2 * Copyright (c) 1983, 1988, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 static const char copyright[] =
36 "@(#) Copyright (c) 1983, 1988, 1993, 1994\n\
37 The Regents of the University of California. All rights reserved.\n";
42 static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94";
44 static const char rcsid[] =
49 * syslogd -- log system messages
51 * This program implements a system log. It takes a series of lines.
52 * Each line may have a priority, signified as "<n>" as
53 * the first characters of the line. If this is
54 * not present, a default priority is used.
56 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will
57 * cause it to reread its configuration file.
61 * MAXLINE -- the maximimum line length that can be handled.
62 * DEFUPRI -- the default priority for user messages
63 * DEFSPRI -- the default priority for kernel messages
66 * extensive changes by Ralph Campbell
67 * more extensive changes by Eric Allman (again)
68 * Extension to log by program name as well as facility and priority
70 * -u and -v by Harlan Stenn.
71 * Priority comparison code by Harlan Stenn.
74 #define MAXLINE 1024 /* maximum line length */
75 #define MAXSVLINE 120 /* maximum saved line length */
76 #define DEFUPRI (LOG_USER|LOG_NOTICE)
77 #define DEFSPRI (LOG_KERN|LOG_CRIT)
78 #define TIMERINTVL 30 /* interval for checking flush, mark */
79 #define TTYMSGTIME 1 /* timed out passed to ttymsg */
81 #include <sys/param.h>
82 #include <sys/ioctl.h>
85 #include <sys/socket.h>
86 #include <sys/queue.h>
90 #include <sys/resource.h>
91 #include <sys/syslimits.h>
94 #include <netinet/in.h>
96 #include <arpa/inet.h>
107 #include <sysexits.h>
110 #include "pathnames.h"
113 #include <sys/syslog.h>
115 #ifdef NI_WITHSCOPEID
116 static const int withscopeid = NI_WITHSCOPEID;
118 static const int withscopeid = 0;
121 const char *ConfFile = _PATH_LOGCONF;
122 const char *PidFile = _PATH_LOGPID;
123 const char ctty[] = _PATH_CONSOLE;
125 #define dprintf if (Debug) printf
127 #define MAXUNAMES 20 /* maximum number of user names */
132 char *funixn[MAXFUNIX] = { _PATH_LOG };
139 #define IGN_CONS 0x001 /* don't print on console */
140 #define SYNC_FILE 0x002 /* do fsync on file after printing */
141 #define ADDDATE 0x004 /* add a date to the message */
142 #define MARK 0x008 /* this message is a mark */
143 #define ISKERNEL 0x010 /* kernel generated message */
146 * This structure represents the files that will have log
151 struct filed *f_next; /* next in linked list */
152 short f_type; /* entry type, see below */
153 short f_file; /* file descriptor */
154 time_t f_time; /* time this was last written */
155 char *f_host; /* host from which to recd. */
156 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */
157 u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */
161 char *f_program; /* program this applies to */
163 char f_uname[MAXUNAMES][UT_NAMESIZE+1];
165 char f_hname[MAXHOSTNAMELEN];
166 struct addrinfo *f_addr;
168 } f_forw; /* forwarding address */
169 char f_fname[MAXPATHLEN];
171 char f_pname[MAXPATHLEN];
175 char f_prevline[MAXSVLINE]; /* last message logged */
176 char f_lasttime[16]; /* time of last occurrence */
177 char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */
178 int f_prevpri; /* pri of f_prevline */
179 int f_prevlen; /* length of f_prevline */
180 int f_prevcount; /* repetition cnt of prevline */
181 int f_repeatcount; /* number of "repeated" msgs */
185 * Queue of about-to-be dead processes we should watch out for.
188 TAILQ_HEAD(stailhead, deadq_entry) deadq_head;
189 struct stailhead *deadq_headp;
194 TAILQ_ENTRY(deadq_entry) dq_entries;
198 * The timeout to apply to processes waiting on the dead queue. Unit
199 * of measure is `mark intervals', i.e. 20 minutes by default.
200 * Processes on the dead queue will be terminated after that time.
203 #define DQ_TIMO_INIT 2
205 typedef struct deadq_entry *dq_t;
209 * Struct to hold records of network addresses that are allowed to log
217 struct sockaddr_storage addr;
218 struct sockaddr_storage mask;
222 #define a_addr u.numeric.addr
223 #define a_mask u.numeric.mask
224 #define a_name u.name
229 * Intervals at which we flush out "message repeated" messages,
230 * in seconds after previous message is logged. After each flush,
231 * we move to the next interval until we reach the largest.
