diff options
author | Cory Visi <merlin@gentoo.org> | 2006-05-25 00:54:56 +0000 |
---|---|---|
committer | Cory Visi <merlin@gentoo.org> | 2006-05-25 00:54:56 +0000 |
commit | aca8bee843f7b2a67b14c12d8dd2f747233824f5 (patch) | |
tree | 11f1b537e648fc48489866c58b8b4c2b6e25bea3 /app-admin/sysklogd | |
parent | Stopped using useless bootstrap scripts, made ebuild saner, thanks to patch f... (diff) | |
download | historical-aca8bee843f7b2a67b14c12d8dd2f747233824f5.tar.gz historical-aca8bee843f7b2a67b14c12d8dd2f747233824f5.tar.bz2 historical-aca8bee843f7b2a67b14c12d8dd2f747233824f5.zip |
Updated to version 1.4.2 using CVS patch, added a security update, fix header patch, see Bug 109671 for details
Package-Manager: portage-2.0.54-r2
Diffstat (limited to 'app-admin/sysklogd')
-rw-r--r-- | app-admin/sysklogd/ChangeLog | 13 | ||||
-rw-r--r-- | app-admin/sysklogd/Manifest | 46 | ||||
-rw-r--r-- | app-admin/sysklogd/files/digest-sysklogd-1.4.2 | 2 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff | 169 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff | 111 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff | 117 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.1-querymod.patch | 428 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd.rc6 | 11 | ||||
-rw-r--r-- | app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild | 4 | ||||
-rw-r--r-- | app-admin/sysklogd/sysklogd-1.4.2.ebuild | 65 |
10 files changed, 929 insertions, 37 deletions
diff --git a/app-admin/sysklogd/ChangeLog b/app-admin/sysklogd/ChangeLog index 6e07be30d14c..63bfb167bfff 100644 --- a/app-admin/sysklogd/ChangeLog +++ b/app-admin/sysklogd/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for app-admin/sysklogd # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/ChangeLog,v 1.39 2006/02/21 17:09:02 halcy0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/ChangeLog,v 1.40 2006/05/25 00:54:56 merlin Exp $ + +*sysklogd-1.4.2 (24 May 2006) + + 24 May 2006; Cory Visi <visi@gentoo.org> + +files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff, + +files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff, + +files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff, + +files/sysklogd-1.4.1-cvs-20051017.patch, + +files/sysklogd-1.4.1-querymod.patch, +sysklogd-1.4.2.ebuild: + Updated to version 1.4.2 using CVS patch, added a security update, fix header + patch, see Bug 109671 for details 21 Feb 2006; Mark Loeser <halcy0n@gentoo.org> +metadata.xml: Add metadata.xml diff --git a/app-admin/sysklogd/Manifest b/app-admin/sysklogd/Manifest index 953a220c9487..49c5ce6b09ca 100644 --- a/app-admin/sysklogd/Manifest +++ b/app-admin/sysklogd/Manifest @@ -1,49 +1,29 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -MD5 07f84fcc7e9ccbc8778d5863c927e987 ChangeLog 5895 -RMD160 0d1437f1bebff65fce068a70ce495aa5eb93aade ChangeLog 5895 -SHA256 255269d3da377a61bf3781090e44c4f4be997313289d5fdfa85d4fa33b321eba ChangeLog 5895 +MD5 8141eece68f0b78b43f72cbdd9be76f2 ChangeLog 6357 MD5 01d7ea5644c29972a910ab27e3ab4738 files/digest-sysklogd-1.4.1-r11 65 -RMD160 e06309208fab2d610d3ad14345c44e63aba9c1ce files/digest-sysklogd-1.4.1-r11 65 -SHA256 77b92afe4ae03d0a2ee4621ea0aae64f20452808c895641a095f269a17d9c93c files/digest-sysklogd-1.4.1-r11 65 +MD5 5f4c00c1c302c0e501fb6c6fb205a31e files/digest-sysklogd-1.4.2 145 MD5 295e4c6eea23fe444002333ffff7b1dc files/sysklogd-1.4.1-2.6.headers.patch 