Revision: 4353
http://ipcop.svn.sourceforge.net/ipcop/?rev=4353&view=rev
Author: rkerr
Date: 2010-03-17 19:12:07 +0000 (Wed, 17 Mar 2010)
Log Message:
-----------
Remove sysklogd patches - we use rsyslog now
Removed Paths:
-------------
ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-klogd-drop-root.diff
ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-bind.diff
ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-drop-root.diff
Deleted: ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-klogd-drop-root.diff
===================================================================
--- ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-klogd-drop-root.diff 2010-03-17 07:47:45 UTC (rev 4352)
+++ ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-klogd-drop-root.diff 2010-03-17 19:12:07 UTC (rev 4353)
@@ -1,171 +0,0 @@
-diff -ur sysklogd-1.5-orig/klogd.8 sysklogd-1.5/klogd.8
---- sysklogd-1.5-orig/klogd.8 2007-05-28 19:25:43.000000000 +0200
-+++ sysklogd-1.5/klogd.8 2007-11-02 11:04:02.000000000 +0100
-@@ -2,7 +2,8 @@
- .\" Copyright 1997-2007 Martin Schulze <joey@...>
- .\" May be distributed under the GNU General Public License
- .\"
--.TH KLOGD 8 "27 May 2007" "Version 1.5" "Linux System Administration"
-+.\" Thu Feb 17 2000: Chris Wing: Unprivileged klogd feature
-+.TH KLOGD 8 "02 Nov 2007" "Version 1.5+CAEN/OW" "Linux System Administration"
- .SH NAME
- klogd \- Kernel Log Daemon
- .SH SYNOPSIS
-@@ -14,6 +15,12 @@
- .RB [ " \-f "
- .I fname
- ]
-+.RB [ " \-u "
-+.I username
-+]
-+.RB [ " \-j "
-+.I chroot_dir
-+]
- .RB [ " \-iI " ]
- .RB [ " \-n " ]
- .RB [ " \-o " ]
-@@ -41,6 +48,20 @@
- .BI "\-f " file
- Log messages to the specified filename rather than to the syslog facility.
- .TP
-+.BI "\-u " username
-+Tells klogd to become the specified user and drop root privileges before
-+starting logging.
-+.TP
-+.BI "\-j " chroot_dir
-+Tells klogd to
-+.BR chroot (2)
-+into this directory after initializing.
-+This option is only valid if the \-u option is also used to run klogd
-+without root privileges.
-+Note that the use of this option will prevent \-i and \-I from working
-+unless you set up the chroot directory in such a way that klogd can still
-+read the kernel module symbols.
-+.TP
- .BI "\-i \-I"
- Signal the currently executing klogd daemon. Both of these switches control
- the loading/reloading of symbol information. The \-i switch signals the
-diff -ur sysklogd-1.5-orig/klogd.c sysklogd-1.5/klogd.c
---- sysklogd-1.5-orig/klogd.c 2007-06-17 21:21:55.000000000 +0200
-+++ sysklogd-1.5/klogd.c 2007-11-02 11:14:20.000000000 +0100
-@@ -268,6 +268,8 @@
- #include <stdarg.h>
- #include <paths.h>
- #include <stdlib.h>
-+#include <pwd.h>
-+#include <grp.h>
- #include "klogd.h"
- #include "ksyms.h"
- #ifndef TESTING
-@@ -318,6 +320,9 @@
- int debugging = 0;
- int symbols_twice = 0;
-
-+char *server_user = NULL;
-+char *chroot_dir = NULL;
-+int log_flags = 0;
-
- /* Function prototypes. */
- extern int ksyslog(int type, char *buf, int len);
-@@ -547,8 +552,9 @@
- * First do a stat to determine whether or not the proc based
- * file system is available to get kernel messages from.