233 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */
234 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1)
235 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount])
236 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \
237 (f)->f_repeatcount = MAXREPEAT; \
240 /* values for f_type */
241 #define F_UNUSED 0 /* unused entry */
242 #define F_FILE 1 /* regular file */
243 #define F_TTY 2 /* terminal */
244 #define F_CONSOLE 3 /* console terminal */
245 #define F_FORW 4 /* remote machine */
246 #define F_USERS 5 /* list of users */
247 #define F_WALL 6 /* everyone logged on */
248 #define F_PIPE 7 /* pipe to program */
250 char *TypeNames[8] = {
251 "UNUSED", "FILE", "TTY", "CONSOLE",
252 "FORW", "USERS", "WALL", "PIPE"
256 struct filed consfile;
258 int Debug; /* debug flag */
259 int resolve = 1; /* resolve hostname */
260 char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */
261 char *LocalDomain; /* our local domain name */
262 int *finet = NULL; /* Internet datagram socket */
263 int fklog = -1; /* /dev/klog */
264 int Initialized = 0; /* set when we have initialized ourselves */
265 int MarkInterval = 20 * 60; /* interval between marks in seconds */
266 int MarkSeq = 0; /* mark sequence number */
267 int SecureMode = 0; /* when true, receive only unix domain socks */
269 int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */
271 int family = PF_INET; /* protocol family (IPv4 only) */
273 int send_to_all = 0; /* send message to all IPv4/IPv6 addresses */
275 char bootfile[MAXLINE+1]; /* booted kernel file */
277 struct allowedpeer *AllowedPeers;
278 int NumAllowed = 0; /* # of AllowedPeer entries */
280 int UniquePriority = 0; /* Only log specified priority? */
281 int LogFacPri = 0; /* Put facility and priority in log message: */
282 /* 0=no, 1=numeric, 2=names */
283 int KeepKernFac = 0; /* Keep remotely logged kernel facility */
285 int allowaddr __P((char *));
286 void cfline __P((char *, struct filed *, char *, char *));
287 char *cvthname __P((struct sockaddr *));
288 void deadq_enter __P((pid_t, const char *));
289 int deadq_remove __P((pid_t));
290 int decode __P((const char *, CODE *));
292 void domark __P((int));
293 void fprintlog __P((struct filed *, int, char *));
294 int* socksetup __P((int));
295 void init __P((int));
296 void logerror __P((const char *));
297 void logmsg __P((int, char *, char *, int));
298 void log_deadchild __P((pid_t, int, const char *));
299 void printline __P((char *, char *));
300 void printsys __P((char *));
301 int p_open __P((char *, pid_t *));
302 void readklog __P((void));
303 void reapchild __P((int));
304 char *ttymsg __P((struct iovec *, int, char *, int));
305 static void usage __P((void));
306 int validate __P((struct sockaddr *, const char *));
307 static void unmapped __P((struct sockaddr *));
308 void wallmsg __P((struct filed *, struct iovec *));
309 int waitdaemon __P((int, int, int));
310 void timedout __P((int));
318 struct sockaddr_un sunx, fromunix;
319 struct sockaddr_storage frominet;
321 char *p, *hname, line[MAXLINE + 1];
322 struct timeval tv, *tvp;
323 struct sigaction sact;
328 while ((ch = getopt(argc, argv, "46Aa:df:kl:m:np:P:suv")) != -1)
341 case 'a': /* allow specific network addresses only */
342 if (allowaddr(optarg) == -1)
345 case 'd': /* debug */
348 case 'f': /* configuration file */
351 case 'k': /* keep remote kern fac */
355 if (nfunix < MAXFUNIX)
356 funixn[nfunix++] = optarg;
358 warnx("out of descriptors, ignoring %s",
361 case 'm': /* mark interval */
362 MarkInterval = atoi(optarg) * 60;
370 case 'P': /* path for alt. PID */
373 case 's': /* no network mode */
376 case 'u': /* only log specified priority */
379 case 'v': /* log facility and priority */
386 if ((argc -= optind) != 0)
390 ppid = waitdaemon(0, 0, 30);
392 err(1, "could not become daemon");
399 consfile.f_type = F_CONSOLE;
400 (void)strcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1);
401 (void)gethostname(LocalHostName, sizeof(LocalHostName));
402 if ((p = strchr(LocalHostName, '.')) != NULL) {
407 (void)strcpy(bootfile, getbootfile());
408 (void)signal(SIGTERM, die);
409 (void)signal(SIGINT, Debug ? die : SIG_IGN);
410 (void)signal(SIGQUIT, Debug ? die : SIG_IGN);
412 * We don't want the SIGCHLD and SIGHUP handlers to interfere
413 * with each other; they are likely candidates for being called
414 * simultaneously (SIGHUP closes pipe descriptor, process dies,
418 sigaddset(&mask, SIGHUP);
419 sact.sa_handler = reapchild;
421 sact.sa_flags = SA_RESTART;
422 (void)sigaction(SIGCHLD, &sact, NULL);
423 (void)signal(SIGALRM, domark);
424 (void)signal(SIGPIPE, SIG_IGN); /* We'll catch EPIPE instead. */
425 (void)alarm(TIMERINTVL);
427 TAILQ_INIT(&deadq_head);
430 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2)
432 for (i = 0; i < nfunix; i++) {
433 memset(&sunx, 0, sizeof(sunx));
434 sunx.sun_family = AF_UNIX;
435 (void)strncpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path));
436 funix[i] = socket(AF_UNIX, SOCK_DGRAM, 0);
438 bind(funix[i], (struct sockaddr *)&sunx,
439 SUN_LEN(&sunx)) < 0 ||
440 chmod(funixn[i], 0666) < 0) {
441 (void) snprintf(line, sizeof line,
442 "cannot create %s", funixn[i]);
444 dprintf("cannot create %s (%d)\n", funixn[i], errno);
450 finet = socksetup(family);
454 for (i = 0; i < *finet; i++) {
455 if (shutdown(finet[i+1], SHUT_RD) < 0) {
456 logerror("shutdown");
462 dprintf("listening on inet and/or inet6 socket\n");
463 dprintf("sending on inet and/or inet6 socket\n");
466 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) >= 0)
467 if (fcntl(fklog, F_SETFL, O_NONBLOCK) < 0)
470 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno);
472 /* tuck my process id away */
473 fp = fopen(PidFile, "w");
475 fprintf(fp, "%d\n", getpid());
479 dprintf("off & running....\n");
482 /* prevent SIGHUP and SIGCHLD handlers from running in parallel */
484 sigaddset(&mask, SIGCHLD);
485 sact.sa_handler = init;
487 sact.sa_flags = SA_RESTART;
488 (void)sigaction(SIGHUP, &sact, NULL);
491 tv.tv_sec = tv.tv_usec = 0;
499 FD_SET(fklog, &readfds);
503 if (finet && !SecureMode) {
504 for (i = 0; i < *finet; i++) {
505 FD_SET(finet[i+1], &readfds);
506 if (finet[i+1] > nfds)
510 for (i = 0; i < nfunix; i++) {
511 if (funix[i] != -1) {
512 FD_SET(funix[i], &readfds);
518 /*dprintf("readfds = %#x\n", readfds);*/
519 nfds = select(nfds+1, &readfds, (fd_set *)NULL,
520 (fd_set *)NULL, tvp);
534 /*dprintf("got a message (%d, %#x)\n", nfds, readfds);*/
535 if (fklog != -1 && FD_ISSET(fklog, &readfds))
537 if (finet && !SecureMode) {
538 for (i = 0; i < *finet; i++) {
539 if (FD_ISSET(finet[i+1], &readfds)) {
540 len = sizeof(frominet);
541 l = recvfrom(finet[i+1], line, MAXLINE,
542 0, (struct sockaddr *)&frominet,
546 hname = cvthname((struct sockaddr *)&frominet);
547 unmapped((struct sockaddr *)&frominet);
548 if (validate((struct sockaddr *)&frominet, hname))
549 printline(hname, line);
550 } else if (l < 0 && errno != EINTR)
551 logerror("recvfrom inet");
555 for (i = 0; i < nfunix; i++) {
556 if (funix[i] != -1 && FD_ISSET(funix[i], &readfds)) {
557 len = sizeof(fromunix);
558 l = recvfrom(funix[i], line, MAXLINE, 0,
559 (struct sockaddr *)&fromunix, &len);
562 printline(LocalHostName, line);
563 } else if (l < 0 && errno != EINTR)
564 logerror("recvfrom unix");
574 struct sockaddr_in6 *sin6;
575 struct sockaddr_in sin;
577 if (sa->sa_family != AF_INET6)
579 if (sa->sa_len != sizeof(struct sockaddr_in6) ||
580 sizeof(sin) > sa->sa_len)
582 sin6 = (struct sockaddr_in6 *)sa;
583 if (!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
586 memset(&sin, 0, sizeof(sin));
587 sin.sin_family = AF_INET;
588 sin.sin_len = sizeof(struct sockaddr_in);
589 memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr[12],
590 sizeof(sin.sin_addr));
591 sin.sin_port = sin6->sin6_port;
593 memcpy(sa, &sin, sin.sin_len);
600 fprintf(stderr, "%s\n%s\n%s\n",
601 "usage: syslogd [-46Adnsuv] [-a allowed_peer] [-f config_file]",
602 " [-m mark_interval] [-l log_socket]",
603 " [-p log_socket] [-P pid_file]");
608 * Take a raw input line, decode the message, and print the message
609 * on the appropriate log files.
