */ 876 void 877 wallmsg(struct filed *f, struct iovec *iov) 878 { 879 struct utmp ut; 880 char line[sizeof(ut.ut_line) + 1], *p; 881 static int reenter; /* avoid calling ourselves */ 882 FILE *uf; 883 int i; 884 885 if (reenter++) 886 return; 887 if ((uf = priv_open_utmp()) == NULL) { 888 logerror(_PATH_UTMP); 889 reenter = 0; 890 return; 891 } 892 /* NOSTRICT */ 893 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) { 894 if (ut.ut_name[0] == '\0') 895 continue; 896 /* must use strncpy since ut_* may not be NUL terminated */ 897 strncpy(line, ut.ut_line, sizeof(line) - 1); 898 line[sizeof(line) - 1] = '\0'; 899 if (f->f_type == F_WALL) { 900 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) != NULL) { 901 errno = 0; /* already in msg */ 902 logerror(p); 903 } 904 continue; 905 } 906 /* should we send the message to this user? */ 907 for (i = 0; i < MAXUNAMES; i++) { 908 if (!f->f_un.f_uname[i][0]) 909 break; 910 if (!strncmp(f->f_un.f_uname[i], ut.ut_name, 911 UT_NAMESIZE)) { 912 if ((p = ttymsg(iov, 6, line, TTYMSGTIME)) 913 != NULL) { 914 errno = 0; /* already in msg */ 915 logerror(p); 916 } 917 break; 918 } 919 } 920 } 921 (void)fclose(uf); 922 reenter = 0; 923 } 924 925 void 926 reapchild(int signo) 927 { 928 int save_errno = errno; 929 int status; 930 931 while (waitpid(-1, &status, WNOHANG) > 0) 932 ; 933 errno = save_errno; 934 } 935 936 /* 937 * Return a printable representation of a host address. 938 */ 939 void 940 cvthname(struct sockaddr_in *f, char *result, size_t res_len) 941 { 942 sigset_t omask, nmask; 943 char *p, *ip; 944 int ret_len; 945 946 if (f->sin_family != AF_INET) { 947 dprintf("Malformed from address\n"); 948 strlcpy(result, "???", res_len); 949 return; 950 } 951 952 ip = inet_ntoa(f->sin_addr); 953 dprintf("cvthname(%s)\n", ip); 954 if (NoDNS) { 955 strlcpy(result, ip, res_len); 956 return; 957 } 958 959 sigemptyset(&nmask); 960 sigaddset(&nmask, SIGHUP); 961 sigprocmask(SIG_BLOCK, &nmask, &omask); 962 963 ret_len = priv_gethostbyaddr((char *)&f->sin_addr, 964 sizeof(struct in_addr), f->sin_family, result, res_len); 965 966 sigprocmask(SIG_SETMASK, &omask, NULL); 967 if (ret_len == 0) { 968 dprintf("Host name for your address (%s) unknown\n", ip); 969 strlcpy(result, ip, res_len); 970 } else if ((p = strchr(result, '.')) && strcmp(p + 1, LocalDomain) == 0) 971 *p = '\0'; 972 } 973 974 void 975 dodie(int signo) 976 { 977 WantDie = signo; 978 } 979 980 void 981 domark(int signo) 982 { 983 MarkSet = 1; 984 } 985 986 void 987 doinit(int signo) 988 { 989 DoInit = 1; 990 } 991 992 /* 993 * Print syslogd errors some place. 994 */ 995 void 996 logerror(char *type) 997 { 998 char buf[100]; 999 1000 if (errno) 1001 (void)snprintf(buf, sizeof(buf), "syslogd: %s: %s", 1002 type, strerror(errno)); 1003 else 1004 (void)snprintf(buf, sizeof(buf), "syslogd: %s", type); 1005 errno = 0; 1006 dprintf("%s\n", buf); 1007 if (Startup) 1008 fprintf(stderr, "%s\n", buf); 1009 else 1010 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE); 1011 } 1012 1013 void 1014 die(int signo) 1015 { 1016 struct filed *f; 1017 int was_initialized = Initialized; 1018 char buf[100]; 