- */
-- if ( use_syscall ||
-- ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) )
-+ if (!server_user &&
-+ (use_syscall ||
-+ ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT))))
- {
- /* Initialize kernel logging. */
- ksyslog(1, NULL, 0);
-@@ -972,6 +978,27 @@
- }
-
-
-+static int drop_root(void)
-+{
-+ struct passwd *pw;
-+
-+ if (!(pw = getpwnam(server_user))) return -1;
-+
-+ if (!pw->pw_uid) return -1;
-+
-+ if (chroot_dir) {
-+ if (chroot(chroot_dir)) return -1;
-+ if (chdir("/")) return -1;
-+ }
-+
-+ if (setgroups(0, NULL)) return -1;
-+ if (setgid(pw->pw_gid)) return -1;
-+ if (setuid(pw->pw_uid)) return -1;
-+
-+ return 0;
-+}
-+
-+
- int main(argc, argv)
-
- int argc;
-@@ -990,7 +1017,7 @@
- chdir ("/");
- #endif
- /* Parse the command-line. */
-- while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF)
-+ while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF)
- switch((char)ch)
- {
- case '2': /* Print lines with symbols twice. */
-@@ -1012,6 +1039,10 @@
- case 'I':
- SignalDaemon(SIGUSR2);
- return(0);
-+ case 'j': /* chroot 'j'ail */
-+ chroot_dir = optarg;
-+ log_flags |= LOG_NDELAY;
-+ break;
- case 'k': /* Kernel symbol file. */
- symfile = optarg;
- break;
-@@ -1027,6 +1058,9 @@
- case 's': /* Use syscall interface. */
- use_syscall = 1;
- break;
-+ case 'u': /* Run as this user */
-+ server_user = optarg;
-+ break;
- case 'v':
- printf("klogd %s.%s\n", VERSION, PATCHLEVEL);
- exit (1);
-@@ -1035,6 +1069,10 @@
- break;
- }
-
-+ if (chroot_dir && !server_user) {
-+ fputs("'-j' is only valid with '-u'", stderr);
-+ exit(1);
-+ }
-
- /* Set console logging level. */
- if ( log_level != (char *) 0 )
-@@ -1144,7 +1182,7 @@
- }
- }
- else
-- openlog("kernel", 0, LOG_KERN);
-+ openlog("kernel", log_flags, LOG_KERN);
-
-
- /* Handle one-shot logging. */
-@@ -1176,6 +1214,11 @@
- kill (ppid, SIGTERM);
- #endif
-
-+ if (server_user && drop_root()) {
-+ syslog(LOG_ALERT, "klogd: failed to drop root");
-+ Terminate();
-+ }
-+
- /* The main loop. */
- while (1)
- {
Deleted: ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-bind.diff
===================================================================
--- ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-bind.diff 2010-03-17 07:47:45 UTC (rev 4352)
+++ ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-bind.diff 2010-03-17 19:12:07 UTC (rev 4353)
@@ -1,107 +0,0 @@
-diff -ur sysklogd-1.5.orig/sysklogd.8 sysklogd-1.5/sysklogd.8
---- sysklogd-1.5.orig/sysklogd.8 2007-10-22 07:38:17.000000000 +0200
-+++ sysklogd-1.5/sysklogd.8 2007-10-22 06:45:49.000000000 +0200
-@@ -2,7 +2,7 @@
- .\" Copyright 2004,6,7 Martin Schulze <joey@...>
- .\" May be distributed under the GNU General Public License
- .\"
--.TH SYSKLOGD 8 "27 May 2007" "Version 1.5" "Linux System Administration"
-+.TH SYSKLOGD 8 "22 Ocotober 2007" "Version 1.5+CAEN/OW" "Linux System Administration"
- .SH NAME
- sysklogd \- Linux system logging utilities.
- .SH SYNOPSIS
-@@ -15,6 +15,9 @@
- .I config file
- ]
- .RB [ " \-h " ]
-+.RB [ " \-i "
-+.I IP address
-+]
- .RB [ " \-l "
- .I hostlist
- ]
-@@ -103,6 +106,13 @@
- This can cause syslog loops that fill up hard disks quite fast and
- thus needs to be used with caution.
- .TP
-+.BI "\-i " "IP address"
-+If
-+.B syslogd
-+is configured to accept log input from a UDP port, specify an IP address
-+to bind to, rather than the default of INADDR_ANY. The address must be in
-+dotted quad notation, DNS host names are not allowed.
-+.TP
- .BI "\-l " "hostlist"
- Specify a hostname that should be logged only with its simple hostname
- and not the fqdn. Multiple hosts may be specified using the colon
-diff -ur sysklogd-1.5.orig/syslogd.c sysklogd-1.5/syslogd.c
---- sysklogd-1.5.orig/syslogd.c 2007-10-22 07:46:53.000000000 +0200
-+++ sysklogd-1.5/syslogd.c 2007-10-22 06:54:31.000000000 +0200
-@@ -790,6 +790,8 @@
- int NoHops = 1; /* Can we bounce syslog messages through an
- intermediate host. */
-
-+char *bind_addr = NULL; /* bind UDP port to this interface only */
-+
- extern int errno;
-
- /* Function prototypes. */
-@@ -886,7 +888,7 @@
- funix[i] = -1;
- }
-
-- while ((ch = getopt(argc, argv, "a:dhf:l:m:np:rs:v")) != EOF)
-+ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF)
- switch((char)ch) {
- case 'a':
- if (nfunix < MAXFUNIX)
-@@ -903,6 +905,14 @@
- case 'h':
- NoHops = 0;
- break;
-+ case 'i':
-+ if (bind_addr) {
-+ fprintf(stderr, "Only one -i argument allowed, "