612 printline(hname, msg)
617 char *p, *q, line[MAXLINE + 1];
619 /* test for special codes */
624 while (isdigit(*++p))
625 pri = 10 * pri + (*p - '0');
629 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
632 /* don't allow users to log kernel messages */
633 if (LOG_FAC(pri) == LOG_KERN && !KeepKernFac)
634 pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
638 while ((c = (unsigned char)*p++) != '\0' &&
639 q < &line[sizeof(line) - 4]) {
640 if ((c & 0x80) && c < 0xA0) {
645 if (isascii(c) && iscntrl(c)) {
659 logmsg(pri, line, hname, 0);
663 * Read /dev/klog while data are available, split into lines.
668 char *p, *q, line[MAXLINE + 1];
673 i = read(fklog, line + len, MAXLINE - 1 - len);
675 line[i + len] = '\0';
676 else if (i < 0 && errno != EINTR && errno != EAGAIN) {
683 for (p = line; (q = strchr(p, '\n')) != NULL; p = q + 1) {
688 if (len >= MAXLINE - 1) {
693 memmove(line, p, len + 1);
700 * Take a raw input line from /dev/klog, format similar to syslog().
708 flags = ISKERNEL | SYNC_FILE | ADDDATE; /* fsync after write */
712 while (isdigit(*++p))
713 pri = 10 * pri + (*p - '0');
716 if ((pri & LOG_FACMASK) == LOG_CONSOLE)
719 /* kernel printf's come out on console */
722 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
724 logmsg(pri, p, LocalHostName, flags);
730 * Log a message to the appropriate log files, users, etc. based on
734 logmsg(pri, msg, from, flags)
740 int i, fac, msglen, omask, prilev;
742 char prog[NAME_MAX+1];
745 dprintf("logmsg: pri %o, flags %x, from %s, msg %s\n",
746 pri, flags, from, msg);
748 omask = sigblock(sigmask(SIGHUP)|sigmask(SIGALRM));
751 * Check to see if msg looks non-standard.
753 msglen = strlen(msg);
754 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' ||
755 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ')
760 timestamp = ctime(&now) + 4;
767 /* skip leading blanks */
768 while (isspace(*msg)) {
773 /* extract facility and priority level */
775 fac = LOG_NFACILITIES;
778 prilev = LOG_PRI(pri);
780 /* extract program name */
781 for (i = 0; i < NAME_MAX; i++) {
782 if (!isalnum(msg[i]))
788 /* add kernel prefix for kernel messages */
789 if (flags & ISKERNEL) {
790 snprintf(buf, sizeof(buf), "%s: %s", bootfile, msg);
792 msglen = strlen(buf);
795 /* log the message to the particular outputs */
798 f->f_file = open(ctty, O_WRONLY, 0);
800 if (f->f_file >= 0) {
801 fprintlog(f, flags, msg);
802 (void)close(f->f_file);
804 (void)sigsetmask(omask);
807 for (f = Files; f; f = f->f_next) {
808 /* skip messages that are incorrect priority */
809 if (!(((f->f_pcmp[fac] & PRI_EQ) && (f->f_pmask[fac] == prilev))
810 ||((f->f_pcmp[fac] & PRI_LT) && (f->f_pmask[fac] < prilev))
811 ||((f->f_pcmp[fac] & PRI_GT) && (f->f_pmask[fac] > prilev))
813 || f->f_pmask[fac] == INTERNAL_NOPRI)
815 /* skip messages with the incorrect hostname */
817 switch (f->f_host[0]) {
819 if (strcmp(from, f->f_host + 1) != 0)
823 if (strcmp(from, f->f_host + 1) == 0)
828 /* skip messages with the incorrect program name */
830 if (strcmp(prog, f->f_program) != 0)
833 if (f->f_type == F_CONSOLE && (flags & IGN_CONS))
836 /* don't output marks to recently written files */
837 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
841 * suppress duplicate lines to this file
843 if ((flags & MARK) == 0 && msglen == f->f_prevlen &&
844 !strcmp(msg, f->f_prevline) &&
845 !strcasecmp(from, f->f_prevhost)) {
846 (void)strncpy(f->f_lasttime, timestamp, 15);
848 dprintf("msg repeated %d times, %ld sec of %d\n",
849 f->f_prevcount, (long)(now - f->f_time),
850 repeatinterval[f->f_repeatcount]);
852 * If domark would have logged this by now,
853 * flush it now (so we don't hold isolated messages),
854 * but back off so we'll flush less often
857 if (now > REPEATTIME(f)) {
858 fprintlog(f, flags, (char *)NULL);
862 /* new line, save it */
864 fprintlog(f, 0, (char *)NULL);
865 f->f_repeatcount = 0;
867 (void)strncpy(f->f_lasttime, timestamp, 15);
868 (void)strncpy(f->f_prevhost, from,
869 sizeof(f->f_prevhost)-1);
870 f->f_prevhost[sizeof(f->f_prevhost)-1] = '\0';
871 if (msglen < MAXSVLINE) {
872 f->f_prevlen = msglen;
873 (void)strcpy(f->f_prevline, msg);
874 fprintlog(f, flags, (char *)NULL);
876 f->f_prevline[0] = 0;
878 fprintlog(f, flags, msg);
882 (void)sigsetmask(omask);
886 fprintlog(f, flags, msg)
895 char line[MAXLINE + 1], repbuf[80], greetings[200];
899 if (f->f_type == F_WALL) {