1019 1020 Initialized = 0; /* Don't log SIGCHLDs */ 1021 alarm(0); 1022 for (f = Files; f != NULL; f = f->f_next) { 1023 /* flush any pending output */ 1024 if (f->f_prevcount) 1025 fprintlog(f, 0, (char *)NULL); 1026 } 1027 Initialized = was_initialized; 1028 if (signo) { 1029 dprintf("syslogd: exiting on signal %d\n", signo); 1030 (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); 1031 errno = 0; 1032 logerror(buf); 1033 } 1034 dprintf("[unpriv] syslogd child about to exit\n"); 1035 exit(0); 1036 } 1037 1038 /* 1039 * INIT -- Initialize syslogd from configuration table 1040 */ 1041 void 1042 init(void) 1043 { 1044 char cline[LINE_MAX], prog[NAME_MAX+1], *p; 1045 struct filed *f, *next, **nextp; 1046 FILE *cf; 1047 int i; 1048 1049 dprintf("init\n"); 1050 1051 /* If config file has been modified, then just die to restart */ 1052 if (priv_config_modified()) { 1053 dprintf("config file changed: dying\n"); 1054 die(0); 1055 } 1056 1057 /* 1058 * Close all open log files. 1059 */ 1060 Initialized = 0; 1061 for (f = Files; f != NULL; f = next) { 1062 /* flush any pending output */ 1063 if (f->f_prevcount) 1064 fprintlog(f, 0, (char *)NULL); 1065 1066 switch (f->f_type) { 1067 case F_FILE: 1068 case F_TTY: 1069 case F_CONSOLE: 1070 (void)close(f->f_file); 1071 break; 1072 case F_FORW: 1073 break; 1074 } 1075 next = f->f_next; 1076 if (f->f_program) 1077 free(f->f_program); 1078 free((char *)f); 1079 } 1080 Files = NULL; 1081 nextp = &Files; 1082 1083 /* open the configuration file */ 1084 if ((cf = priv_open_config()) == NULL) { 1085 dprintf("cannot open %s\n", ConfFile); 1086 *nextp = (struct filed *)calloc(1, sizeof(*f)); 1087 cfline("*.ERR\t/dev/console", *nextp, "*"); 1088 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f)); 1089 cfline("*.PANIC\t*", (*nextp)->f_next, "*"); 1090 Initialized = 1; 1091 return; 1092 } 1093 1094 /* 1095 * Foreach line in the conf table, open that file. 1096 */ 1097 f = NULL; 1098 strlcpy(prog, "*", sizeof(prog)); 1099 while (fgets(cline, sizeof(cline), cf) != NULL) { 1100 /* 1101 * check for end-of-section, comments, strip off trailing 1102 * spaces and newline character. !prog is treated 1103 * specially: the following lines apply only to that program. 1104 */ 1105 for (p = cline; isspace(*p); ++p) 1106 continue; 1107 if (*p == '\0' || *p == '#') 1108 continue; 1109 if (*p == '!') { 1110 p++; 1111 while (isspace(*p)) 1112 p++; 1113 if (!*p) { 1114 strlcpy(prog, "*", sizeof(prog)); 1115 continue; 1116 } 1117 for (i = 0; i < NAME_MAX; i++) { 1118 if (!isalnum(p[i])) 1119 break; 1120 prog[i] = p[i]; 1121 } 1122 prog[i] = 0; 1123 continue; 1124 } 1125 p = cline + strlen(cline); 1126 while (p > cline) 1127 if (!isspace(*--p)) { 1128 p++; 1129 break; 1130 } 1131 *p = '\0'; 1132 f = (struct filed *)calloc(1, sizeof(*f)); 1133 *nextp = f; 1134 nextp = &f->f_next; 1135 cfline(cline, f, prog); 1136 } 1137 1138 /* close the configuration file */ 1139 (void)fclose(cf); 1140 1141 Initialized = 1; 1142 1143 if (Debug) { 1144 for (f = Files; f; f = f->f_next) { 1145 for (i = 0; i <= LOG_NFACILITIES; i++) 1146 if (f->f_pmask[i] == INTERNAL_NOPRI) 1147 