25062 -RMD160 8b0b177d2a3741e452243f465158110bf981dcf6 files/sysklogd-1.4.1-2.6.headers.patch 25062 -SHA256 206aa506b0943e24b5f5305c669ddcfe88a72fc18e221b6eaf087cefb39c50d6 files/sysklogd-1.4.1-2.6.headers.patch 25062 MD5 e1376d40e02cf8026882cd4451267fed files/sysklogd-1.4.1-SO_BSDCOMPAT.patch 2523 -RMD160 be25a8670bc2653344e4a8412feb0649ab3885d1 files/sysklogd-1.4.1-SO_BSDCOMPAT.patch 2523 -SHA256 e86b24d2f8312b2d4ccfc1d0bb14c5e4553494732758170ba3efae0713eef8b9 files/sysklogd-1.4.1-SO_BSDCOMPAT.patch 2523 +MD5 02bb787e1a15cf24e8673f629fa645da files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff 4320 +MD5 d58d980a5d4360697e858b24b78e0b29 files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff 3215 +MD5 8094b334231fcf44732763868133eeec files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff 2907 MD5 25bda21e29fe4f22b6f57691e395e0f3 files/sysklogd-1.4.1-mips.patch 363 -RMD160 1ea8316ee6d38b7049581882b91490f515ac0eb9 files/sysklogd-1.4.1-mips.patch 363 -SHA256 b5369c61e9c169ab8ee6a82c0f4f7678f001403098bc233a5139e4045dc4d22c files/sysklogd-1.4.1-mips.patch 363 +MD5 69f88108e424b23702d9398ce09d00b7 files/sysklogd-1.4.1-querymod.patch 10441 MD5 e25d7b583b7e4bd8be503b89e1771e90 files/sysklogd.confd 113 -RMD160 08edc849adba1b6678832f50fb822b6338c464d5 files/sysklogd.confd 113 -SHA256 11a1eeb9edd09639d5143227bada137945822b23c5abb88fec5ebaef064b991d files/sysklogd.confd 113 -MD5 faf75c09d1694eea615a03b8f2c9aee2 files/sysklogd.rc6 1735 -RMD160 f1b9e42aff8e4f38636387cfdd4dfff2b32628b4 files/sysklogd.rc6 1735 -SHA256 a98294f13fe4fc591c5ebdc87bca2f2e32161028b28d2d6aa2d2544dc0cd9480 files/sysklogd.rc6 1735 +MD5 076b94f99cc06543e18693ca3d8de4fd files/sysklogd.rc6 1893 MD5 ed1fec7ebbb4eb91447909e972f1a224 files/syslog-cron 701 -RMD160 d05e3345a59b96ab1446be171c0300fba7b2ca00 files/syslog-cron 701 -SHA256 97f22ed6ef785d396dcf0f67df43af30457f9155fc21a973f48b50b4981f4c74 files/syslog-cron 701 MD5 a4ca2a78eecd855928cc313d7c243819 files/syslog.conf 2332 -RMD160 1b3ee0e7bee6098849379fe7cbb31101f401c9bb files/syslog.conf 2332 -SHA256 1b5f4782d958760de5842a34471676892624df8e972c07148d598bb7128b79e8 files/syslog.conf 2332 MD5 39526162728783b83aabc6754a6df208 files/syslogd-listfiles 2759 -RMD160 c5991ba76e451ca43a1cf7d92addda8dec15055c files/syslogd-listfiles 2759 -SHA256 8622d5efba7bcbaa912f689cde94d6d331dfd1b53701be7bf6bfc06e57fe3a98 files/syslogd-listfiles 2759 MD5 5d4b89ceb689887a6cbb582b875bf3e7 files/syslogd-listfiles.8 2540 -RMD160 338e2e6313f7ff0b7f5939ee4297000e91927084 files/syslogd-listfiles.8 2540 -SHA256 e8e624d7efef7e2c74be3f87cf3708fe25334feb6e759705d1560001df81c145 files/syslogd-listfiles.8 2540 MD5 6fe58567b648100d4ff11902921b6889 metadata.xml 165 -RMD160 84307ea324cd4f0f46d52f2fa096a1873e2fbe53 metadata.xml 165 -SHA256 23a8851c12bd4cf7cf0528250ad5605be6b0780bbec0c51331d6d2c618c13f6a metadata.xml 165 -MD5 36f8c203391cef46e6f7e95283f9a7c3 sysklogd-1.4.1-r11.ebuild 1430 -RMD160 3ec039f821285febe4a16658900a7d4af35fef1e sysklogd-1.4.1-r11.ebuild 1430 -SHA256 56bfea442b34c04f1083ccb4e1efebf63988a51c754db86ba8624d169cf4a961 sysklogd-1.4.1-r11.ebuild 1430 +MD5 39840d555ebf738d6250ea9796f53f28 sysklogd-1.4.1-r11.ebuild 1430 +MD5 32183b29bda176450c70d43d628a8b20 sysklogd-1.4.2.ebuild 1852 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.2 (GNU/Linux) +Version: GnuPG v1.4.2.2 (GNU/Linux) -iD8DBQFD+0l3CRZPokWLroQRAv9iAJ9YO/Nr0KezOzqtkKENjoaGQJXaLQCgyt0X -bcMgR1pMZAnuzlRBM+riyGM= -=MG92 +iD8DBQFEdQBxK3VlI3Kj19sRArQQAJ9dGTpB9NV23V38BwLR0ggKQ+vCbQCgqrNG ++tWXDvnQ927lb5V8JeRpuNc= +=HQ2l -----END PGP SIGNATURE----- diff --git a/app-admin/sysklogd/files/digest-sysklogd-1.4.2 b/app-admin/sysklogd/files/digest-sysklogd-1.4.2 new file mode 100644 index 000000000000..812ec12be2ed --- /dev/null +++ b/app-admin/sysklogd/files/digest-sysklogd-1.4.2 @@ -0,0 +1,2 @@ +MD5 0448667e26888a90da374eb981a9e9a7 sysklogd-1.4.1-cvs-20051017.patch.gz 11006 +MD5 d214aa40beabf7bdb0c9b3c64432c774 sysklogd-1.4.1.tar.gz 81784 diff --git a/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff new file mode 100644 index 000000000000..fea81a784e46 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff @@ -0,0 +1,169 @@ +diff -Naur sysklogd-1.4.1-orig/klogd.8 sysklogd-1.4.1/klogd.8 +--- sysklogd-1.4.1-orig/klogd.8 2005-03-11 11:12:09.000000000 -0500 ++++ sysklogd-1.4.1/klogd.8 2005-10-17 23:47:41.615009160 -0400 +@@ -3,6 +3,7 @@ + .\" Sun Jul 30 01:35:55 MET: Martin Schulze: Updates + .\" Sun Nov 19 23:22:21 MET: Martin Schulze: Updates + .\" Mon Aug 19 09:42:08 CDT 1996: Dr. G.W. Wettstein: Updates ++.\" Thu Feb 17 2000: Chris Wing: Unprivileged klogd feature + .\" Fri Mar 11 17:11:46 CET 2005: Martin Schulze: sysctl updates + .\" + .TH KLOGD 8 "11 March 2005" "Version 1.4" "Linux System Administration" +@@ -18,6 +19,12 @@ + .RB [ " \-f " + .I fname + ] ++.RB [ " \-u " ++.I username ++] ++.RB [ " \-j " ++.I chroot_dir ++] + .RB [ " \-iI " ] + .RB [ " \-n " ] + .RB [ " \-o " ] +@@ -53,6 +60,20 @@ + .BI "\-f " file + Log messages to the specified filename rather than to the syslog facility. + .TP ++.BI "\-u " username ++Tells klogd to become the specified user and drop root privileges before ++starting logging. ++.TP ++.BI "\-j " chroot_dir ++Tells klogd to ++.BR chroot (2) ++into this directory after initializing. ++This option is only valid if the \-u option is also used to run klogd ++without root privileges. ++Note that the use of this option will prevent \-i and \-I from working ++unless you set up the chroot directory in such a way that klogd can still ++read the kernel module symbols. ++.TP + .BI "\-i \-I" + Signal the currently executing klogd daemon. Both of these switches control + the loading/reloading of symbol information. The \-i switch signals the +diff -Naur sysklogd-1.4.1-orig/klogd.c sysklogd-1.4.1/klogd.c +--- sysklogd-1.4.1-orig/klogd.c 2004-04-29 09:29:03.000000000 -0400 ++++ sysklogd-1.4.1/klogd.c 2005-10-17 23:46:05.200556847 -0400 +@@ -261,6 +261,8 @@ + #include <stdarg.h> + #include <paths.h> + #include <stdlib.h> ++#include <pwd.h> ++#include <grp.h> + #include "klogd.h" + #include "ksyms.h" + #ifndef TESTING +@@ -311,6 +313,9 @@ + int debugging = 0; + int symbols_twice = 0; + ++char *server_user = NULL; ++char *chroot_dir = NULL; ++int log_flags = 0; + + /* Function prototypes. */ + extern int ksyslog(int type, char *buf, int len); +@@ -531,8 +536,9 @@ + * First do a stat to determine whether or not the proc based + * file system is available to get kernel messages from. + */ +- if ( use_syscall || +- ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) ) ++ if (!server_user && ++ (use_syscall || ++ ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)))) + { + /* Initialize kernel logging. */ + ksyslog(1, NULL, 0); +@@ -980,6 +986,27 @@ + } + + ++static int drop_root(void) ++{ ++ struct passwd *pw; ++ ++ if (!