900 v->iov_base = greetings;
901 v->iov_len = snprintf(greetings, sizeof greetings,
902 "\r\n\7Message from syslogd@%s at %.24s ...\r\n",
903 f->f_prevhost, ctime(&now));
909 v->iov_base = f->f_lasttime;
918 static char fp_buf[30]; /* Hollow laugh */
919 int fac = f->f_prevpri & LOG_FACMASK;
920 int pri = LOG_PRI(f->f_prevpri);
921 const char *f_s = NULL;
922 char f_n[5]; /* Hollow laugh */
923 const char *p_s = NULL;
924 char p_n[5]; /* Hollow laugh */
929 for (c = facilitynames; c->c_name; c++) {
930 if (c->c_val == fac) {
935 for (c = prioritynames; c->c_name; c++) {
936 if (c->c_val == pri) {
943 snprintf(f_n, sizeof f_n, "%d", LOG_FAC(fac));
947 snprintf(p_n, sizeof p_n, "%d", pri);
950 snprintf(fp_buf, sizeof fp_buf, "<%s.%s> ", f_s, p_s);
951 v->iov_base = fp_buf;
952 v->iov_len = strlen(fp_buf);
959 v->iov_base = f->f_prevhost;
960 v->iov_len = strlen(v->iov_base);
968 v->iov_len = strlen(msg);
969 } else if (f->f_prevcount > 1) {
970 v->iov_base = repbuf;
971 v->iov_len = sprintf(repbuf, "last message repeated %d times",
974 v->iov_base = f->f_prevline;
975 v->iov_len = f->f_prevlen;
979 dprintf("Logging to %s", TypeNames[f->f_type]);
988 dprintf(" %s\n", f->f_un.f_forw.f_hname);
989 /* check for local vs remote messages */
990 if (strcasecmp(f->f_prevhost, LocalHostName))
991 l = snprintf(line, sizeof line - 1,
992 "<%d>%.15s Forwarded from %s: %s",
993 f->f_prevpri, iov[0].iov_base, f->f_prevhost,
996 l = snprintf(line, sizeof line - 1, "<%d>%.15s %s",
997 f->f_prevpri, iov[0].iov_base, iov[5].iov_base);
1002 for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) {
1003 for (i = 0; i < *finet; i++) {
1006 * should we check AF first, or just
1007 * trial and error? FWD
1010 address_family_of(finet[i+1]))
1012 lsent = sendto(finet[i+1], line, l, 0,
1013 r->ai_addr, r->ai_addrlen);
1017 if (lsent == l && !send_to_all)
1022 (void)close(f->f_file);
1024 f->f_type = F_UNUSED;
1031 dprintf(" %s\n", f->f_un.f_fname);
1034 if (writev(f->f_file, iov, 7) < 0) {
1036 (void)close(f->f_file);
1037 f->f_type = F_UNUSED;
1039 logerror(f->f_un.f_fname);
1040 } else if (flags & SYNC_FILE)
1041 (void)fsync(f->f_file);
1045 dprintf(" %s\n", f->f_un.f_pipe.f_pname);
1048 if (f->f_un.f_pipe.f_pid == 0) {
1049 if ((f->f_file = p_open(f->f_un.f_pipe.f_pname,
1050 &f->f_un.f_pipe.f_pid)) < 0) {
1051 f->f_type = F_UNUSED;
1052 logerror(f->f_un.f_pipe.f_pname);
1056 if (writev(f->f_file, iov, 7) < 0) {
1058 (void)close(f->f_file);
1059 if (f->f_un.f_pipe.f_pid > 0)
1060 deadq_enter(f->f_un.f_pipe.f_pid,
1061 f->f_un.f_pipe.f_pname);
1062 f->f_un.f_pipe.f_pid = 0;
1064 logerror(f->f_un.f_pipe.f_pname);
1069 if (flags & IGN_CONS) {
1070 dprintf(" (ignored)\n");
1076 dprintf(" %s%s\n", _PATH_DEV, f->f_un.f_fname);
1077 v->iov_base = "\r\n";
1080 errno = 0; /* ttymsg() only sometimes returns an errno */
1081 if ((msgret = ttymsg(iov, 7, f->f_un.f_fname, 10))) {
1082 f->f_type = F_UNUSED;
1090 v->iov_base = "\r\n";
1099 * WALLMSG -- Write a message to the world at large
1101 * Write the specified message to either the entire
1102 * world, or a list of approved users.
1109 static int reenter; /* avoid calling ourselves */
1114 char line[sizeof(ut.ut_line) + 1];
1118 if ((uf = fopen(_PATH_UTMP, "r")) == NULL) {
1119 logerror(_PATH_UTMP);
1124 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) {
1125 if (ut.ut_name[0] == '\0')
1127 strncpy(line, ut.ut_line, sizeof(ut.ut_line));
1128 line[sizeof(ut.ut_line)] = '\0';
1129 if (f->f_type == F_WALL) {
1130 if ((p = ttymsg(iov, 7, line, TTYMSGTIME)) != NULL) {
1131 errno = 0; /* already in msg */
1136 /* should we send the message to this user? */
1137 for (i = 0; i < MAXUNAMES; i++) {
1138 if (!f->f_un.f_uname[i][0])
1140 if (!strncmp(f->f_un.f_uname[i], ut.ut_name,
1142 if ((p = ttymsg(iov, 7, line, TTYMSGTIME))
1144 errno = 0; /* already in msg */
1163 while ((pid = wait3(&status, WNOHANG, (struct rusage *)NULL)) > 0) {
1165 /* Don't tell while we are initting. */
1168 /* First, look if it's a process from the dead queue. */
1169 if (deadq_remove(pid))
1172 /* Now, look in list of active processes. */
1173 for (f = Files; f; f = f->f_next)
1174 if (f->f_type == F_PIPE &&
1175 f->f_un.f_pipe.f_pid == pid) {
1176 (void)close(f->f_file);
1177 f->f_un.f_pipe.f_pid = 0;
1178 log_deadchild(pid, status,
1179 f->f_un.f_pipe.f_pname);
1188 * Return a printable representation of a host address.
