Date: Sat, 2 Jun 2012 05:00:32 GMT From: Mark Johnston <markjdb@gmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/163487: syslog.conf filtering syntax broken in 9.0-RC3 (was working in 8.2) Message-ID: <201206020500.q5250W2k043971@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/163487; it has been noted by GNATS. From: Mark Johnston <markjdb@gmail.com> To: bug-followup@FreeBSD.org, root@claimlynx.com Cc: Subject: Re: bin/163487: syslog.conf filtering syntax broken in 9.0-RC3 (was working in 8.2) Date: Sat, 2 Jun 2012 00:55:38 -0400 Hm, it's not really clear to me how this could have worked on FreeBSD 8.2 - the problem's been around for a while, based on a quick look through the history of syslogd.c. There's a bug in the way that domain info gets trimmed off the host filters. When syslogd sees a line like +shawshank-1.ply.claimlynx.com it trims it to "shawshank-1" and uses that string to match incoming messages - you can see in the debug output that the incoming message comes with a hostname of "shawshank-1" rather than the FQDN. syslogd uses trimdomain(3) to get a hostname out of the host filter, and in your case it passes "shawshank-1.ply.claimlynx.com,shawshank-2.ply.claimlynx.com" to trimdomain(3), which has no effect. Then when the message from "shawshank-1" comes it, it doesn't get matched against either of the FQDNs and thus isn't logged. You can try to verify this by changing your filter to +shawshank-1,shawshank-2 I haven't actually tried to reproduce this - it's based on a reading of the syslogd code. I'll post a patch soon. Thanks, -Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201206020500.q5250W2k043971>