/* vi: set sw=4 ts=4: */ /* * Mini syslogd implementation for busybox * * Copyright (C) 1999-2004 by Erik Andersen * * Copyright (C) 2000 by Karl M. Hegbloom * * "circular buffer" Copyright (C) 2001 by Gennady Feldman * * Maintainer: Gennady Feldman as of Mar 12, 2001 * * Licensed under GPLv2 or later, see file LICENSE in this source tree. */ //config:config SYSLOGD //config: bool "syslogd (12 kb)" //config: default y //config: help //config: The syslogd utility is used to record logs of all the //config: significant events that occur on a system. Every //config: message that is logged records the date and time of the //config: event, and will generally also record the name of the //config: application that generated the message. When used in //config: conjunction with klogd, messages from the Linux kernel //config: can also be recorded. This is terribly useful, //config: especially for finding what happened when something goes //config: wrong. And something almost always will go wrong if //config: you wait long enough.... //config: //config:config FEATURE_ROTATE_LOGFILE //config: bool "Rotate message files" //config: default y //config: depends on SYSLOGD //config: help //config: This enables syslogd to rotate the message files //config: on his own. No need to use an external rotate script. //config: //config:config FEATURE_REMOTE_LOG //config: bool "Remote Log support" //config: default y //config: depends on SYSLOGD //config: help //config: When you enable this feature, the syslogd utility can //config: be used to send system log messages to another system //config: connected via a network. This allows the remote //config: machine to log all the system messages, which can be //config: terribly useful for reducing the number of serial //config: cables you use. It can also be a very good security //config: measure to prevent system logs from being tampered with //config: by an intruder. //config: //config:config FEATURE_SYSLOGD_DUP //config: bool "Support -D (drop dups) option" //config: default y //config: depends on SYSLOGD //config: help //config: Option -D instructs syslogd to drop consecutive messages //config: which are totally the same. //config: //config:config FEATURE_SYSLOGD_CFG //config: bool "Support syslog.conf" //config: default y //config: depends on SYSLOGD //config: help //config: Supports restricted syslogd config. See docs/syslog.conf.txt //config: //config:config FEATURE_SYSLOGD_READ_BUFFER_SIZE //config: int "Read buffer size in bytes" //config: default 256 //config: range 256 20000 //config: depends on SYSLOGD //config: help //config: This option sets the size of the syslog read buffer. //config: Actual memory usage increases around five times the //config: change done here. //config: //config:config FEATURE_IPC_SYSLOG //config: bool "Circular Buffer support" //config: default y //config: depends on SYSLOGD //config: help //config: When you enable this feature, the syslogd utility will //config: use a circular buffer to record system log messages. //config: When the buffer is filled it will continue to overwrite //config: the oldest messages. This can be very useful for //config: systems with little or no permanent storage, since //config: otherwise system logs can eventually fill up your //config: entire filesystem, which may cause your system to //config: break badly. //config: //config:config FEATURE_IPC_SYSLOG_BUFFER_SIZE //config: int "Circular buffer size in Kbytes (minimum 4KB)" //config: default 16 //config: range 4 2147483647 //config: depends on FEATURE_IPC_SYSLOG //config: help //config: This option sets the size of the circular buffer //config: used to record system log messages. //config: //config:config FEATURE_KMSG_SYSLOG //config: bool "Linux kernel printk buffer support" //config: default