1
0
mirror of https://github.com/openbsd/src.git synced 2024-12-22 16:42:56 -08:00

When syslogd(8) parent process terminates, the file cleanup code

did not work anymore.  unveil(2) prevented removal.  Cleaning the
UNIX domain sockets is not necessary.  They are harmless and unlinked
before a new bind.  So delete that functionality and convert global
to local variables.  Providing /var/run/syslog.pid is a common
feature that should be kept.  A stale pid file is confusing.  So
add a constant path to unveil(2) to allow pid file removal.
OK deraadt@
This commit is contained in:
bluhm 2019-07-05 13:23:27 +00:00
parent 5e43b788fc
commit 1a7ae0c4ad
3 changed files with 8 additions and 18 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: privsep.c,v 1.70 2019/06/28 13:32:51 deraadt Exp $ */
/* $OpenBSD: privsep.c,v 1.71 2019/07/05 13:23:27 bluhm Exp $ */
/*
* Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org>
@ -190,6 +190,8 @@ priv_exec(char *conf, int numeric, int child, int argc, char *argv[])
err(1, "unveil");
if (unveil(_PATH_DEV, "rw") == -1)
err(1, "unveil");
if (unveil(_PATH_LOGPID, "c") == -1)
err(1, "unveil");
/* for pipes */
if (unveil(_PATH_BSHELL, "x") == -1)
@ -432,12 +434,6 @@ priv_exec(char *conf, int numeric, int child, int argc, char *argv[])
close(sock);
/* Unlink any domain sockets that have been opened */
for (i = 0; i < nunix; i++)
(void)unlink(path_unix[i]);
if (path_ctlsock != NULL)
(void)unlink(path_ctlsock);
if (restart) {
int status;

View File

@ -1,4 +1,4 @@
/* $OpenBSD: syslogd.c,v 1.261 2019/07/02 13:17:27 bluhm Exp $ */
/* $OpenBSD: syslogd.c,v 1.262 2019/07/05 13:23:27 bluhm Exp $ */
/*
* Copyright (c) 2014-2017 Alexander Bluhm <bluhm@genua.de>
@ -215,8 +215,6 @@ char *TypeNames[] = {
SIMPLEQ_HEAD(filed_list, filed) Files;
struct filed consfile;
int nunix; /* Number of Unix domain sockets requested */
char **path_unix; /* Paths to Unix domain sockets */
int Debug; /* debug flag */
int Foreground; /* run in foreground, instead of daemonizing */
char LocalHostName[HOST_NAME_MAX+1]; /* our hostname */
@ -233,7 +231,6 @@ int NoDNS = 0; /* when true, refrain from doing DNS lookups */
int ZuluTime = 0; /* display date and time in UTC ISO format */
int IncludeHostname = 0; /* include RFC 3164 hostnames when forwarding */
int Family = PF_UNSPEC; /* protocol family, may disable IPv4 or IPv6 */
char *path_ctlsock = NULL; /* Path to control socket */
struct tls *server_ctx;
struct tls_config *client_config, *server_config;
@ -372,7 +369,8 @@ main(int argc, char *argv[])
int ch, i;
int lockpipe[2] = { -1, -1}, pair[2], nullfd, fd;
int fd_ctlsock, fd_klog, fd_sendsys, *fd_bind, *fd_listen;
int *fd_tls, *fd_unix, nbind, nlisten, ntls;
int *fd_tls, *fd_unix, nunix, nbind, nlisten, ntls;
char **path_unix, *path_ctlsock;
char **bind_host, **bind_port, **listen_host, **listen_port;
char *tls_hostport, **tls_host, **tls_port;
@ -386,6 +384,7 @@ main(int argc, char *argv[])
err(1, "malloc %s", _PATH_LOG);
path_unix[0] = _PATH_LOG;
nunix = 1;
path_ctlsock = NULL;
bind_host = listen_host = tls_host = NULL;
bind_port = listen_port = tls_port = NULL;

View File

@ -1,4 +1,4 @@
/* $OpenBSD: syslogd.h,v 1.32 2017/10/05 16:15:24 bluhm Exp $ */
/* $OpenBSD: syslogd.h,v 1.33 2019/07/05 13:23:27 bluhm Exp $ */
/*
* Copyright (c) 2014-2017 Alexander Bluhm <bluhm@genua.de>
@ -44,11 +44,6 @@ void ttymsg(struct iovec *, int, char *);
void send_fd(int, int);
int receive_fd(int);
/* The list of domain sockets */
extern int nunix;
extern char **path_unix;
extern char *path_ctlsock;
#define ERRBUFSIZE 256
void vlogmsg(int pri, const char *, const char *, va_list);
__dead void die(int);