(pw = getpwnam(server_user))) return -1; ++ ++ if (!pw->pw_uid) return -1; ++ ++ if (chroot_dir) { ++ if (chroot(chroot_dir)) return -1; ++ if (chdir("/")) return -1; ++ } ++ ++ if (setgroups(0, NULL)) return -1; ++ if (setgid(pw->pw_gid)) return -1; ++ if (setuid(pw->pw_uid)) return -1; ++ ++ return 0; ++} ++ ++ + int main(argc, argv) + + int argc; +@@ -997,7 +1024,7 @@ + chdir ("/"); + #endif + /* Parse the command-line. */ +- while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF) ++ while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF) + switch((char)ch) + { + case '2': /* Print lines with symbols twice. */ +@@ -1019,6 +1046,10 @@ + case 'I': + SignalDaemon(SIGUSR2); + return(0); ++ case 'j': /* chroot 'j'ail */ ++ chroot_dir = optarg; ++ log_flags |= LOG_NDELAY; ++ break; + case 'k': /* Kernel symbol file. */ + symfile = optarg; + break; +@@ -1034,6 +1065,9 @@ + case 's': /* Use syscall interface. */ + use_syscall = 1; + break; ++ case 'u': /* Run as this user */ ++ server_user = optarg; ++ break; + case 'v': + printf("klogd %s.%s\n", VERSION, PATCHLEVEL); + exit (1); +@@ -1042,6 +1076,10 @@ + break; + } + ++ if (chroot_dir && !server_user) { ++ fputs("'-j' is only valid with '-u'", stderr); ++ exit(1); ++ } + + /* Set console logging level. */ + if ( log_level != (char *) 0 ) +@@ -1139,7 +1177,7 @@ + } + } + else +- openlog("kernel", 0, LOG_KERN); ++ openlog("kernel", log_flags, LOG_KERN); + + + /* Handle one-shot logging. */ +@@ -1166,6 +1204,11 @@ + InitMsyms(); + } + ++ if (server_user && drop_root()) { ++ syslog(LOG_ALERT, "klogd: failed to drop root"); ++ Terminate(); ++ } ++ + /* The main loop. */ + while (1) + { diff --git a/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff new file mode 100644 index 000000000000..04ce97a53c23 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-bind.diff @@ -0,0 +1,111 @@ +diff -ur sysklogd-1.4.1.orig/sysklogd.8 sysklogd-1.4.1/sysklogd.8 +--- sysklogd-1.4.1.orig/sysklogd.8 Sun Mar 11 22:35:51 2001 ++++ sysklogd-1.4.1/sysklogd.8 Mon Oct 8 07:20:31 2001 +@@ -2,7 +2,7 @@ + .\" May be distributed under the GNU General Public License + .\" Sun Aug 30 11:35:55 MET: Martin Schulze: Updates + .\" +-.TH SYSKLOGD 8 "12 October 1998" "Version 1.3" "Linux System Administration" ++.TH SYSKLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW" "Linux System Administration" + .SH NAME + sysklogd \- Linux system logging utilities. + .SH SYNOPSIS +@@ -15,6 +15,9 @@ + .I config file + ] + .RB [ " \-h " ] ++.RB [ " \-i " ++.I IP address ++] + .RB [ " \-l " + .I hostlist + ] +@@ -103,6 +106,13 @@ + Specifying this switch on the command line will cause the log daemon to + forward any remote messages it receives to forwarding hosts which have been + defined. ++.TP ++.BI "\-i " "IP address" ++If ++.B syslogd ++is configured to accept log input from a UDP port, specify an IP address ++to bind to, rather than the default of INADDR_ANY. The address must be in ++dotted quad notation, DNS host names are not allowed. + .TP + .BI "\-l " "hostlist" + Specify a hostname that should be logged only with its simple hostname +diff -ur sysklogd-1.4.1.orig/syslogd.c sysklogd-1.4.1/syslogd.c +--- sysklogd-1.4.1.orig/syslogd.c Sun Mar 11 22:40:10 2001 ++++ sysklogd-1.4.1/syslogd.c Mon Oct 8 07:24:41 2001 +@@ -736,6 +736,8 @@ + int NoHops = 1; /* Can we bounce syslog messages through an + intermediate host. */ + ++char *bind_addr = NULL; /* bind UDP port to this interface only */ ++ + extern int errno; + + /* Function prototypes. */ +@@ -829,7 +831,7 @@ + funix[i] = -1; + } + +- while ((ch = getopt(argc, argv, "a:dhf:l:m:np:rs:v")) != EOF) ++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF) + switch((char)ch) { + case 'a': + if (nfunix < MAXFUNIX) +@@ -846,9 +848,17 @@ + case 'h': + NoHops = 0; + break; ++ case 'i': ++ if (bind_addr) { ++ fprintf(stderr, "Only one -i argument allowed, " ++ "the first one is taken.