printf("X "); 1148 else 1149 printf("%d ", f->f_pmask[i]); 1150 printf("%s: ", TypeNames[f->f_type]); 1151 switch (f->f_type) { 1152 case F_FILE: 1153 case F_TTY: 1154 case F_CONSOLE: 1155 printf("%s", f->f_un.f_fname); 1156 break; 1157 1158 case F_FORW: 1159 printf("%s", f->f_un.f_forw.f_hname); 1160 break; 1161 1162 case F_USERS: 1163 for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++) 1164 printf("%s, ", f->f_un.f_uname[i]); 1165 break; 1166 } 1167 if (f->f_program) 1168 printf(" (%s)", f->f_program); 1169 printf("\n"); 1170 } 1171 } 1172 1173 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, 1174 ADDDATE); 1175 dprintf("syslogd: restarted\n"); 1176 } 1177 1178 /* 1179 * Crack a configuration file line 1180 */ 1181 void 1182 cfline(char *line, struct filed *f, char *prog) 1183 { 1184 int i, pri, addr_len; 1185 char *bp, *p, *q; 1186 char buf[MAXLINE], ebuf[100]; 1187 char addr[MAXHOSTNAMELEN]; 1188 1189 dprintf("cfline(\"%s\", f, \"%s\")\n", line, prog); 1190 1191 errno = 0; /* keep strerror() stuff out of logerror messages */ 1192 1193 /* clear out file entry */ 1194 memset(f, 0, sizeof(*f)); 1195 for (i = 0; i <= LOG_NFACILITIES; i++) 1196 f->f_pmask[i] = INTERNAL_NOPRI; 1197 1198 /* save program name if any */ 1199 if (!strcmp(prog, "*")) 1200 prog = NULL; 1201 else { 1202 f->f_program = calloc(1, strlen(prog)+1); 1203 if (f->f_program) 1204 strlcpy(f->f_program, prog, strlen(prog)+1); 1205 } 1206 1207 /* scan through the list of selectors */ 1208 for (p = line; *p && *p != '\t';) { 1209 1210 /* find the end of this facility name list */ 1211 for (q = p; *q && *q != '\t' && *q++ != '.'; ) 1212 continue; 1213 1214 /* collect priority name */ 1215 for (bp = buf; *q && !strchr("\t,;", *q); ) 1216 *bp++ = *q++; 1217 *bp = '\0'; 1218 1219 /* skip cruft */ 1220 while (strchr(", ;", *q)) 1221 q++; 1222 1223 /* decode priority name */ 1224 if (*buf == '*') 1225 pri = LOG_PRIMASK + 1; 1226 else { 1227 /* ignore trailing spaces */ 1228 int i; 1229 for (i=strlen(buf)-1; i >= 0 && buf[i] == ' '; i--) { 1230 buf[i]='\0'; 1231 } 1232 1233 pri = decode(buf, prioritynames); 1234 if (pri < 0) { 1235 (void)snprintf(ebuf, sizeof ebuf, 1236 "unknown priority name \"%s\"", buf); 1237 logerror(ebuf); 1238 return; 1239 } 1240 } 1241 1242 /* scan facilities */ 1243 while (*p && !strchr("\t.;", *p)) { 1244 for (bp = buf; *p && !strchr("\t,;.", *p); ) 1245 *bp++ = *p++; 1246 *bp = '\0'; 1247 if (*buf == '*') 1248 for (i = 0; i < LOG_NFACILITIES; i++) 1249 f->f_pmask[i] = pri; 1250 else { 1251 i = decode(buf, facilitynames); 1252 if (i < 0) { 1253 (void)snprintf(ebuf, sizeof(ebuf), 1254 "unknown facility name \"%s\"", 1255 buf); 1256 logerror(ebuf); 1257 return; 1258 } 1259 f->f_pmask[i >> 3] = pri; 1260 } 1261 while (*p == ',' || *p == ' ') 1262 p++; 1263 } 1264 1265 p = q; 1266 } 1267 1268 /* skip to action part */ 1269 while (*p == '\t') 1270 p++; 1271 1272 switch (*p) { 1273 case '@': 1274 if (!InetInuse) 1275 break; 1276 (void)strlcpy(f->f_un.f_forw.f_hname, ++p, 1277 sizeof(f->f_un.f_forw.f_hname)); 1278 addr_len = priv_gethostbyname(f->f_un.f_forw.f_hname, 1279 addr, sizeof addr); 