From 96923c291c08e18b976f0a170240c3883133501d Mon Sep 17 00:00:00 2001 From: pjd Date: Mon, 6 Mar 2006 10:36:33 +0000 Subject: By default (for security reasons) syslogd(8) doesn't create log files when they don't exist, but sometimes its quite useful (eg. we use non-standard log files and memory backed /var/, which is populated on boot). Add -C option which tells syslogd(8) to create log files if they don't exist. Glanced at by: phk MFC after: 3 days --- usr.sbin/syslogd/syslogd.8 | 9 +++++++-- usr.sbin/syslogd/syslogd.c | 10 +++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'usr.sbin/syslogd') diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8 index afb9f8a..c9faa01 100644 --- a/usr.sbin/syslogd/syslogd.8 +++ b/usr.sbin/syslogd/syslogd.8 @@ -36,7 +36,7 @@ .Nd log systems messages .Sh SYNOPSIS .Nm -.Op Fl 46Acdknosuv +.Op Fl 46ACcdknosuv .Op Fl a Ar allowed_peer .Op Fl b Ar bind_address .Op Fl f Ar config_file @@ -157,6 +157,9 @@ option is also specified. Specify one specific IP address or hostname to bind to. If a hostname is specified, the IPv4 or IPv6 address which corresponds to it is used. +.It Fl C +Create log files that do not exist (permission is set to +.Li 0600 ) . .It Fl c Disable the compression of repeated instances of the same line into a single line of the form @@ -283,7 +286,9 @@ include file .Pp For security reasons, .Nm -will not append to log files that do not exist; +will not append to log files that do not exist (unless +.Fl C +option is specified); therefore, they must be created manually before running .Nm . .Sh FILES diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 31c61c9..a41b22c 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -286,6 +286,7 @@ static int family = PF_INET; /* protocol family (IPv4 only) */ static int send_to_all; /* send message to all IPv4/IPv6 addresses */ static int use_bootfile; /* log entire bootfile for every kern msg */ static int no_compress; /* don't compress messages (1=pipes, 2=all) */ +static int logflags = O_WRONLY|O_APPEND; /* flags used to open log files */ static char bootfile[MAXLINE+1]; /* booted kernel file */ @@ -350,7 +351,7 @@ main(int argc, char *argv[]) socklen_t len; bindhostname = NULL; - while ((ch = getopt(argc, argv, "46Aa:b:cdf:kl:m:nop:P:sS:uv")) != -1) + while ((ch = getopt(argc, argv, "46Aa:b:cCdf:kl:m:nop:P:sS:uv")) != -1) switch (ch) { case '4': family = PF_INET; @@ -373,6 +374,9 @@ main(int argc, char *argv[]) case 'c': no_compress++; break; + case 'C': + logflags |= O_CREAT; + break; case 'd': /* debug */ Debug++; break; @@ -689,7 +693,7 @@ usage(void) { fprintf(stderr, "%s\n%s\n%s\n%s\n", - "usage: syslogd [-46Acdknosuv] [-a allowed_peer]", + "usage: syslogd [-46ACcdknosuv] [-a allowed_peer]", " [-b bind address] [-f config_file]", " [-l log_socket] [-m mark_interval]", " [-P pid_file] [-p log_socket]"); @@ -1886,7 +1890,7 @@ cfline(const char *line, struct filed *f, const char *prog, const char *host) break; case '/': - if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) { + if ((f->f_file = open(p, logflags, 0600)) < 0) { f->f_type = F_UNUSED; logerror(p); break; -- cgit v1.1