1195 sigset_t omask, nmask;
1197 static char hname[NI_MAXHOST], ip[NI_MAXHOST];
1199 error = getnameinfo((struct sockaddr *)f,
1200 ((struct sockaddr *)f)->sa_len,
1201 ip, sizeof ip, NULL, 0,
1202 NI_NUMERICHOST | withscopeid);
1203 dprintf("cvthname(%s)\n", ip);
1206 dprintf("Malformed from address %s\n", gai_strerror(error));
1212 sigemptyset(&nmask);
1213 sigaddset(&nmask, SIGHUP);
1214 sigprocmask(SIG_BLOCK, &nmask, &omask);
1215 error = getnameinfo((struct sockaddr *)f,
1216 ((struct sockaddr *)f)->sa_len,
1217 hname, sizeof hname, NULL, 0,
1218 NI_NAMEREQD | withscopeid);
1219 sigprocmask(SIG_SETMASK, &omask, NULL);
1221 dprintf("Host name for your address (%s) unknown\n", ip);
1224 if ((p = strchr(hname, '.')) && strcasecmp(p + 1, LocalDomain) == 0)
1236 now = time((time_t *)NULL);
1237 MarkSeq += TIMERINTVL;
1238 if (MarkSeq >= MarkInterval) {
1239 logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK);
1243 for (f = Files; f; f = f->f_next) {
1244 if (f->f_prevcount && now >= REPEATTIME(f)) {
1245 dprintf("flush %s: repeated %d times, %d sec.\n",
1246 TypeNames[f->f_type], f->f_prevcount,
1247 repeatinterval[f->f_repeatcount]);
1248 fprintlog(f, 0, (char *)NULL);
1253 /* Walk the dead queue, and see if we should signal somebody. */
1254 for (q = TAILQ_FIRST(&deadq_head); q != NULL; q = TAILQ_NEXT(q, dq_entries))
1255 switch (q->dq_timeout) {
1257 /* Already signalled once, try harder now. */
1258 if (kill(q->dq_pid, SIGKILL) != 0)
1259 (void)deadq_remove(q->dq_pid);
1264 * Timed out on dead queue, send terminate
1265 * signal. Note that we leave the removal
1266 * from the dead queue to reapchild(), which
1267 * will also log the event (unless the process
1268 * didn't even really exist, in case we simply
1269 * drop it from the dead queue).
1271 if (kill(q->dq_pid, SIGTERM) != 0)
1272 (void)deadq_remove(q->dq_pid);
1279 (void)alarm(TIMERINTVL);
1283 * Print syslogd errors some place.
1293 sizeof buf, "syslogd: %s: %s", type, strerror(errno));
1295 (void)snprintf(buf, sizeof buf, "syslogd: %s", type);
1297 dprintf("%s\n", buf);
1298 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE);
1306 int was_initialized;
1310 was_initialized = Initialized;
1311 Initialized = 0; /* Don't log SIGCHLDs. */
1312 for (f = Files; f != NULL; f = f->f_next) {
1313 /* flush any pending output */
1315 fprintlog(f, 0, (char *)NULL);
1316 if (f->f_type == F_PIPE)
1317 (void)close(f->f_file);
1319 Initialized = was_initialized;
1321 dprintf("syslogd: exiting on signal %d\n", signo);
1322 (void)sprintf(buf, "exiting on signal %d", signo);
1326 for (i = 0; i < nfunix; i++)
1327 if (funixn[i] && funix[i] != -1)
1328 (void)unlink(funixn[i]);
1333 * INIT -- Initialize syslogd from configuration table
1341 struct filed *f, *next, **nextp;
1343 char cline[LINE_MAX];
1344 char prog[NAME_MAX+1];
1345 char host[MAXHOSTNAMELEN];
1350 * Close all open log files.
1353 for (f = Files; f != NULL; f = next) {
1354 /* flush any pending output */
1356 fprintlog(f, 0, (char *)NULL);
1358 switch (f->f_type) {
1363 (void)close(f->f_file);
1366 (void)close(f->f_file);
1367 if (f->f_un.f_pipe.f_pid > 0)
1368 deadq_enter(f->f_un.f_pipe.f_pid,
1369 f->f_un.f_pipe.f_pname);
1370 f->f_un.f_pipe.f_pid = 0;
1374 if (f->f_program) free(f->f_program);
1375 if (f->f_host) free(f->f_host);
1381 /* open the configuration file */
1382 if ((cf = fopen(ConfFile, "r")) == NULL) {
1383 dprintf("cannot open %s\n", ConfFile);
1384 *nextp = (struct filed *)calloc(1, sizeof(*f));
1385 cfline("*.ERR\t/dev/console", *nextp, "*", "*");
1386 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f));
1387 cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*");
1393 * Foreach line in the conf table, open that file.
1398 while (fgets(cline, sizeof(cline), cf) != NULL) {
1400 * check for end-of-section, comments, strip off trailing
1401 * spaces and newline character. #!prog is treated specially:
1402 * following lines apply only to that program.