1280 if (addr_len < 1) { 1281 logerror((char *)hstrerror(h_errno)); 1282 break; 1283 } 1284 memset(&f->f_un.f_forw.f_addr, 0, 1285 sizeof(f->f_un.f_forw.f_addr)); 1286 f->f_un.f_forw.f_addr.sin_len = sizeof(f->f_un.f_forw.f_addr); 1287 f->f_un.f_forw.f_addr.sin_family = AF_INET; 1288 f->f_un.f_forw.f_addr.sin_port = LogPort; 1289 memmove(&f->f_un.f_forw.f_addr.sin_addr, addr, addr_len); 1290 f->f_type = F_FORW; 1291 break; 1292 1293 case '/': 1294 (void)strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname)); 1295 if (strcmp(p, ctty) == 0) 1296 f->f_file = priv_open_tty(p); 1297 else 1298 f->f_file = priv_open_log(p); 1299 if (f->f_file < 0) { 1300 f->f_type = F_UNUSED; 1301 logerror(p); 1302 break; 1303 } 1304 if (isatty(f->f_file)) { 1305 if (strcmp(p, ctty) == 0) 1306 f->f_type = F_CONSOLE; 1307 else 1308 f->f_type = F_TTY; 1309 } else { 1310 f->f_type = F_FILE; 1311 /* Clear O_NONBLOCK flag on f->f_file */ 1312 if ((i = fcntl(f->f_file, F_GETFL, 0)) != -1) { 1313 i &= ~O_NONBLOCK; 1314 fcntl(f->f_file, F_SETFL, i); 1315 } 1316 } 1317 break; 1318 1319 case '*': 1320 f->f_type = F_WALL; 1321 break; 1322 1323 default: 1324 for (i = 0; i < MAXUNAMES && *p; i++) { 1325 for (q = p; *q && *q != ','; ) 1326 q++; 1327 (void)strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE); 1328 if ((q - p) > UT_NAMESIZE) 1329 f->f_un.f_uname[i][UT_NAMESIZE] = '\0'; 1330 else 1331 f->f_un.f_uname[i][q - p] = '\0'; 1332 while (*q == ',' || *q == ' ') 1333 q++; 1334 p = q; 1335 } 1336 f->f_type = F_USERS; 1337 break; 1338 } 1339 } 1340 1341 1342 /* 1343 * Retrieve the size of the kernel message buffer, via sysctl. 1344 */ 1345 int 1346 getmsgbufsize(void) 1347 { 1348 int msgbufsize, mib[2]; 1349 size_t size; 1350 1351 mib[0] = CTL_KERN; 1352 mib[1] = KERN_MSGBUFSIZE; 1353 size = sizeof msgbufsize; 1354 if (sysctl(mib, 2, &msgbufsize, &size, NULL, 0) == -1) { 1355 dprintf("couldn't get kern.msgbufsize\n"); 1356 return (0); 1357 } 1358 return (msgbufsize); 1359 } 1360 1361 /* 1362 * Decode a symbolic name to a numeric value 1363 */ 1364 int 1365 decode(const char *name, const CODE *codetab) 1366 { 1367 const CODE *c; 1368 char *p, buf[40]; 1369 1370 if (isdigit(*name)) 1371 return (atoi(name)); 1372 1373 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) { 1374 if (isupper(*name)) 1375 *p = tolower(*name); 1376 else 1377 *p = *name; 1378 } 1379 *p = '\0'; 1380 for (c = codetab; c->c_name; c++) 1381 if (!strcmp(buf, c->c_name)) 1382 return (c->c_val); 1383 1384 return (-1); 1385 } 1386 1387 void 1388 markit(void) 1389 { 1390 struct filed *f; 1391 1392 now = time((time_t *)NULL); 1393 MarkSeq += TIMERINTVL; 1394 if (MarkSeq >= MarkInterval) { 1395 logmsg(LOG_INFO, "-- MARK --", 1396 LocalHostName, ADDDATE|MARK); 1397 MarkSeq = 0; 1398 } 1399 1400 for (f = Files; f; f = f->f_next) { 1401 if (f->f_prevcount && now >= REPEATTIME(f)) { 1402 dprintf("flush %s: repeated %d times, %d sec.\n", 1403 TypeNames[f->f_type], f->f_prevcount, 1404 repeatinterval[f->f_repeatcount]); 1405 fprintlog(f, 0, (char *)NULL); 1406 BACKOFF(f); 1407 } 1408 } 1409 MarkSet = 0; 1410 (void)alarm(TIMERINTVL); 1411 } 1412