y //config: depends on SYSLOGD //config: select PLATFORM_LINUX //config: help //config: When you enable this feature, the syslogd utility will //config: write system log message to the Linux kernel's printk buffer. //config: This can be used as a smaller alternative to the syslogd IPC //config: support, as klogd and logread aren't needed. //config: //config: NOTICE: Syslog facilities in log entries needs kernel 3.5+. //applet:IF_SYSLOGD(APPLET(syslogd, BB_DIR_SBIN, BB_SUID_DROP)) //kbuild:lib-$(CONFIG_SYSLOGD) += syslogd_and_logger.o //usage:#define syslogd_trivial_usage //usage: "[OPTIONS]" //usage:#define syslogd_full_usage "\n\n" //usage: "System logging utility\n" //usage: IF_NOT_FEATURE_SYSLOGD_CFG( //usage: "(this version of syslogd ignores /etc/syslog.conf)\n" //usage: ) //usage: "\n -n Run in foreground" //usage: IF_FEATURE_REMOTE_LOG( //usage: "\n -R HOST[:PORT] Log to HOST:PORT (default PORT:514)" //usage: "\n -L Log locally and via network (default is network only if -R)" //usage: ) //usage: IF_FEATURE_IPC_SYSLOG( /* NB: -Csize shouldn't have space (because size is optional) */ //usage: "\n -C[size_kb] Log to shared mem buffer (use logread to read it)" //usage: ) //usage: IF_FEATURE_KMSG_SYSLOG( //usage: "\n -K Log to kernel printk buffer (use dmesg to read it)" //usage: ) //usage: "\n -O FILE Log to FILE (default: /var/log/messages, stdout if -)" //usage: IF_FEATURE_ROTATE_LOGFILE( //usage: "\n -s SIZE Max size (KB) before rotation (default 200KB, 0=off)" //usage: "\n -b N N rotated logs to keep (default 1, max 99, 0=purge)" //usage: ) //usage: "\n -l N Log only messages more urgent than prio N (1-8)" //usage: "\n -S Smaller output" //usage: IF_FEATURE_SYSLOGD_DUP( //usage: "\n -D Drop duplicates" //usage: ) //usage: IF_FEATURE_SYSLOGD_CFG( //usage: "\n -f FILE Use FILE as config (default:/etc/syslog.conf)" //usage: ) /* //usage: "\n -m MIN Minutes between MARK lines (default 20, 0=off)" */ //usage: //usage:#define syslogd_example_usage //usage: "$ syslogd -R masterlog:514\n" //usage: "$ syslogd -R 192.168.1.1:601\n" /* * Done in syslogd_and_logger.c: #include "libbb.h" #define SYSLOG_NAMES #define SYSLOG_NAMES_CONST #include */ #ifndef _PATH_LOG #define _PATH_LOG "/dev/log" #endif #include #include #if ENABLE_FEATURE_REMOTE_LOG #include #endif #if ENABLE_FEATURE_IPC_SYSLOG #include #include #include #endif #define DEBUG 0 /* MARK code is not very useful, is bloat, and broken: * can deadlock if alarmed to make MARK while writing to IPC buffer * (semaphores are down but do_mark routine tries to down them again) */ #undef SYSLOGD_MARK /* Write locking does not seem to be useful either */ #undef SYSLOGD_WRLOCK enum { MAX_READ = CONFIG_FEATURE_SYSLOGD_READ_BUFFER_SIZE, DNS_WAIT_SEC = 2 * 60, }; /* Semaphore operation structures */ struct shbuf_ds { int32_t size; /* size of data - 1 */ int32_t tail; /* end of message list */ char data[1]; /* data/messages */ }; #if ENABLE_FEATURE_REMOTE_LOG typedef struct { int remoteFD; unsigned last_dns_resolve; len_and_sockaddr *remoteAddr; const char *remoteHostname; } remoteHost_t; #endif typedef struct logFile_t { const char *path; int fd; time_t last_log_time; #if ENABLE_FEATURE_ROTATE_LOGFILE unsigned size; uint8_t isRegular; #endif } logFile_t; #if ENABLE_FEATURE_SYSLOGD_CFG typedef struct logRule_t { uint8_t enabled_facility_priomap[LOG_NFACILITIES]; struct logFile_t *file; struct logRule_t *next; } logRule_t; #endif /* Allows us to have smaller initializer. Ugly. */ #define GLOBALS \ logFile_t logFile; \ /* interval between marks in seconds */ \ /*int markInterval;*/ \ /* level of messages to be logged */ \ int logLevel; \ IF_FEATURE_ROTATE_LOGFILE( \ /* max size of file before rotation */ \ unsigned logFileSize; \ /* number of rotated message files */ \ unsigned logFileRotate; \ ) \ IF_FEATURE_IPC_SYSLOG( \ int shmid; /* ipc shared memory id */ \ int s_semid; /* ipc semaphore id */ \ int shm_size; \ struct sembuf SMwup[1]; \ struct sembuf SMwdn[3]; \ ) \ IF_FEATURE_SYSLOGD_CFG( \ logRule_t *log_rules; \ ) \ IF_FEATURE_KMSG_SYSLOG( \ int kmsgfd; \ int primask; \ ) struct init_globals { GLOBALS }; struct globals { GLOBALS #if ENABLE_FEATURE_REMOTE_LOG llist_t *remoteHosts; #endif #if ENABLE_FEATURE_IPC_SYSLOG struct shbuf_ds *shbuf; #endif /* localhost's name. We print only first 64 chars */ char *hostname; /* We recv into recvbuf... */ char recvbuf[MAX_READ * (1 + ENABLE_FEATURE_SYSLOGD_DUP)]; /* ...then copy to parsebuf, escaping control chars */ /* (can grow x2 max) */ char parsebuf[MAX_READ*2]; /* ...then sprintf into printbuf, adding timestamp (15 chars), * host (64), fac.prio (20) to the message */ /* (growth by: 15 + 64 + 20 + delims = ~110) */ char printbuf[MAX_READ*2 + 128]; }; static const struct init_globals init_data = { .logFile = { .path = "/var/log/messages", .fd = -1, }, #ifdef SYSLOGD_MARK .markInterval = 20 * 60, #endif .logLevel = 8, #if ENABLE_FEATURE_ROTATE_LOGFILE .logFileSize = 200 * 1024, .logFileRotate = 1, #endif #if ENABLE_FEATURE_IPC_SYSLOG .shmid = -1, .s_semid = -1, .shm_size = ((CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE)*1024), /* default shm size */ .SMwup = { {1, -1, IPC_NOWAIT} }, .SMwdn = { {0, 0}, {1, 0}, {1, +1} }, #endif }; #define G (*ptr_to_globals) #define INIT_G() do { \ SET_PTR_TO_GLOBALS(memcpy(xzalloc(sizeof(G)), &init_data, sizeof(init_data))); \ } while (0) /* Options */ enum { OPTBIT_mark = 0, // -m OPTBIT_nofork, // -n OPTBIT_outfile, // -O OPTBIT_loglevel, // -l OPTBIT_small, // -S IF_FEATURE_ROTATE_LOGFILE(OPTBIT_filesize ,) // -s IF_FEATURE_ROTATE_LOGFILE(OPTBIT_rotatecnt ,) // -b IF_FEATURE_REMOTE_LOG( OPTBIT_remotelog ,) // -R IF_FEATURE_REMOTE_LOG( OPTBIT_locallog ,) // -L IF_FEATURE_IPC_SYSLOG( OPTBIT_circularlog,) // -C IF_FEATURE_SYSLOGD_DUP( OPTBIT_dup ,) // -D IF_FEATURE_SYSLOGD_CFG( OPTBIT_cfg ,) // -f IF_FEATURE_KMSG_SYSLOG( OPTBIT_kmsg ,) // -K OPT_mark = 1 << OPTBIT_mark , OPT_nofork = 1 << OPTBIT_nofork , OPT_outfile = 1 << OPTBIT_outfile , OPT_loglevel = 1 << OPTBIT_loglevel, OPT_small = 1 << OPTBIT_small , OPT_filesize = IF_FEATURE_ROTATE_LOGFILE((1 << OPTBIT_filesize )) + 0, OPT_rotatecnt = IF_FEATURE_ROTATE_LOGFILE((1 << OPTBIT_rotatecnt )) + 0, OPT_remotelog = IF_FEATURE_REMOTE_LOG( (1 << OPTBIT_remotelog )) + 0, OPT_locallog = IF_FEATURE_REMOTE_LOG( (1 << OPTBIT_locallog )) + 0, OPT_circularlog = IF_FEATURE_IPC_SYSLOG( (1 << OPTBIT_circularlog)) + 0, OPT_dup = IF_FEATURE_SYSLOGD_DUP( (1 << OPTBIT_dup )) + 0, OPT_cfg = IF_FEATURE_SYSLOGD_CFG( (1 << OPTBIT_cfg )) + 0, OPT_kmsg = IF_FEATURE_KMSG_SYSLOG( (1 << OPTBIT_kmsg )) + 0, }; #define OPTION_STR "m:nO:l:S" \ IF_FEATURE_ROTATE_LOGFILE("s:" ) \ IF_FEATURE_ROTATE_LOGFILE("b:" ) \ IF_FEATURE_REMOTE_LOG( "R:*") \ IF_FEATURE_REMOTE_LOG( "L" ) \ IF_FEATURE_IPC_SYSLOG( "C::") \ IF_FEATURE_SYSLOGD_DUP( "D" ) \ IF_FEATURE_SYSLOGD_CFG( "f:" ) \ IF_FEATURE_KMSG_SYSLOG( "K" ) #define OPTION_DECL *opt_m, *opt_l \ IF_FEATURE_ROTATE_LOGFILE(,*opt_s) \ IF_FEATURE_ROTATE_LOGFILE(,*opt_b) \ IF_FEATURE_IPC_SYSLOG( ,*opt_C = NULL) \ IF_FEATURE_SYSLOGD_CFG( ,*opt_f = NULL) #define OPTION_PARAM &opt_m, &(G.logFile.path), &opt_l \ IF_FEATURE_ROTATE_LOGFILE(,&opt_s) \ IF_FEATURE_ROTATE_LOGFILE(,&opt_b) \ IF_FEATURE_REMOTE_LOG( ,&remoteAddrList) \ IF_FEATURE_IPC_SYSLOG( ,&opt_C) \ IF_FEATURE_SYSLOGD_CFG( ,&opt_f) #if ENABLE_FEATURE_SYSLOGD_CFG static const CODE* find_by_name(char *name, const CODE* c_set) { for (; c_set->c_name; c_set++) { if (strcmp(name, c_set->c_name) == 0) return c_set; } return NULL; } #endif static const CODE* find_by_val(int val, const CODE* c_set) { for (; c_set->c_name; c_set++) { if (c_set->c_val == val) return c_set; } return NULL; } #if ENABLE_FEATURE_SYSLOGD_CFG static void parse_syslogdcfg(const char *file) { char *t; logRule_t **pp_rule; /* tok[0] set of selectors */ /* tok[1] file name */ /* tok[2] has to be NULL */ char *tok[3]; parser_t *parser; parser = config_open2(file ? file : "/etc/syslog.conf", file ? xfopen_for_read : fopen_for_read); if (!parser) /* didn't find default /etc/syslog.conf */ /* proceed as if we built busybox without config support */ return; /* use ptr to ptr to avoid checking whether head was initialized */ pp_rule = &G.log_rules; /* iterate through lines of config, skipping comments */ while (config_read(parser, tok, 3, 2, "# \t", PARSE_NORMAL | PARSE_MIN_DIE)) { char *cur_selector; logRule_t *cur_rule; /* unexpected trailing token? */ if (tok[2]) goto cfgerr; cur_rule = *pp_rule = xzalloc(sizeof(*cur_rule)); cur_selector = tok[0]; /* iterate through selectors: "kern.info;kern.!err;..." */ do { const CODE *code; char *next_selector; uint8_t negated_prio; /* "kern.!err" */ uint8_t single_prio; /* "kern.=err" */ uint32_t facmap; /* bitmap of enabled facilities */ uint8_t primap; /* bitmap of enabled priorities */ unsigned i; next_selector = strchr(cur_selector, ';'); if (next_selector) *next_selector++ = '\0'; t = strchr(cur_selector, '.'); if (!t) goto cfgerr; *t++ = '\0'; /* separate facility from priority */ negated_prio = 0; single_prio = 0; if (*t == '!') { negated_prio = 1; ++t; } if (*t == '=') { single_prio = 1; ++t; } /* parse priority */ if (*t == '*') primap = 0xff; /* all 8 log levels enabled */ else { uint8_t priority; code = find_by_name(t, bb_prioritynames); if (!code) goto cfgerr; primap = 0; priority = code->c_val; if (priority == INTERNAL_NOPRI) { /* ensure we take "enabled_facility_priomap[fac] &= 0" branch below */ negated_prio = 1; } else { priority = 1 << priority; do { primap |= priority; if (single_prio) break; priority >>= 1; } while (priority); if (negated_prio) primap = ~primap; } } /* parse facility */ if (*cur_selector == '*') facmap = (1<" */ do { next_facility = strchr(t, ','); if (next_facility) *next_facility++ = '\0'; code = find_by_name(t, bb_facilitynames); if (!code) goto cfgerr; /* "mark" is not a real facility, skip it */ if (code->c_val != INTERNAL_MARK) facmap |= 1<<(LOG_FAC(code->c_val)); t = next_facility; } while (t); } /* merge result with previous selectors */ for (i = 0; i < LOG_NFACILITIES; ++i) { if (!(facmap & (1<enabled_facility_priomap[i] &= primap; else cur_rule->enabled_facility_priomap[i] |= primap; } cur_selector = next_selector; } while (cur_selector); /* check whether current file name was mentioned in previous rules or * as global logfile (G.logFile). */ if (strcmp(G.logFile.path, tok[1]) == 0) { cur_rule->file = &G.logFile; goto found; } /* temporarily use cur_rule as iterator, but *pp_rule still points * to currently processing rule entry. * NOTE: *pp_rule points to the current (and last in the list) rule. */ for (cur_rule = G.log_rules; cur_rule != *pp_rule; cur_rule = cur_rule->next) { if (strcmp(cur_rule->file->path, tok[1]) == 0) { /* found - reuse the same file structure */ (*pp_rule)->file = cur_rule->file; cur_rule = *pp_rule; goto found; } } cur_rule->file = xzalloc(sizeof(*cur_rule->file)); cur_rule->file->fd = -1; cur_rule->file->path = xstrdup(tok[1]); found: pp_rule = &cur_rule->next; } config_close(parser); return; cfgerr: bb_error_msg_and_die("error in '%s' at line %d", file ? file : "/etc/syslog.conf", parser->lineno); } #endif /* circular buffer variables/structures */ #if ENABLE_FEATURE_IPC_SYSLOG #if CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE < 4 #error Sorry, you must set the syslogd buffer size to at least 4KB. #error Please check CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE #endif /* our shared key (syslogd.c and logread.c must be in sync) */ enum { KEY_ID = 0x414e4547 }; /* "GENA" */ static void ipcsyslog_cleanup(void) { if (G.shmid != -1) { shmdt(G.shbuf); } if (G.shmid != -1) { shmctl(G.shmid, IPC_RMID, NULL); } if (G.s_semid != -1) { semctl(G.s_semid, 0, IPC_RMID, 0); } } static void ipcsyslog_init(void) { if (DEBUG) printf("shmget(%x, %d,...)