-+ "the first one is taken.\n");
-+ break;
-+ }
-+ bind_addr = optarg;
-+ break;
- case 'l':
- if (LocalHosts) {
- fprintf (stderr, "Only one -l argument allowed," \
-@@ -1239,7 +1249,7 @@
- int usage()
- {
- fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
-- " [-s domainlist] [-f conffile]\n");
-+ " [-s domainlist] [-f conffile]] [-i IP address]\n");
- exit(1);
- }
-
-@@ -1282,15 +1292,22 @@
- struct sockaddr_in sin;
- int sockflags;
-
-+ memset(&sin, 0, sizeof(sin));
-+ sin.sin_family = AF_INET;
-+ sin.sin_port = LogPort;
-+ if (bind_addr) {
-+ if (!inet_aton(bind_addr, &sin.sin_addr)) {
-+ logerror("syslog: not a valid IP address to bind to.");
-+ return -1;
-+ }
-+ }
-+
- fd = socket(AF_INET, SOCK_DGRAM, 0);
- if (fd < 0) {
- logerror("syslog: Unknown protocol, suspending inet service.");
- return fd;
- }
-
-- memset(&sin, 0, sizeof(sin));
-- sin.sin_family = AF_INET;
-- sin.sin_port = LogPort;
- if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, \
- (char *) &on, sizeof(on)) < 0 ) {
- logerror("setsockopt(REUSEADDR), suspending inet");
Deleted: ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-drop-root.diff
===================================================================
--- ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-drop-root.diff 2010-03-17 07:47:45 UTC (rev 4352)
+++ ipcop/trunk/src/patches/sysklogd-1.5-caen-owl-syslogd-drop-root.diff 2010-03-17 19:12:07 UTC (rev 4353)
@@ -1,119 +0,0 @@
-diff -ur sysklogd-1.5-bind/sysklogd.8 sysklogd-1.5/sysklogd.8
---- sysklogd-1.5-bind/sysklogd.8 2007-10-22 06:45:49.000000000 +0200
-+++ sysklogd-1.5/sysklogd.8 2007-10-22 07:14:06.000000000 +0200
-@@ -32,6 +32,9 @@
- .RB [ " \-s "
- .I domainlist
- ]
-+.RB [ " \-u"
-+.IB username
-+]
- .RB [ " \-v " ]
- .SH DESCRIPTION
- .B Sysklogd
-@@ -160,6 +163,19 @@
- no domain would be cut, you will have to specify two domains like:
- .BR "\-s north.de:infodrom.north.de" .
- .TP
-+.BI "\-u " "username"
-+This causes the
-+.B syslogd
-+daemon to become the named user before starting up logging.
-+
-+Note that when this option is in use,
-+.B syslogd
-+will open all log files as root when the daemon is first started;
-+however, after a
-+.B SIGHUP
-+the files will be reopened as the non-privileged user. You should
-+take this into account when deciding the ownership of the log files.
-+.TP
- .B "\-v"
- Print version and exit.
- .SH SIGNALS
-diff -ur sysklogd-1.5-bind/syslogd.c sysklogd-1.5/syslogd.c
---- sysklogd-1.5-bind/syslogd.c 2007-10-22 06:54:31.000000000 +0200
-+++ sysklogd-1.5/syslogd.c 2007-10-22 07:22:26.000000000 +0200
-@@ -544,6 +544,10 @@
- #include <arpa/nameser.h>
- #include <arpa/inet.h>
- #include <resolv.h>
-+
-+#include <pwd.h>
-+#include <grp.h>
-+
- #ifndef TESTING
- #include "pidfile.h"
- #endif
-@@ -790,7 +794,8 @@
- int NoHops = 1; /* Can we bounce syslog messages through an
- intermediate host. */
-
--char *bind_addr = NULL; /* bind UDP port to this interface only */
-+char *bind_addr = NULL; /* bind UDP port to this interface only */
-+char *server_user = NULL; /* user name to run server as */
-
- extern int errno;
-
-@@ -832,6 +837,21 @@
- static int create_inet_socket();
- #endif
-
-+static int drop_root(void)
-+{
-+ struct passwd *pw;
-+
-+ if (!(pw = getpwnam(server_user))) return -1;
-+
-+ if (!pw->pw_uid) return -1;
-+
-+ if (initgroups(server_user, pw->pw_gid)) return -1;
-+ if (setgid(pw->pw_gid)) return -1;
-+ if (setuid(pw->pw_uid)) return -1;
-+
-+ return 0;
-+}
-+
- int main(argc, argv)
- int argc;
- char **argv;
-@@ -888,7 +908,7 @@
- funix[i] = -1;
- }
-
-- while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF)
-+ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF)
- switch((char)ch) {
- case 'a':
- if (nfunix < MAXFUNIX)
-@@ -896,6 +916,9 @@
- else
- fprintf(stderr, "Out of descriptors, ignoring %s\n", optarg);
- break;
-+ case 'u':
-+ server_user = optarg;
-+ break;
- case 'd': /* debug */
- Debug = 1;
- break;
-@@ -1097,6 +1120,11 @@
- kill (ppid, SIGTERM);
- #endif
-
-+ if (server_user && drop_root()) {
-+ dprintf("syslogd: failed to drop root\n");
-+ exit(1);
-+ }
-+
- /* Main loop begins here. */
- for (;;) {
- int nfds;
-@@ -1249,7 +1277,7 @@
- int usage()
- {
- fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
-- " [-s domainlist] [-f conffile]] [-i IP address]\n");
-+ " [-s domainlist] [-f conffile]] [-i IP address] [-u username]\n");
- exit(1);
- }
-
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|