1404 for (p = cline; isspace(*p); ++p)
1410 if (*p != '!' && *p != '+' && *p != '-')
1413 if (*p == '+' || *p == '-') {
1415 while (isspace(*p)) p++;
1416 if ((!*p) || (*p == '*')) {
1422 for (i = 1; i < MAXHOSTNAMELEN - 1; i++) {
1423 if (!isalnum(*p) && *p != '.' && *p != '-')
1432 while (isspace(*p)) p++;
1433 if ((!*p) || (*p == '*')) {
1437 for (i = 0; i < NAME_MAX; i++) {
1445 for (p = strchr(cline, '\0'); isspace(*--p);)
1448 f = (struct filed *)calloc(1, sizeof(*f));
1451 cfline(cline, f, prog, host);
1454 /* close the configuration file */
1460 for (f = Files; f; f = f->f_next) {
1461 for (i = 0; i <= LOG_NFACILITIES; i++)
1462 if (f->f_pmask[i] == INTERNAL_NOPRI)
1465 printf("%d ", f->f_pmask[i]);
1466 printf("%s: ", TypeNames[f->f_type]);
1467 switch (f->f_type) {
1469 printf("%s", f->f_un.f_fname);
1474 printf("%s%s", _PATH_DEV, f->f_un.f_fname);
1478 printf("%s", f->f_un.f_forw.f_hname);
1482 printf("%s", f->f_un.f_pipe.f_pname);
1486 for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++)
1487 printf("%s, ", f->f_un.f_uname[i]);
1491 printf(" (%s)", f->f_program);
1496 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE);
1497 dprintf("syslogd: restarted\n");
1501 * Crack a configuration file line
1504 cfline(line, f, prog, host)
1510 struct addrinfo hints, *res;
1513 char buf[MAXLINE], ebuf[100];
1515 dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host);
1517 errno = 0; /* keep strerror() stuff out of logerror messages */
1519 /* clear out file entry */
1520 memset(f, 0, sizeof(*f));
1521 for (i = 0; i <= LOG_NFACILITIES; i++)
1522 f->f_pmask[i] = INTERNAL_NOPRI;
1524 /* save hostname if any */
1525 if (host && *host == '*')
1528 f->f_host = strdup(host);
1530 /* save program name if any */
1531 if (prog && *prog == '*')
1534 f->f_program = strdup(prog);
1536 /* scan through the list of selectors */
1537 for (p = line; *p && *p != '\t' && *p != ' ';) {
1541 /* find the end of this facility name list */
1542 for (q = p; *q && *q != '\t' && *q != ' ' && *q++ != '.'; )
1545 /* get the priority comparison */
1568 pri_cmp = (UniquePriority)
1573 /* collect priority name */
1574 for (bp = buf; *q && !strchr("\t,; ", *q); )
1579 while (strchr(",;", *q))
1582 /* decode priority name */
1584 pri = LOG_PRIMASK + 1;
1586 pri = decode(buf, prioritynames);
1588 (void)snprintf(ebuf, sizeof ebuf,
1589 "unknown priority name \"%s\"", buf);
1595 /* scan facilities */
1596 while (*p && !strchr("\t.; ", *p)) {
1597 for (bp = buf; *p && !strchr("\t,;. ", *p); )
1602 for (i = 0; i < LOG_NFACILITIES; i++) {
1603 f->f_pmask[i] = pri;
1604 f->f_pcmp[i] = pri_cmp;
1607 i = decode(buf, facilitynames);
1609 (void)snprintf(ebuf, sizeof ebuf,
1610 "unknown facility name \"%s\"",
1615 f->f_pmask[i >> 3] = pri;
1616 f->f_pcmp[i >> 3] = pri_cmp;
1618 while (*p == ',' || *p == ' ')
1625 /* skip to action part */
1626 while (*p == '\t' || *p == ' ')
1632 (void)strncpy(f->f_un.f_forw.f_hname, ++p,
1633 sizeof(f->f_un.f_forw.f_hname)-1);
1634 f->f_un.f_forw.f_hname[sizeof(f->f_un.f_forw.f_hname)-1] = '\0';
1635 memset(&hints, 0, sizeof(hints));
1636 hints.ai_family = family;
1637 hints.ai_socktype = SOCK_DGRAM;
1638 error = getaddrinfo(f->f_un.f_forw.f_hname, "syslog", &hints,
1641 logerror(gai_strerror(error));
1644 f->f_un.f_forw.f_addr = res;
1649 if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) {
1650 f->f_type = F_UNUSED;
1654 if (isatty(f->f_file)) {
1655 if (strcmp(p, ctty) == 0)
1656 f->f_type = F_CONSOLE;
1659 (void)strcpy(f->f_un.f_fname, p + sizeof _PATH_DEV - 1);
1661 (void)strcpy(f->f_un.f_fname, p);
1667 f->f_un.f_pipe.f_pid = 0;
1668 (void)strcpy(f->f_un.f_pipe.f_pname, p + 1);
1677 for (i = 0; i < MAXUNAMES && *p; i++) {
1678 for (q = p; *q && *q != ','; )
1680 (void)strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE);
1681 if ((q - p) > UT_NAMESIZE)
1682 f->f_un.f_uname[i][UT_NAMESIZE] = '\0';
1684 f->f_un.f_uname[i][q - p] = '\0';
1685 while (*q == ',' || *q == ' ')
1689 f->f_type = F_USERS;
1696 * Decode a symbolic name to a numeric value
1699 decode(name, codetab)
1707 return (atoi(name));
1709 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) {
1711 *p = tolower(*name);
1716 for (c = codetab; c->c_name; c++)
1717 if (!strcmp(buf, c->c_name))
1724 * fork off and become a daemon, but wait for the child to come online
1725 * before returing to the parent, or we get disk thrashing at boot etc.
1726 * Set a timer so we don't hang forever if it wedges.
1729 waitdaemon(nochdir, noclose, maxwait)
1730 int nochdir, noclose, maxwait;
1734 pid_t pid, childpid;
1736 switch (childpid = fork()) {
1742 signal(SIGALRM, timedout);
1744 while ((pid = wait3(&status, 0, NULL)) != -1) {
1745 if (WIFEXITED(status))
1746 errx(1, "child pid %d exited with return code %d",
1747 pid, WEXITSTATUS(status));
1748 if (WIFSIGNALED(status))
1749 errx(1, "child pid %d exited on signal %d%s",
1750 pid, WTERMSIG(status),
1751 WCOREDUMP(status) ? " (core dumped)" :
1753 if (pid == childpid) /* it's gone... */
1765 if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
1766 (void)dup2(fd, STDIN_FILENO);
1767 (void)dup2(fd, STDOUT_FILENO);
1768 (void)dup2(fd, STDERR_FILENO);
1776 * We get a SIGALRM from the child when it's running and finished doing it's
1777 * fsync()'s or O_SYNC writes for all the boot messages.
1779 * We also get a signal from the kernel if the timer expires, so check to
1780 * see what happened.
1788 signal(SIGALRM, SIG_DFL);
1790 errx(1, "timed out waiting for child");
1796 * Add `s' to the list of allowable peer addresses to accept messages
1799 * `s' is a string in the form:
1801 * [*]domainname[:{servicename|portnumber|*}]
1805 * netaddr/maskbits[:{servicename|portnumber|*}]
1807 * Returns -1 on error, 0 if the argument was valid.