\n", (int)KEY_ID, G.shm_size); G.shmid = shmget(KEY_ID, G.shm_size, IPC_CREAT | 0644); if (G.shmid == -1) { bb_perror_msg_and_die("shmget"); } G.shbuf = shmat(G.shmid, NULL, 0); if (G.shbuf == (void*) -1L) { /* shmat has bizarre error return */ bb_perror_msg_and_die("shmat"); } memset(G.shbuf, 0, G.shm_size); G.shbuf->size = G.shm_size - offsetof(struct shbuf_ds, data) - 1; /*G.shbuf->tail = 0;*/ /* we'll trust the OS to set initial semval to 0 (let's hope) */ G.s_semid = semget(KEY_ID, 2, IPC_CREAT | IPC_EXCL | 1023); if (G.s_semid == -1) { if (errno == EEXIST) { G.s_semid = semget(KEY_ID, 2, 0); if (G.s_semid != -1) return; } bb_perror_msg_and_die("semget"); } } /* Write message to shared mem buffer */ static void log_to_shmem(const char *msg) { int old_tail, new_tail; int len; if (semop(G.s_semid, G.SMwdn, 3) == -1) { bb_perror_msg_and_die("SMwdn"); } /* Circular Buffer Algorithm: * -------------------------- * tail == position where to store next syslog message. * tail's max value is (shbuf->size - 1) * Last byte of buffer is never used and remains NUL. */ len = strlen(msg) + 1; /* length with NUL included */ again: old_tail = G.shbuf->tail; new_tail = old_tail + len; if (new_tail < G.shbuf->size) { /* store message, set new tail */ memcpy(G.shbuf->data + old_tail, msg, len); G.shbuf->tail = new_tail; } else { /* k == available buffer space ahead of old tail */ int k = G.shbuf->size - old_tail; /* copy what fits to the end of buffer, and repeat */ memcpy(G.shbuf->data + old_tail, msg, k); msg += k; len -= k; G.shbuf->tail = 0; goto again; } if (semop(G.s_semid, G.SMwup, 1) == -1) { bb_perror_msg_and_die("SMwup"); } if (DEBUG) printf("tail:%d\n", G.shbuf->tail); } #else static void ipcsyslog_cleanup(void) {} static void ipcsyslog_init(void) {} void log_to_shmem(const char *msg); #endif /* FEATURE_IPC_SYSLOG */ #if ENABLE_FEATURE_KMSG_SYSLOG static void kmsg_init(void) { G.kmsgfd = xopen("/dev/kmsg", O_WRONLY); /* * kernel < 3.5 expects single char printk KERN_* priority prefix, * from 3.5 onwards the full syslog facility/priority format is supported */ if (get_linux_version_code() < KERNEL_VERSION(3,5,0)) G.primask = LOG_PRIMASK; else G.primask = -1; } static void kmsg_cleanup(void) { if (ENABLE_FEATURE_CLEAN_UP) close(G.kmsgfd); } /* Write message to /dev/kmsg */ static void log_to_kmsg(int pri, const char *msg) { /* * kernel < 3.5 expects single char printk KERN_* priority prefix, * from 3.5 onwards the full syslog facility/priority format is supported */ pri &= G.primask; full_write(G.kmsgfd, G.printbuf, sprintf(G.printbuf, "<%d>%s\n", pri, msg)); } #else static void kmsg_init(void) {} static void kmsg_cleanup(void) {} static void log_to_kmsg(int pri UNUSED_PARAM, const char *msg UNUSED_PARAM) {} #endif /* FEATURE_KMSG_SYSLOG */ /* Print a message to the log file. */ static void log_locally(time_t now, char *msg, logFile_t *log_file) { #ifdef SYSLOGD_WRLOCK struct flock fl; #endif int len = strlen(msg); /* fd can't be 0 (we connect fd 0 to /dev/log socket) */ /* fd is 1 if "-O -" is in use */ if (log_file->fd > 1) { /* Reopen log files every second. This allows admin * to delete the files and not worry about restarting us. * This costs almost nothing since it happens * _at most_ once a second for each file, and happens * only when each file is actually written. */ if (!now) now = time(NULL); if (log_file->last_log_time != now) { log_file->last_log_time = now; close(log_file->fd); goto reopen; } } else if (log_file->fd == 1) { /* We are logging to stdout: do nothing */ } else { if (LONE_DASH(log_file->path)) { log_file->fd = 1; /* log_file->isRegular = 0; - already is */ } else { reopen: log_file->fd = open(log_file->path, O_WRONLY | O_CREAT | O_NOCTTY | O_APPEND | O_NONBLOCK, 0666); if (log_file->fd < 0) { /* cannot open logfile? - print to /dev/console then */ int fd = device_open(DEV_CONSOLE, O_WRONLY | O_NOCTTY | O_NONBLOCK); if (fd < 0) fd = 2; /* then stderr, dammit */ full_write(fd, msg, len); if (fd != 2) close(fd); return; } #if ENABLE_FEATURE_ROTATE_LOGFILE { struct stat statf; log_file->isRegular = (fstat(log_file->fd, &statf) == 0 && S_ISREG(statf.st_mode)); /* bug (mostly harmless): can wrap around if file > 4gb */ log_file->size = statf.st_size; } #endif } } #ifdef SYSLOGD_WRLOCK fl.l_whence = SEEK_SET; fl.l_start = 0; fl.l_len = 1; fl.l_type = F_WRLCK; fcntl(log_file->fd, F_SETLKW, &fl); #endif #if ENABLE_FEATURE_ROTATE_LOGFILE if (G.logFileSize && log_file->isRegular && log_file->size > G.logFileSize) { if (G.logFileRotate) { /* always 0..99 */ int i = strlen(log_file->path) + 3 + 1; char oldFile[i]; char newFile[i]; i = G.logFileRotate - 1; /* rename: f.8 -> f.9; f.7 -> f.8; ... */ while (1) { sprintf(newFile, "%s.%d", log_file->path, i); if (i == 0) break; sprintf(oldFile, "%s.%d", log_file->path, --i); /* ignore errors - file might be missing */ rename(oldFile, newFile); } /* newFile == "f.0" now */ rename(log_file->path, newFile); } /* We may or may not have just renamed the file away; * if we didn't rename because we aren't keeping any backlog, * then it's time to clobber the file. If we did rename it..., * incredibly, if F and F.0 are hardlinks, POSIX _demands_ * that rename returns 0 but does not remove F!!! * (hardlinked F/F.0 pair was observed after * power failure during rename()). * So ensure old file is gone in any case: */ unlink(log_file->path); #ifdef SYSLOGD_WRLOCK fl.l_type = F_UNLCK; fcntl(log_file->fd, F_SETLKW, &fl); #endif close(log_file->fd); goto reopen; } /* TODO: what to do on write errors ("disk full")? */ len = full_write(log_file->fd, msg, len); if (len > 0) log_file->size += len; #else full_write(log_file->fd, msg, len); #endif #ifdef SYSLOGD_WRLOCK fl.l_type = F_UNLCK; fcntl(log_file->fd, F_SETLKW, &fl); #endif } static void parse_fac_prio_20(int pri, char *res20) { const CODE *c_pri, *c_fac; c_fac = find_by_val(LOG_FAC(pri) << 3, bb_facilitynames); if (c_fac) { c_pri = find_by_val(LOG_PRI(pri), bb_prioritynames); if (c_pri) { snprintf(res20, 20, "%s.%s", c_fac->c_name, c_pri->c_name); return; } } snprintf(res20, 20, "<%d>", pri); } /* len parameter is used only for "is there a timestamp?" check. * NB: some callers cheat and supply len==0 when they know * that there is no timestamp, short-circuiting the test. */ static void timestamp_and_log(int pri, char *msg, int len) { char *timestamp; time_t now; /* Jan 18 00:11:22 msg... */ /* 01234567890123456 */ if (len < 16 || msg[3] != ' ' || msg[6] != ' ' || msg[9] != ':' || msg[12] != ':' || msg[15] != ' ' ) { time(&now); timestamp = ctime(&now) + 4; /* skip day of week */ } else { now = 0; timestamp = msg; msg += 16; } timestamp[15] = '\0'; if (option_mask32 & OPT_kmsg) { log_to_kmsg(pri, msg); return; } if (option_mask32 & OPT_small) sprintf(G.printbuf, "%s %s\n", timestamp, msg); else { char res[20]; parse_fac_prio_20(pri, res); sprintf(G.printbuf, "%s %.64s %s %s\n", timestamp, G.hostname, res, msg); } /* Log message locally (to file or shared mem) */ #if ENABLE_FEATURE_SYSLOGD_CFG { bool match = 0; logRule_t *rule; uint8_t facility = LOG_FAC(pri); uint8_t prio_bit = 1 << LOG_PRI(pri); for (rule = G.log_rules; rule; rule = rule->next) { if (rule->enabled_facility_priomap[facility] & prio_bit) { log_locally(now, G.printbuf, rule->file); match = 1; } } if (match) return; } #endif if (LOG_PRI(pri) < G.logLevel) { #if ENABLE_FEATURE_IPC_SYSLOG if ((option_mask32 & OPT_circularlog) && G.shbuf) { log_to_shmem(G.printbuf); return; } #endif log_locally(now, G.printbuf, &G.logFile); } } static void timestamp_and_log_internal(const char *msg) { /* -L, or no -R */ if (ENABLE_FEATURE_REMOTE_LOG && !