mirror of
https://github.com/pygos/usyslog.git
synced 2025-01-15 15:54:57 +01:00
Store log files in /var/log/syslog, also create parent directories
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
This commit is contained in:
parent
5fcb1a06cb
commit
a09f0bd8e0
3 changed files with 21 additions and 14 deletions
11
README.md
11
README.md
|
@ -10,7 +10,7 @@ forwards the parsed message to a modular backend interface.
|
|||
|
||||
Currently, there is only one implementation of the backend interface that dumps
|
||||
the log messages into files in the processes working directory (by default
|
||||
`/var/log`).
|
||||
`/var/log/syslog`).
|
||||
|
||||
A simple log rotation scheme has been implemented.
|
||||
|
||||
|
@ -40,18 +40,11 @@ library and should *in theory* work on any modern GNU/Linux or BSD system.
|
|||
The facility IDs may need to be adjusted (it uses the ones from `usyslogd`).
|
||||
|
||||
|
||||
The file backend of `usyslogd` tries to take over ownership of `/var/log`
|
||||
and make it inaccessible for all other users. This may be an issue if some
|
||||
program tries to put its own log files there as non-root user, or programs
|
||||
that try to read from them as non-root (e.g. `utmp`, `btmp`, `wtmp`, `faillog`,
|
||||
`lastlog`).
|
||||
|
||||
|
||||
# The syslog implementation
|
||||
|
||||
## Security Considerations
|
||||
|
||||
By default, the daemon switches its working directory to `/var/log`. The
|
||||
By default, the daemon switches its working directory to `/var/log/syslog`. The
|
||||
directory is created if it doesn't exist and the daemon always tries to
|
||||
change its mode to one that doesn't allow other users (except group members)
|
||||
to access the directory.
|
||||
|
|
18
syslogd.c
18
syslogd.c
|
@ -175,13 +175,27 @@ fail:
|
|||
|
||||
static int chroot_setup(void)
|
||||
{
|
||||
if (mkdir(SYSLOG_PATH, 0750)) {
|
||||
size_t i, len = strlen(SYSLOG_PATH);
|
||||
char *buffer = alloca(len + 1);
|
||||
|
||||
memcpy(buffer, SYSLOG_PATH, len + 1);
|
||||
|
||||
for (i = 0; i < len; ++i) {
|
||||
if (buffer[i] == '\0' || buffer[i] == '/') {
|
||||
buffer[i] = '\0';
|
||||
|
||||
if (mkdir(buffer, 0755)) {
|
||||
if (errno != EEXIST) {
|
||||
perror("mkdir " SYSLOG_PATH);
|
||||
perror(buffer);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
if (i < (len - 1))
|
||||
buffer[i] = '/';
|
||||
}
|
||||
}
|
||||
|
||||
if (uid > 0 && gid > 0 && chown(SYSLOG_PATH, uid, gid) != 0) {
|
||||
perror("chown " SYSLOG_PATH);
|
||||
return -1;
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
|
||||
#define SYSLOG_SOCKET "/dev/log"
|
||||
#define SYSLOG_PATH "/var/log"
|
||||
#define SYSLOG_PATH "/var/log/syslog"
|
||||
#define DEFAULT_USER "syslogd"
|
||||
#define DEFAULT_GROUP "syslogd"
|
||||
|
||||
|
|
Loading…
Reference in a new issue