1814 struct allowedpeer ap;
1816 int masklen = -1, i;
1817 struct addrinfo hints, *res;
1818 struct in_addr *addrp, *maskp;
1819 u_int32_t *addr6p, *mask6p;
1820 char ip[NI_MAXHOST];
1823 if (*s != '[' || (cp1 = strchr(s + 1, ']')) == NULL)
1826 if ((cp1 = strrchr(cp1, ':'))) {
1827 /* service/port provided */
1829 if (strlen(cp1) == 1 && *cp1 == '*')
1830 /* any port allowed */
1832 else if ((se = getservbyname(cp1, "udp")))
1833 ap.port = ntohs(se->s_port);
1835 ap.port = strtol(cp1, &cp2, 0);
1837 return -1; /* port not numeric */
1840 if ((se = getservbyname("syslog", "udp")))
1841 ap.port = ntohs(se->s_port);
1843 /* sanity, should not happen */
1847 if ((cp1 = strchr(s, '/')) != NULL &&
1848 strspn(cp1 + 1, "0123456789") == strlen(cp1 + 1)) {
1850 if ((masklen = atoi(cp1 + 1)) < 0)
1855 cp2 = s + strlen(s) - 1;
1864 memset(&hints, 0, sizeof(hints));
1865 hints.ai_family = PF_UNSPEC;
1866 hints.ai_socktype = SOCK_DGRAM;
1867 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
1868 if (getaddrinfo(s, NULL, &hints, &res) == 0) {
1870 memcpy(&ap.a_addr, res->ai_addr, res->ai_addrlen);
1871 memset(&ap.a_mask, 0, sizeof(ap.a_mask));
1872 ap.a_mask.ss_family = res->ai_family;
1873 if (res->ai_family == AF_INET) {
1874 ap.a_mask.ss_len = sizeof(struct sockaddr_in);
1875 maskp = &((struct sockaddr_in *)&ap.a_mask)->sin_addr;
1876 addrp = &((struct sockaddr_in *)&ap.a_addr)->sin_addr;
1878 /* use default netmask */
1879 if (IN_CLASSA(ntohl(addrp->s_addr)))
1880 maskp->s_addr = htonl(IN_CLASSA_NET);
1881 else if (IN_CLASSB(ntohl(addrp->s_addr)))
1882 maskp->s_addr = htonl(IN_CLASSB_NET);
1884 maskp->s_addr = htonl(IN_CLASSC_NET);
1885 } else if (masklen <= 32) {
1886 /* convert masklen to netmask */
1887 maskp->s_addr = htonl(~((1 << (32 - masklen)) - 1));
1892 /* Lose any host bits in the network number. */
1893 addrp->s_addr &= maskp->s_addr;
1896 else if (res->ai_family == AF_INET6 && masklen <= 128) {
1897 ap.a_mask.ss_len = sizeof(struct sockaddr_in6);
1900 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
1901 /* convert masklen to netmask */
1902 while (masklen > 0) {
1904 *mask6p = htonl(~(0xffffffff >> masklen));
1907 *mask6p++ = 0xffffffff;
1910 /* Lose any host bits in the network number. */
1911 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
1912 addr6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_addr)->sin6_addr;
1913 for (i = 0; i < 4; i++)
1914 addr6p[i] &= mask6p[i];
1923 /* arg `s' is domain name */
1937 printf("allowaddr: rule %d: ", NumAllowed);
1939 printf("numeric, ");
1940 getnameinfo((struct sockaddr *)&ap.a_addr,
1941 ((struct sockaddr *)&ap.a_addr)->sa_len,
1942 ip, sizeof ip, NULL, 0,
1943 NI_NUMERICHOST | withscopeid);
1944 printf("addr = %s, ", ip);
1945 getnameinfo((struct sockaddr *)&ap.a_mask,
1946 ((struct sockaddr *)&ap.a_mask)->sa_len,
1947 ip, sizeof ip, NULL, 0,
1948 NI_NUMERICHOST | withscopeid);
1949 printf("mask = %s; ", ip);
1951 printf("domainname = %s; ", ap.a_name);
1952 printf("port = %d\n", ap.port);
1955 if ((AllowedPeers = realloc(AllowedPeers,
1956 ++NumAllowed * sizeof(struct allowedpeer)))
1958 fprintf(stderr, "Out of memory!\n");
1961 memcpy(&AllowedPeers[NumAllowed - 1], &ap, sizeof(struct allowedpeer));
1966 * Validate that the remote peer has permission to log to us.
1970 struct sockaddr *sa;
1975 char *cp, name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV];
1976 struct allowedpeer *ap;
1977 struct sockaddr_in *sin, *a4p = NULL, *m4p = NULL;
1978 struct sockaddr_in6 *sin6, *a6p = NULL, *m6p = NULL;
1979 struct addrinfo hints, *res;
1982 if (NumAllowed == 0)
1983 /* traditional behaviour, allow everything */
1986 strlcpy(name, hname, sizeof name);
1987 memset(&hints, 0, sizeof(hints));
1988 hints.ai_family = PF_UNSPEC;
1989 hints.ai_socktype = SOCK_DGRAM;
1990 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
1991 if (getaddrinfo(name, NULL, &hints, &res) == 0)
1993 else if (strchr(name, '.') == NULL) {
1994 strlcat(name, ".", sizeof name);
1995 strlcat(name, LocalDomain, sizeof name);
1997 if (getnameinfo(sa, sa->sa_len, ip, sizeof ip, port, sizeof port,
1998 NI_NUMERICHOST | withscopeid | NI_NUMERICSERV) != 0)
1999 return 0; /* for safety, should not occur */
2000 dprintf("validate: dgram from IP %s, port %s, name %s;\n",
2004 /* now, walk down the list */
2005 for (i = 0, ap = AllowedPeers; i < NumAllowed; i++, ap++) {
2006 if (ap->port != 0 && ap->port != sport) {
2007 dprintf("rejected in rule %d due to port mismatch.\n", i);
2011 if (ap->isnumeric) {
2012 if (ap->a_addr.ss_family != sa->sa_family) {
2013 dprintf("rejected in rule %d due to address family mismatch.\n", i);
2016 if (ap->a_addr.ss_family == AF_INET) {
2017 sin = (struct sockaddr_in *)sa;
2018 a4p = (struct sockaddr_in *)&ap->a_addr;
2019 m4p = (struct sockaddr_in *)&ap->a_mask;
2020 if ((sin->sin_addr.s_addr & m4p->sin_addr.s_addr)
2021 != a4p->sin_addr.s_addr) {
2022 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2027 else if (ap->a_addr.ss_family == AF_INET6) {
2028 sin6 = (struct sockaddr_in6 *)sa;
2029 a6p = (struct sockaddr_in6 *)&ap->a_addr;
2030 m6p = (struct sockaddr_in6 *)&ap->a_mask;
2031 #ifdef NI_WITHSCOPEID
2032 if (a6p->sin6_scope_id != 0 &&
2033 sin6->sin6_scope_id != a6p->sin6_scope_id) {
2034 dprintf("rejected in rule %d due to scope mismatch.\n", i);
2039 for (j = 0; j < 16; j += 4) {
2040 if ((*(u_int32_t *)&sin6->sin6_addr.s6_addr[j] & *(u_int32_t *)&m6p->sin6_addr.s6_addr[j])
2041 != *(u_int32_t *)&a6p->sin6_addr.s6_addr[j]) {
2047 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2058 /* allow wildmatch */
2061 if (l2 > l1 || memcmp(cp, &name[l1 - l2], l2) != 0) {
2062 dprintf("rejected in rule %d due to name mismatch.\n", i);
2068 if (l2 != l1 || memcmp(cp, name, l1) != 0) {
2069 dprintf("rejected in rule %d due to name mismatch.\n", i);
2074 dprintf("accepted in rule %d.\n", i);
2075 return 1; /* hooray! */
2081 * Fairly similar to popen(3), but returns an open descriptor, as
2082 * opposed to a FILE *.