(option_mask32 & OPT_locallog)) return; timestamp_and_log(LOG_SYSLOG | LOG_INFO, (char*)msg, 0); } /* tmpbuf[len] is a NUL byte (set by caller), but there can be other, * embedded NULs. Split messages on each of these NULs, parse prio, * escape control chars and log each locally. */ static void split_escape_and_log(char *tmpbuf, int len) { char *p = tmpbuf; tmpbuf += len; while (p < tmpbuf) { char c; char *q = G.parsebuf; int pri = (LOG_USER | LOG_NOTICE); if (*p == '<') { /* Parse the magic priority number */ pri = bb_strtou(p + 1, &p, 10); if (*p == '>') p++; if (pri & ~(LOG_FACMASK | LOG_PRIMASK)) pri = (LOG_USER | LOG_NOTICE); } while ((c = *p++)) { if (c == '\n') c = ' '; if (!(c & ~0x1f) && c != '\t') { *q++ = '^'; c += '@'; /* ^@, ^A, ^B... */ } *q++ = c; } *q = '\0'; /* Now log it */ timestamp_and_log(pri, G.parsebuf, q - G.parsebuf); } } #ifdef SYSLOGD_MARK static void do_mark(int sig) { if (G.markInterval) { timestamp_and_log_internal("-- MARK --"); alarm(G.markInterval); } } #endif /* Don't inline: prevent struct sockaddr_un to take up space on stack * permanently */ static NOINLINE int create_socket(void) { struct sockaddr_un sunx; int sock_fd; char *dev_log_name; memset(&sunx, 0, sizeof(sunx)); sunx.sun_family = AF_UNIX; /* Unlink old /dev/log or object it points to. */ /* (if it exists, bind will fail) */ strcpy(sunx.sun_path, _PATH_LOG); dev_log_name = xmalloc_follow_symlinks(_PATH_LOG); if (dev_log_name) { safe_strncpy(sunx.sun_path, dev_log_name, sizeof(sunx.sun_path)); free(dev_log_name); } unlink(sunx.sun_path); sock_fd = xsocket(AF_UNIX, SOCK_DGRAM, 0); xbind(sock_fd, (struct sockaddr *) &sunx, sizeof(sunx)); chmod(_PATH_LOG, 0666); return sock_fd; } #if ENABLE_FEATURE_REMOTE_LOG static int try_to_resolve_remote(remoteHost_t *rh) { if (!rh->remoteAddr) { unsigned now = monotonic_sec(); /* Don't resolve name too often - DNS timeouts can be big */ if ((now - rh->last_dns_resolve) < DNS_WAIT_SEC) return -1; rh->last_dns_resolve = now; rh->remoteAddr = host2sockaddr(rh->remoteHostname, 514); if (!rh->remoteAddr) return -1; } return xsocket(rh->remoteAddr->u.sa.sa_family, SOCK_DGRAM, 0); } #endif static void do_syslogd(void) NORETURN; static void do_syslogd(void) { #if ENABLE_FEATURE_REMOTE_LOG llist_t *item; #endif #if ENABLE_FEATURE_SYSLOGD_DUP int last_sz = -1; char *last_buf; char *recvbuf = G.recvbuf; #else #define recvbuf (G.recvbuf) #endif /* Set up signal handlers (so that they interrupt read()) */ signal_no_SA_RESTART_empty_mask(SIGTERM, record_signo); signal_no_SA_RESTART_empty_mask(SIGINT, record_signo); //signal_no_SA_RESTART_empty_mask(SIGQUIT, record_signo); signal(SIGHUP, SIG_IGN); #ifdef SYSLOGD_MARK signal(SIGALRM, do_mark); alarm(G.markInterval); #endif xmove_fd(create_socket(), STDIN_FILENO); if (option_mask32 & OPT_circularlog) ipcsyslog_init(); if (option_mask32 & OPT_kmsg) kmsg_init(); timestamp_and_log_internal("syslogd started: BusyBox v" BB_VER); while (!bb_got_signal) { ssize_t sz; #if ENABLE_FEATURE_SYSLOGD_DUP last_buf = recvbuf; if (recvbuf == G.recvbuf) recvbuf = G.recvbuf + MAX_READ; else recvbuf = G.recvbuf; #endif read_again: sz = read(STDIN_FILENO, recvbuf, MAX_READ - 1); if (sz < 0) { if (!bb_got_signal) bb_perror_msg("read from %s", _PATH_LOG); break; } /* Drop trailing '\n' and NULs (typically there is one NUL) */ while (1) { if (sz == 0) goto