\n"); ++ break; ++ } ++ bind_addr = optarg; ++ break; + case 'l': + if (LocalHosts) { +- fprintf (stderr, "Only one -l argument allowed," \ ++ fprintf(stderr, "Only one -l argument allowed, " + "the first one is taken.\n"); + break; + } +@@ -1175,7 +1185,7 @@ + int usage() + { + fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ +- " [-s domainlist] [-f conffile]\n"); ++ " [-s domainlist] [-f conffile] [-i IP address]\n"); + exit(1); + } + +@@ -1217,15 +1227,22 @@ + int fd, on = 1; + struct sockaddr_in sin; + ++ memset(&sin, 0, sizeof(sin)); ++ sin.sin_family = AF_INET; ++ sin.sin_port = LogPort; ++ if (bind_addr) { ++ if (!inet_aton(bind_addr, &sin.sin_addr)) { ++ logerror("syslog: not a valid IP address to bind to."); ++ return -1; ++ } ++ } ++ + fd = socket(AF_INET, SOCK_DGRAM, 0); + if (fd < 0) { + logerror("syslog: Unknown protocol, suspending inet service."); + return fd; + } + +- memset(&sin, 0, sizeof(sin)); +- sin.sin_family = AF_INET; +- sin.sin_port = LogPort; + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, \ + (char *) &on, sizeof(on)) < 0 ) { + logerror("setsockopt(REUSEADDR), suspending inet"); diff --git a/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff new file mode 100644 index 000000000000..b5813c1d29c7 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff @@ -0,0 +1,117 @@ +diff -ur sysklogd-1.4.1-caen-owl-syslogd-bind/sysklogd.8 sysklogd-1.4.1/sysklogd.8 +--- sysklogd-1.4.1-caen-owl-syslogd-bind/sysklogd.8 Mon Oct 8 07:26:27 2001 ++++ sysklogd-1.4.1/sysklogd.8 Mon Oct 8 07:30:31 2001 +@@ -32,6 +32,9 @@ + .RB [ " \-s " + .I domainlist + ] ++.RB [ " \-u" ++.IB username ++] + .RB [ " \-v " ] + .LP + .SH DESCRIPTION +@@ -159,6 +162,19 @@ + is specified and the host logging resolves to satu.infodrom.north.de + no domain would be cut, you will have to specify two domains like: + .BR "\-s north.de:infodrom.north.de" . ++.TP ++.BI "\-u " "username" ++This causes the ++.B syslogd ++daemon to become the named user before starting up logging. ++ ++Note that when this option is in use, ++.B syslogd ++will open all log files as root when the daemon is first started; ++however, after a ++.B SIGHUP ++the files will be reopened as the non-privileged user. You should ++take this into account when deciding the ownership of the log files. + .TP + .B "\-v" + Print version and exit. +diff -ur sysklogd-1.4.1-caen-owl-syslogd-bind/syslogd.c sysklogd-1.4.1/syslogd.c +--- sysklogd-1.4.1-caen-owl-syslogd-bind/syslogd.c Mon Oct 8 07:26:27 2001 ++++ sysklogd-1.4.1/syslogd.c Mon Oct 8 07:40:35 2001 +@@ -491,6 +491,10 @@ + #include <arpa/nameser.h> + #include <arpa/inet.h> + #include <resolv.h> ++ ++#include <pwd.h> ++#include <grp.h> ++ + #ifndef TESTING + #include "pidfile.h" + #endif +@@ -737,6 +741,7 @@ + intermediate host. */ + + char *bind_addr = NULL; /* bind UDP port to this interface only */ ++char *server_user = NULL; /* user name to run server as */ + + extern int errno; + +@@ -778,6 +783,21 @@ + static int create_inet_socket(); + #endif + ++static int drop_root(void) ++{ ++ struct passwd *pw; ++ ++ if (!