Date: Tue, 18 Nov 2008 22:34:10 +0100 From: Ed Schouten <ed@80386.nl> To: "Carlos A. M. dos Santos" <unixmania@gmail.com> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: [Testers wanted] /dev/console cleanups Message-ID: <20081118213410.GA81783@hoeg.nl> In-Reply-To: <20081028081154.GQ6808@hoeg.nl> References: <e71790db0810271936r1ce4619an1d64c6aae62c3ec1@mail.gmail.com> <20081028081154.GQ6808@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
--5mjPmdht4ZehXHR2 Content-Type: multipart/mixed; boundary="Y46NoIcKQuicSz3X" Content-Disposition: inline --Y46NoIcKQuicSz3X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello Carlos, others, * Ed Schouten <ed@80386.nl> wrote: > About the /dev/console issues: Robert Watson and I discussed this some > time ago on IRC and what I did in HEAD (not RELENG_7) was that I changed > TIOCCONS not to take a look at the permissions of /dev/console, but we > changed it to use priv_check(). This means that right now you can only > call TIOCCONS as root. I can't really understand why the problem exists > on RELENG_7. >=20 > About making xconsole setuid: I've read the messages you mentioned, but > I think we could just alter console to call TIOCCONS and just drop > privileges. An even better solution would be to just get rid of TIOCCONS > and invent a better solution to capture syslog messages. I can't really > understand why we want to abuse TTY's to do this. >=20 > So I can't say we're working on this, but at least I can confirm the > issue. One solution would be to let xconsole just display /var/log/messages. There shouldn't be a valid reason to let syslogd print messages to /dev/console and capture them again using TIOCCONS. We could just instruct xconsole to read its data from the log files. If you save the attached patch as /usr/ports/x11/xconsole/files/ patch-xconsole.c (create directory first) and recompile xconsole, it will use the log file. I'll discuss this with others to decide if we should take such an approach. --=20 Ed Schouten <ed@80386.nl> WWW: http://80386.nl/ --Y46NoIcKQuicSz3X Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="xconsole.diff" Content-Transfer-Encoding: quoted-printable --- xconsole.c +++ xconsole.c @@ -145,6 +145,11 @@ {"-saveLines", "*saveLines", XrmoptionSepArg, NULL}, }; =20 +#ifdef __FreeBSD__ +#define USE_FILE +#define FILE_NAME "/var/log/messages" +#endif + #ifdef ultrix #define USE_FILE #define FILE_NAME "/dev/xcons" @@ -252,7 +257,7 @@ if (!strcmp (app_resources.file, "console")) { /* must be owner and have read/write permission */ -#if !defined(__NetBSD__) && !defined(__OpenBSD__) && !defined(Lynx) && !de= fined(__UNIXOS2__) +#if !defined(__FreeBSD__) && !defined(__NetBSD__) && !defined(__OpenBSD__)= && !defined(Lynx) && !defined(__UNIXOS2__) struct stat sbuf; # if !defined (linux) if (!stat("/dev/console", &sbuf) && @@ -266,9 +271,11 @@ if (!stat(FILE_NAME, &sbuf)) # endif input =3D fopen (FILE_NAME, "r"); -# ifdef __UNIXOS2__ if (input) { + struct stat sbuf; + +# ifdef __UNIXOS2__ ULONG arg =3D 1,arglen; APIRET rc; if ((rc=3DDosDevIOCtl(fileno(input), 0x76,0x4d, @@ -278,8 +285,11 @@ fclose(input); input =3D 0; } - } # endif + + if (!fstat(fileno(input), &sbuf) && S_ISREG(sbuf.st_mode)) + regularFile =3D TRUE; + } #endif =09 #ifdef USE_PTY --Y46NoIcKQuicSz3X-- --5mjPmdht4ZehXHR2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkkjNNIACgkQ52SDGA2eCwXGXgCcDIyYlmFrOuJTBohm6Q10y0TF EgcAn3eb9oECrquRZQAgzElMVXd+EXbp =rB7+ -----END PGP SIGNATURE----- --5mjPmdht4ZehXHR2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081118213410.GA81783>