bin/39136: syslogd confusion between output files and configuration lines

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: bin/39136: syslogd confusion between output files and configuration lines
From: apb%cequrux.com@localhost
Date: Sat, 12 Jul 2008 08:05:00 +0000 (UTC)

>Number:         39136
>Category:       bin
>Synopsis:       syslogd confusion between output files and configuration lines
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jul 12 08:05:00 +0000 2008
>Originator:     Alan Barrett
>Release:        NetBSD 4.99.69
>Organization:
Not much
>Environment:
System: NetBSD 4.99.69
Architecture: i386
Machine: i386
>Description:
    If multiple lines in the syslog.conf fil refer to the same output
    fiel, syslogd does the wrong thing, such as sending the same
    output multiple times, or incorrectly accounting for the idle time.

>How-To-Repeat:

    Configure /etc/syslog.conf as follows:
        
        # Next three lines come from NetBSD's default syslog.conf file
        *.err;kern.*;auth.notice;authpriv.none;mail.crit /dev/console
        *.info;auth,authpriv,cron,ftp,kern,lpr,mail.none /var/log/messages
        kern.debug                                       /var/log/messages
        # Next three lines send *.debug messages from the "logger" program
        # to /var/log/messages, supplementing the "*.err" above.
        !+logger
        *.debug                                          /var/log/messages
        !*
        # Next lines send "mark" messages to console and file.
        mark.info                                        /dev/console
        mark.info                                        /var/log/messages

    Observe that "mark" messages appear on /dev/console and in
    /var/log/messages every 20 minutes, despite the following code in
    src/usr.sbin/syslogd/syslogd.c:

        /* don't output marks to recently written files */
        if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
                continue;

    Run the following commands:

        for level in debug err ; do
            logger -t logger -p user.${level} -t "test message ($level)"
        done

    Observe that the message at level "err" appears twice in
    /var/log/messages.

>Fix:
    Each entry in syslogd's "struct filed *Files" data structure
    keeps information derived from a single line in the configuration
    file (such as rules about how to match a message against the
    configuration line), as well as information about the output file
    (such as the open file sescriptor, and the time of the most recent
    output).

    These two types of information shuold be separated into two data
    structures, with the ability for multiple lines in the configuration
    file to refer to a single output file.  Matching of messages against
    rules should use one data structure, while timeout handling and
    duplicate suppression uses the other data structure.

Prev by Date: bin/39135: /usr/bin/awk: printf supports extra- (and broken) formatting rules
Next by Date: re: kern/38700
Previous by Thread: bin/39135: /usr/bin/awk: printf supports extra- (and broken) formatting rules
Next by Thread: PR/39133 CVS commit: src/dist/nawk
Indexes:

Home | Main Index | Thread Index | Old Index