(pw = getpwnam(server_user))) return -1; ++ ++ if (!pw->pw_uid) return -1; ++ ++ if (initgroups(server_user, pw->pw_gid)) return -1; ++ if (setgid(pw->pw_gid)) return -1; ++ if (setuid(pw->pw_uid)) return -1; ++ ++ return 0; ++} ++ + int main(argc, argv) + int argc; + char **argv; +@@ -831,7 +851,7 @@ + funix[i] = -1; + } + +- while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF) ++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF) + switch((char)ch) { + case 'a': + if (nfunix < MAXFUNIX) +@@ -884,6 +904,9 @@ + } + StripDomains = crunch_list(optarg); + break; ++ case 'u': ++ server_user = optarg; ++ break; + case 'v': + printf("syslogd %s.%s\n", VERSION, PATCHLEVEL); + exit (0); +@@ -1031,6 +1054,11 @@ + kill (ppid, SIGTERM); + #endif + ++ if (server_user && drop_root()) { ++ dprintf("syslogd: failed to drop root\n"); ++ exit(1); ++ } ++ + /* Main loop begins here. */ + for (;;) { + int nfds; +@@ -1185,7 +1213,7 @@ + int usage() + { + fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ +- " [-s domainlist] [-f conffile] [-i IP address]\n"); ++ " [-s domainlist] [-f conffile] [-i IP address] [-u username]\n"); + exit(1); + } + diff --git a/app-admin/sysklogd/files/sysklogd-1.4.1-querymod.patch b/app-admin/sysklogd/files/sysklogd-1.4.1-querymod.patch new file mode 100644 index 000000000000..40f4eacd7188 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.1-querymod.patch @@ -0,0 +1,428 @@ +diff -Naur sysklogd-1.4.1-orig/ksym_mod.c sysklogd-1.4.1/ksym_mod.c +--- sysklogd-1.4.1-orig/ksym_mod.c 2005-10-17 23:56:17.527192000 -0400 ++++ sysklogd-1.4.1/ksym_mod.c 2005-10-18 00:07:36.817712908 -0400 +@@ -128,6 +128,8 @@ + #define getsyms get_kernel_syms + #endif /* __GLIBC__ */ + ++extern int query_module(const char *, int, void *, size_t, size_t *); ++ + /* Variables static to this module. */ + struct sym_table + { +@@ -148,7 +150,7 @@ + }; + + static int num_modules = 0; +-struct Module *sym_array_modules = (struct Module *) 0; ++struct Module *sym_array_modules = NULL; + + static int have_modules = 0; + +@@ -161,8 +163,8 @@ + + /* Function prototypes. */ + static void FreeModules(void); +-static int AddSymbol(struct Module *mp, unsigned long, char *); +-static int AddModule(unsigned long, char *); ++static int AddSymbol(struct Module *mp, unsigned long, const char *); ++static int AddModule(char *); + static int symsort(const void *, const void *); + + +@@ -185,81 +187,106 @@ + extern int InitMsyms() + + { +- auto int rtn, +- tmp; ++ auto size_t rtn; ++ auto int tmp; ++ ++ auto char **mod_table; ++ ++ char *modbuf = NULL, ++ *newbuf; + +- auto struct kernel_sym *ksym_table, +- *p; ++ int modsize = 32, ++ result; + + + /* Initialize the kernel module symbol table. */ + FreeModules(); + ++ /* ++ * New style symbol table parser. This uses the newer query_module ++ * function rather than the old obsolete hack of stepping thru ++ * /dev/kmem. ++ */ + + /* +- * The system call which returns the kernel symbol table has +- * essentialy two modes of operation. Called with a null pointer +- * the system call returns the number of symbols defined in the +- * the table. +- * +- * The second mode of operation is to pass a valid pointer to +- * the call which will then load the current symbol