[src/trunk]: src/usr.sbin/syslogd Back out and redo previous at Bill Sommerfe...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/usr.sbin/syslogd Back out and redo previous at Bill Sommerfe...
From: jwise <jwise%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 07:44:36 +0000

details:   https://anonhg.NetBSD.org/src/rev/26b9ff0e018b
branches:  trunk
changeset: 494068:26b9ff0e018b
user:      jwise <jwise%NetBSD.org@localhost>
date:      Fri Jun 30 18:03:50 2000 +0000

description:
Back out and redo previous at Bill Sommerfeld's <sommerfeld%netbsd.org@localhost>
request:

        instead of the -S flag, fix the -s flag to not open a socket
        if there are no forwarding rules in /etc/syslog.conf

The behavior of syslogd when -s is specified and there are forwarding rules
should still be made cleaner.

diffstat:

 usr.sbin/syslogd/syslogd.8 |   7 ++++---
 usr.sbin/syslogd/syslogd.c |  20 ++++++++------------
 2 files changed, 12 insertions(+), 15 deletions(-)

diffs (118 lines):

diff -r 3bede3bf2f95 -r 26b9ff0e018b usr.sbin/syslogd/syslogd.8
--- a/usr.sbin/syslogd/syslogd.8        Fri Jun 30 18:02:32 2000 +0000
+++ b/usr.sbin/syslogd/syslogd.8        Fri Jun 30 18:03:50 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: syslogd.8,v 1.16 2000/06/30 17:32:43 jwise Exp $
+.\"    $NetBSD: syslogd.8,v 1.17 2000/06/30 18:03:50 jwise Exp $
 .\"
 .\" Copyright (c) 1983, 1986, 1991, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -82,8 +82,9 @@
 which syslogd runs is subject to attack over the network and it is desired
 that the machine be protected from attempts to remotely fill logs
 and similar attacks.
-.It Fl S
-Select ``secure no network'' mode, in which syslogd opens no sockets for listening or sending.
+Note that if any forwarding actions are specified in
+.Pa /etc/syslog.conf
+the socket will still be opened, but will not be listened to.
 .It Fl p
 Specify the pathname of an log socket.  Multiple
 .Fl p
diff -r 3bede3bf2f95 -r 26b9ff0e018b usr.sbin/syslogd/syslogd.c
--- a/usr.sbin/syslogd/syslogd.c        Fri Jun 30 18:02:32 2000 +0000
+++ b/usr.sbin/syslogd/syslogd.c        Fri Jun 30 18:03:50 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: syslogd.c,v 1.35 2000/06/30 17:32:43 jwise Exp $       */
+/*     $NetBSD: syslogd.c,v 1.36 2000/06/30 18:03:50 jwise Exp $       */
 
 /*
  * Copyright (c) 1983, 1988, 1993, 1994
@@ -43,7 +43,7 @@
 #if 0
 static char sccsid[] = "@(#)syslogd.c  8.3 (Berkeley) 4/4/94";
 #else
-__RCSID("$NetBSD: syslogd.c,v 1.35 2000/06/30 17:32:43 jwise Exp $");
+__RCSID("$NetBSD: syslogd.c,v 1.36 2000/06/30 18:03:50 jwise Exp $");
 #endif
 #endif /* not lint */
 
@@ -192,7 +192,7 @@
 int    MarkInterval = 20 * 60; /* interval between marks in seconds */
 int    MarkSeq = 0;            /* mark sequence number */
 int    SecureMode = 0;         /* listen only on unix domain socks */
-int    NoNetMode = 0;          /* send+listen only on unix domain socks */
+int    NumForwards = 0;        /* number of forwarding actions in conf file */
 char   **LogPaths;             /* array of pathnames to read messages from */
 
 void   cfline __P((char *, struct filed *));
@@ -228,7 +228,7 @@
        char *p, *line, **pp;
        struct pollfd *readfds;
 
-       while ((ch = getopt(argc, argv, "dsSf:m:p:P:")) != -1)
+       while ((ch = getopt(argc, argv, "dsf:m:p:P:")) != -1)
                switch(ch) {
                case 'd':               /* debug */
                        Debug++;
@@ -250,9 +250,6 @@
                case 's':               /* no network listen mode */
                        SecureMode++;
                        break;
-               case 'S':               /* no network at all mode */
-                       NoNetMode++;
-                       break;
                case '?':
                default:
                        usage();
@@ -323,6 +320,7 @@
                dprintf("listening on unix dgram socket %s\n", *pp);
        }
 
+       init(0);
        finet = socksetup(PF_UNSPEC);
        if (finet) {
                if (SecureMode) {
@@ -349,7 +347,6 @@
 
        dprintf("off & running....\n");
 
-       init(0);
        (void)signal(SIGHUP, init);
 
        /* setup pollfd set. */
@@ -452,7 +449,7 @@
        extern char *__progname;
 
        (void)fprintf(stderr,
-"usage: %s [-dsS] [-f conffile] [-m markinterval] [-P logpathfile] [-p logpath1] [-p logpath2 ..]\n",
+"usage: %s [-ds] [-f conffile] [-m markinterval] [-P logpathfile] [-p logpath1] [-p logpath2 ..]\n",
            __progname);
        exit(1);
 }
@@ -1232,8 +1229,6 @@
        switch (*p)
        {
        case '@':
-               if (!finet)
-                       break;
                (void)strcpy(f->f_un.f_forw.f_hname, ++p);
                memset(&hints, 0, sizeof(hints));
                hints.ai_family = AF_UNSPEC;
@@ -1247,6 +1242,7 @@
                }
                f->f_un.f_forw.f_addr = res;
                f->f_type = F_FORW;
+               NumForwards++;
                break;
 
        case '/':
@@ -1341,7 +1337,7 @@
        struct addrinfo hints, *res, *r;
        int error, maxs, *s, *socks;
 
-       if(NoNetMode)
+       if(SecureMode && !NumForwards)
                return(NULL);
 
        memset(&hints, 0, sizeof(hints));

Prev by Date: [src/trunk]: src/sys/arch raise MSIZE from 128 to 256.
Next by Date: [src/trunk]: src/distrib/sets/lists gifconfig(8) is obsolete.
Previous by Thread: [src/trunk]: src/sys/arch raise MSIZE from 128 to 256.
Next by Thread: [src/trunk]: src/distrib/sets/lists gifconfig(8) is obsolete.
Indexes:

Home | Main Index | Thread Index | Old Index