2089 int pfd[2], nulldesc, i;
2090 sigset_t omask, mask;
2091 char *argv[4]; /* sh -c cmd NULL */
2094 if (pipe(pfd) == -1)
2096 if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1)
2097 /* we are royally screwed anyway */
2101 sigaddset(&mask, SIGALRM);
2102 sigaddset(&mask, SIGHUP);
2103 sigprocmask(SIG_BLOCK, &mask, &omask);
2104 switch ((*pid = fork())) {
2106 sigprocmask(SIG_SETMASK, &omask, 0);
2117 (void)setsid(); /* Avoid catching SIGHUPs. */
2120 * Throw away pending signals, and reset signal
2121 * behaviour to standard values.
2123 signal(SIGALRM, SIG_IGN);
2124 signal(SIGHUP, SIG_IGN);
2125 sigprocmask(SIG_SETMASK, &omask, 0);
2126 signal(SIGPIPE, SIG_DFL);
2127 signal(SIGQUIT, SIG_DFL);
2128 signal(SIGALRM, SIG_DFL);
2129 signal(SIGHUP, SIG_DFL);
2131 dup2(pfd[0], STDIN_FILENO);
2132 dup2(nulldesc, STDOUT_FILENO);
2133 dup2(nulldesc, STDERR_FILENO);
2134 for (i = getdtablesize(); i > 2; i--)
2137 (void) execvp(_PATH_BSHELL, argv);
2141 sigprocmask(SIG_SETMASK, &omask, 0);
2145 * Avoid blocking on a hung pipe. With O_NONBLOCK, we are
2146 * supposed to get an EWOULDBLOCK on writev(2), which is
2147 * caught by the logic above anyway, which will in turn close
2148 * the pipe, and fork a new logging subprocess if necessary.
2149 * The stale subprocess will be killed some time later unless
2150 * it terminated itself due to closing its input pipe (so we
2151 * get rid of really dead puppies).
2153 if (fcntl(pfd[1], F_SETFL, O_NONBLOCK) == -1) {
2155 (void)snprintf(errmsg, sizeof errmsg,
2156 "Warning: cannot change pipe to PID %d to "
2157 "non-blocking behaviour.",
2165 deadq_enter(pid, name)
2173 * Be paranoid, if we can't signal the process, don't enter it
2174 * into the dead queue (perhaps it's already dead). If possible,
2175 * we try to fetch and log the child's status.
2177 if (kill(pid, 0) != 0) {
2178 if (waitpid(pid, &status, WNOHANG) > 0)
2179 log_deadchild(pid, status, name);
2183 p = malloc(sizeof(struct deadq_entry));
2186 logerror("panic: out of virtual memory!");
2191 p->dq_timeout = DQ_TIMO_INIT;
2192 TAILQ_INSERT_TAIL(&deadq_head, p, dq_entries);
2201 for (q = TAILQ_FIRST(&deadq_head); q != NULL; q = TAILQ_NEXT(q, dq_entries))
2202 if (q->dq_pid == pid) {
2203 TAILQ_REMOVE(&deadq_head, q, dq_entries);
2212 log_deadchild(pid, status, name)
2221 errno = 0; /* Keep strerror() stuff out of logerror messages. */
2222 if (WIFSIGNALED(status)) {
2223 reason = "due to signal";
2224 code = WTERMSIG(status);
2226 reason = "with status";
2227 code = WEXITSTATUS(status);
2231 (void)snprintf(buf, sizeof buf,
2232 "Logging subprocess %d (%s) exited %s %d.",
2233 pid, name, reason, code);
2241 struct addrinfo hints, *res, *r;
2242 int error, maxs, *s, *socks;
2244 memset(&hints, 0, sizeof(hints));
2245 hints.ai_flags = AI_PASSIVE;
2246 hints.ai_family = af;
2247 hints.ai_socktype = SOCK_DGRAM;
2248 error = getaddrinfo(NULL, "syslog", &hints, &res);
2250 logerror(gai_strerror(error));
2255 /* Count max number of sockets we may open */
2256 for (maxs = 0, r = res; r; r = r->ai_next, maxs++);
2257 socks = malloc((maxs+1) * sizeof(int));
2259 logerror("couldn't allocate memory for sockets");
2263 *socks = 0; /* num of sockets counter at start of array */
2265 for (r = res; r; r = r->ai_next) {
2266 *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol);
2271 #ifdef IPV6_BINDV6ONLY
2272 if (r->ai_family == AF_INET6) {
2274 if (setsockopt(*s, IPPROTO_IPV6, IPV6_BINDV6ONLY,
2275 (char *)&on, sizeof (on)) < 0) {
2276 logerror("setsockopt");
2282 if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) {
projects / FreeBSD / FreeBSD.git / blob