From owner-freebsd-hackers Sun Oct 28 23:58:35 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.gbch.net (gw.gbch.net [203.24.22.66]) by hub.freebsd.org (Postfix) with SMTP id A083737B40C for ; Sun, 28 Oct 2001 23:58:25 -0800 (PST) Received: (qmail 67830 invoked by uid 1001); 29 Oct 2001 17:58:22 +1000 Message-ID: X-Posted-By: GJB-Post 2.21 16-Jun-2001 X-Operating-System: FreeBSD 4.2-RELEASE i386 X-Location: Brisbane, Australia; 27.49841S 152.98439E X-URL: http://www.gbch.net/gjb.html X-Image-URL: http://www.gbch.net/gjb/gjb-auug048.gif X-GPG-Fingerprint: EBB2 2A92 A79D 1533 AC00 3C46 5D83 B6FB 4B04 B7D6 X-PGP-Public-Keys: http://www.gbch.net/keys.html Date: Mon, 29 Oct 2001 17:58:22 +1000 From: Greg Black To: obrien@FreeBSD.ORG Cc: Terry Lambert , Mike Barcroft , void , Kris Kennaway , hackers@FreeBSD.ORG Subject: Re: syslogd and kqueue References: <20011026233957.A9925@parhelion.firedrake.org> <20011026200436.A61058@xor.obsecurity.org> <20011027043342.A18231@parhelion.firedrake.org> <20011027001704.B2586@coffee.q9media.com> <20011027002622.C2586@coffee.q9media.com> <20011028180643.B59388@dragon.nuxi.com> <3BDCCFB2.1E5CFC49@mindspring.com> <20011028202345.A60175@dragon.nuxi.com> In-reply-to: <20011028202345.A60175@dragon.nuxi.com> of Sun, 28 Oct 2001 20:23:45 PST Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "David O'Brien" wrote: | On Sun, Oct 28, 2001 at 07:40:34PM -0800, Terry Lambert wrote: | > By using the rename/create/signal approach, syslogd is | > guaranteed to log new messages to the old file, despite the | > rename, until signalled to close and reopen the file (or a | > new file of another name, if syslog.conf is changed). | > | > If it created the file itself, there would be a potential | > race issue that would remain unresolved, which is hidden by | > the seperation of the create and the subsequent signal. | | Come again? | | 1. syslogd calls open(2) with O_CREAT. At this point syslogd happily | keeps the file open and writes to it. | 2. I rename the file. As we all know, syslogd keeps writing to its open | file. | 3. syslogd is HUP'ed, goto #1. | | No muss, no fuss. So where is the race? | Mike had the only justification so far -- that of permissions of the | file. Here's a proposal to cope with that. Add an optional sub-field to any action field in syslog.conf that begins with a slash, perhaps in the form `:0640:root:wheel'. If the syslog.conf file has this thing on the pathname, add O_CREAT to the open(2), and set the permissions and ownership as specified. If any of the three parts is missing, don't whine, but process the other parts. If the optional sub-field is completely missing (or has bad elements), stick to the old behaviour. This handles POLA, as older syslog.conf files will produce the same results as always; while those who read the additional comments in the new files can implement the new behaviour. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message