read_again; /* man 3 syslog says: "A trailing newline is added when needed". * However, neither glibc nor uclibc do this: * syslog(prio, "test") sends "test\0" to /dev/log, * syslog(prio, "test\n") sends "test\n\0". * IOW: newline is passed verbatim! * I take it to mean that it's syslogd's job * to make those look identical in the log files. */ if (recvbuf[sz-1] != '\0' && recvbuf[sz-1] != '\n') break; sz--; } #if ENABLE_FEATURE_SYSLOGD_DUP if ((option_mask32 & OPT_dup) && (sz == last_sz)) if (memcmp(last_buf, recvbuf, sz) == 0) continue; last_sz = sz; #endif #if ENABLE_FEATURE_REMOTE_LOG /* Stock syslogd sends it '\n'-terminated * over network, mimic that */ recvbuf[sz] = '\n'; /* We are not modifying log messages in any way before send */ /* Remote site cannot trust _us_ anyway and need to do validation again */ for (item = G.remoteHosts; item != NULL; item = item->link) { remoteHost_t *rh = (remoteHost_t *)item->data; if (rh->remoteFD == -1) { rh->remoteFD = try_to_resolve_remote(rh); if (rh->remoteFD == -1) continue; } /* Send message to remote logger. * On some errors, close and set remoteFD to -1 * so that DNS resolution is retried. */ if (sendto(rh->remoteFD, recvbuf, sz+1, MSG_DONTWAIT | MSG_NOSIGNAL, &(rh->remoteAddr->u.sa), rh->remoteAddr->len) == -1 ) { switch (errno) { case ECONNRESET: case ENOTCONN: /* paranoia */ case EPIPE: close(rh->remoteFD); rh->remoteFD = -1; free(rh->remoteAddr); rh->remoteAddr = NULL; } } } #endif if (!ENABLE_FEATURE_REMOTE_LOG || (option_mask32 & OPT_locallog)) { recvbuf[sz] = '\0'; /* ensure it *is* NUL terminated */ split_escape_and_log(recvbuf, sz); } } /* while (!bb_got_signal) */ timestamp_and_log_internal("syslogd exiting"); remove_pidfile(CONFIG_PID_FILE_PATH "/syslogd.pid"); ipcsyslog_cleanup(); if (option_mask32 & OPT_kmsg) kmsg_cleanup(); kill_myself_with_sig(bb_got_signal); #undef recvbuf } int syslogd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int syslogd_main(int argc UNUSED_PARAM, char **argv) { int opts; char OPTION_DECL; #if ENABLE_FEATURE_REMOTE_LOG llist_t *remoteAddrList = NULL; #endif INIT_G(); /* No non-option params */ opts = getopt32(argv, "^"OPTION_STR"\0""=0", OPTION_PARAM); #if ENABLE_FEATURE_REMOTE_LOG while (remoteAddrList) { remoteHost_t *rh = xzalloc(sizeof(*rh)); rh->remoteHostname = llist_pop(&remoteAddrList); rh->remoteFD = -1; rh->last_dns_resolve = monotonic_sec() - DNS_WAIT_SEC - 1; llist_add_to(&G.remoteHosts, rh); } #endif #ifdef SYSLOGD_MARK if (opts & OPT_mark) // -m G.markInterval = xatou_range(opt_m, 0, INT_MAX/60) * 60; #endif //if (opts & OPT_nofork) // -n //if (opts & OPT_outfile) // -O if (opts & OPT_loglevel) // -l G.logLevel = xatou_range(opt_l, 1, 8); //if (opts & OPT_small) // -S #if ENABLE_FEATURE_ROTATE_LOGFILE if (opts & OPT_filesize) // -s G.logFileSize = xatou_range(opt_s, 0, INT_MAX/1024) * 1024; if (opts & OPT_rotatecnt) // -b G.logFileRotate = xatou_range(opt_b, 0, 99); #endif #if ENABLE_FEATURE_IPC_SYSLOG if (opt_C) // -Cn G.shm_size = xatoul_range(opt_C, 4, INT_MAX/1024) * 1024; #endif /* If they have not specified remote logging, then log locally */ if (ENABLE_FEATURE_REMOTE_LOG && !(opts & OPT_remotelog)) // -R option_mask32 |= OPT_locallog; #if ENABLE_FEATURE_SYSLOGD_CFG parse_syslogdcfg(opt_f); #endif /* Store away localhost's name before the fork */ G.hostname = safe_gethostname(); *strchrnul(G.hostname, '.') = '\0'; if (!(opts & OPT_nofork)) { bb_daemonize_or_rexec(DAEMON_CHDIR_ROOT, argv); } //umask(0); - why?? write_pidfile(CONFIG_PID_FILE_PATH "/syslogd.pid"); do_syslogd(); /* return EXIT_SUCCESS; */ } /* Clean up. Needed because we are included from syslogd_and_logger.c */ #undef DEBUG #undef SYSLOGD_MARK #undef SYSLOGD_WRLOCK #undef G #undef GLOBALS #undef INIT_G #undef OPTION_STR #undef OPTION_DECL #undef OPTION_PARAM