Date: Thu, 12 Mar 2020 19:55:52 +0000 (UTC) From: Mariusz Zaborski <oshogbo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r358919 - head/usr.bin/logger Message-ID: <202003121955.02CJtqcw048330@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: oshogbo Date: Thu Mar 12 19:55:51 2020 New Revision: 358919 URL: https://svnweb.freebsd.org/changeset/base/358919 Log: logger: capsicumize Submitted by: Tiger Gao <tig@freebsdfoundation.org> Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23744 Modified: head/usr.bin/logger/Makefile head/usr.bin/logger/logger.c Modified: head/usr.bin/logger/Makefile ============================================================================== --- head/usr.bin/logger/Makefile Thu Mar 12 19:10:53 2020 (r358918) +++ head/usr.bin/logger/Makefile Thu Mar 12 19:55:51 2020 (r358919) @@ -9,4 +9,10 @@ PROG= logger CFLAGS+= -DINET6 .endif +.if ${MK_CASPER} != "no" +LIBADD+= casper +LIBADD+= cap_syslog +CFLAGS+=-DWITH_CASPER +.endif + .include <bsd.prog.mk> Modified: head/usr.bin/logger/logger.c ============================================================================== --- head/usr.bin/logger/logger.c Thu Mar 12 19:10:53 2020 (r358918) +++ head/usr.bin/logger/logger.c Thu Mar 12 19:55:51 2020 (r358919) @@ -44,10 +44,12 @@ static char sccsid[] = "@(#)logger.c 8.1 (Berkeley) 6/ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); +#include <sys/capsicum.h> #include <sys/param.h> #include <sys/socket.h> #include <netinet/in.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> #include <netdb.h> @@ -57,6 +59,9 @@ __FBSDID("$FreeBSD$"); #include <time.h> #include <unistd.h> +#include <libcasper.h> +#include <casper/cap_syslog.h> + #define SYSLOG_NAMES #include <syslog.h> @@ -76,6 +81,7 @@ static void logmessage(int, const char *, const char * struct socks *, ssize_t, const char *); static void usage(void); +static cap_channel_t *capsyslog; #ifdef INET6 static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */ #else @@ -92,12 +98,13 @@ static int send_to_all = 0; /* send message to all IPv int main(int argc, char *argv[]) { + cap_channel_t *capcas; struct socks *socks; ssize_t nsock; time_t now; int ch, logflags, pri; char *tag, *host, buf[1024], *timestamp, tbuf[26], - *hostname, hbuf[MAXHOSTNAMELEN]; + *hostname, hbuf[MAXHOSTNAMELEN], *pristr; const char *svcname, *src; tag = NULL; @@ -107,6 +114,7 @@ main(int argc, char *argv[]) src = NULL; socks = NULL; pri = LOG_USER | LOG_NOTICE; + pristr = NULL; logflags = 0; unsetenv("TZ"); while ((ch = getopt(argc, argv, "46Af:H:h:iP:p:S:st:")) != -1) @@ -140,7 +148,7 @@ main(int argc, char *argv[]) svcname = optarg; break; case 'p': /* priority */ - pri = pencode(optarg); + pristr = optarg; break; case 's': /* log to standard error */ logflags |= LOG_PERROR; @@ -168,12 +176,25 @@ main(int argc, char *argv[]) nsock = 0; } + capcas = cap_init(); + if (capcas == NULL) + err(1, "Unable to contact Casper"); + caph_cache_catpages(); + caph_cache_tzdata(); + if (caph_enter() < 0) + err(1, "Unable to enter capability mode"); + capsyslog = cap_service_open(capcas, "system.syslog"); + if (capsyslog == NULL) + err(1, "Unable to open system.syslog service"); + cap_close(capcas); + + if (pristr != NULL) + pri = pencode(pristr); if (tag == NULL) tag = getlogin(); /* setup for logging */ if (host == NULL) - openlog(tag, logflags, 0); - (void) fclose(stdout); + cap_openlog(capsyslog, tag, logflags, 0); (void )time(&now); (void )ctime_r(&now, tbuf); @@ -349,7 +370,7 @@ logmessage(int pri, const char *timestamp, const char int len, i, lsent; if (nsock == 0) { - syslog(pri, "%s", buf); + cap_syslog(capsyslog, pri, "%s", buf); return; } if ((len = asprintf(&line, "<%d>%s %s %s: %s", pri, timestamp,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202003121955.02CJtqcw048330>