table into +- * the memory provided. +- * +- * Returning the symbol table is essentially an all or nothing +- * proposition so we need to pre-allocate enough memory for the +- * complete table regardless of how many symbols we need. +- * +- * Bummer. ++ * First, we query for the list of loaded modules. We may ++ * have to grow our buffer in size. + */ +- if ( (rtn = getsyms((struct kernel_sym *) 0)) < 0 ) +- { +- if ( errno == ENOSYS ) +- Syslog(LOG_INFO, "No module symbols loaded - " +- "kernel modules not enabled.\n"); +- else ++ do { ++ modsize+=modsize; ++ newbuf=realloc(modbuf, modsize); ++ ++ if (newbuf==NULL) { ++ /* Well, that sucks. */ + Syslog(LOG_ERR, "Error loading kernel symbols " \ + "- %s\n", strerror(errno)); ++ if (modbuf!=NULL) free(modbuf); ++ return(0); ++ } ++ ++ modbuf=newbuf; ++ ++ result=query_module(NULL, QM_MODULES, modbuf, modsize, &rtn); ++ ++ if (result<0 && errno!=ENOSPC) { ++ Syslog(LOG_ERR, "Error querying loaded modules " \ ++ "- %s\n", strerror(errno)); ++ free(modbuf); ++ return(0); ++ } ++ } while (result<0); ++ ++ if ( rtn <= 0 ) { ++ /* No modules??? */ ++ Syslog(LOG_INFO, "No module symbols loaded - " ++ "modules disabled?\n"); ++ free(modbuf); + return(0); + } + if ( debugging ) + fprintf(stderr, "Loading kernel module symbols - " + "Size of table: %d\n", rtn); + +- ksym_table = (struct kernel_sym *) malloc(rtn * \ +- sizeof(struct kernel_sym)); +- if ( ksym_table == (struct kernel_sym *) 0 ) ++ mod_table = (char **) malloc(rtn * sizeof(char *)); ++ if ( mod_table == NULL ) + { + Syslog(LOG_WARNING, " Failed memory allocation for kernel " \ + "symbol table.\n"); ++ free(modbuf); + return(0); + } +- if ( (rtn = getsyms(ksym_table)) < 0 ) ++ ++ sym_array_modules = (struct Module *) malloc(rtn * sizeof(struct Module)); ++ if ( sym_array_modules == NULL ) + { +- Syslog(LOG_WARNING, "Error reading kernel symbols - %s\n", \ +- strerror(errno)); ++ Syslog(LOG_WARNING, " Failed memory allocation for kernel " \ ++ "symbol table.\n"); ++ free(mod_table); ++ free(modbuf); + return(0); + } + +- + /* + * Build a symbol table compatible with the other one used by + * klogd. + */ +- tmp = rtn; +- p = ksym_table; +- while ( tmp-- ) ++ newbuf=modbuf; ++ for (tmp=rtn-1; tmp>=0; tmp--) + { +- if ( !AddModule(p->value, p->name) ) ++ mod_table[tmp]=newbuf; ++ newbuf+=(strlen(newbuf)+1); ++ if ( !AddModule(mod_table[tmp]) ) + { + Syslog(LOG_WARNING, "Error adding kernel module table " + "entry.\n"); +- free(ksym_table); ++ free(mod_table); ++ free(modbuf); + return(0); + } +- ++p; + } + ++ have_modules = 1; ++ + /* Sort the symbol tables in each module. */ + for (rtn = tmp= 0; tmp < num_modules; ++tmp) + { +@@ -277,7 +304,8 @@ + Syslog(LOG_INFO, "Loaded %d %s from %d module%s", rtn, \ + (rtn == 1) ? "symbol" : "symbols", \ + num_modules, (num_modules == 1) ? "." : "s."); +- free(ksym_table); ++ free(mod_table); ++ free(modbuf); + return(1); + } + +@@ -322,23 +350,23 @@ + + /* Check to see if the module symbol tables need to be cleared. */ + have_modules = 0; +- if ( num_modules == 0 ) +- return; +- + +- for (nmods= 0; nmods < num_modules; ++nmods) +- { +- mp = &sym_array_modules[nmods]; +- if ( mp->num_syms == 0 ) +- continue; ++ if (sym_array_modules != NULL) { ++ for (nmods= 0; nmods < num_modules; ++nmods) ++ { ++ mp = &sym_array_modules[nmods]; ++ if ( mp->num_syms == 0 ) ++ continue; + +- for (nsyms= 0; nsyms < mp->num_syms; ++nsyms) +- free(mp->sym_array[nsyms].name); +- free(mp->sym_array); ++ for (nsyms= 0; nsyms < mp->num_syms; ++nsyms) ++ free(mp->sym_array[nsyms].name); ++ free(mp->sym_array); ++ } ++ ++ free(sym_array_modules); ++ sym_array_modules = NULL; + } + +- free(sym_array_modules); +- sym_array_modules = (struct Module *) 0; + num_modules = 0; + return; + } +@@ -350,23 +378,25 @@ + * Purpose: This function is responsible for adding a module to + * the list of currently loaded modules. + * +- * Arguements: (unsigned long) address, (char *) symbol +- * +- * address:-> The address of the module. ++ * Arguements: (char *) symbol + * + * symbol:-> The name of the module. + * + * Return: int + **************************************************************************/ + +-static int AddModule(address, symbol) +- +- unsigned long address; ++static int AddModule(symbol) + + char *symbol; + + { +- auto int memfd; ++ size_t rtn; ++ size_t i; ++ const char *cbuf; ++ int symsize=128; ++ int result; ++ struct module_symbol *symbuf=NULL, ++ *newbuf; + + auto struct Module *mp; + +@@ -374,78 +404,75 @@ + /* Return if we have loaded the modules. */ + if ( have_modules ) + return(1); ++ ++ /* We already have space for the module. */ ++ mp = &sym_array_modules[num_modules]; ++ ++ if (query_module(symbol, QM_INFO, &sym_array_modules[num_modules].module, ++ sizeof(struct module), &rtn)<0) ++ { ++ Syslog(LOG_WARNING, "Error reading module info for %s.\n", ++ symbol); ++ return(0); ++ } ++ ++ /* Save the module name. */ ++ mp->name = strdup(symbol); ++ if ( mp->name == NULL ) ++ return(0); ++ ++ mp->num_syms = 0; ++ mp->sym_array = NULL; ++ ++num_modules; + + /* +- * The following section of code is responsible for determining +- * whether or not we are done reading the list of modules. ++ * First, we query for the list of exported symbols. We may ++ * have to grow our buffer in size. + */ +- if ( symbol[0] == '#' ) +- { ++ do { ++ symsize+=symsize; ++ newbuf=realloc(symbuf, symsize); + +- if ( symbol[1] == '\0' ) +- { +- /* +- * A symbol which consists of a # sign only +- * signifies a a resident kernel segment. When we +- * hit one of these we are done reading the +- * module list. +- */ +- have_modules = 1; +- return(1); +- } +- /* Allocate space for the module. */ +- sym_array_modules = (struct Module *) \ +- realloc(sym_array_modules, \ +- (num_modules+1) * sizeof(struct Module)); +- if ( sym_array_modules == (struct Module *) 0 ) +- { +- Syslog(LOG_WARNING, "Cannot allocate Module array.\n"); ++ if (newbuf==NULL) { ++ /* Well, that sucks. */ ++ Syslog(LOG_ERR, "Error loading kernel symbols " \ ++ "- %s\n", strerror(errno)); ++ if (symbuf!=NULL) free(symbuf); + return(0); + } +- mp = &sym_array_modules[num_modules]; + +- if ( (memfd = open("/dev/kmem", O_RDONLY)) < 0 ) +- { +- Syslog(LOG_WARNING, "Error opening /dev/kmem\n"); +- return(0); +- } +- if ( lseek64(memfd, address, SEEK_SET) < 0 ) +- { +- Syslog(LOG_WARNING, "Error seeking in /dev/kmem\n"); +- Syslog(LOG_WARNING, "Symbol %s, value %08x\n", symbol, address); +- return(0); +- } +- if ( read(memfd, \ +- (char *)&sym_array_modules[num_modules].module, \ +- sizeof(struct module)) < 0 ) +- { +- Syslog(LOG_WARNING, "Error reading module " +- "descriptor.\n"); +- return(0); +- } +- close(memfd); ++ symbuf=newbuf; ++ ++ result=query_module(symbol, QM_SYMBOLS, symbuf, symsize, &rtn); + +- /* Save the module name. */ +- mp->name = (char *) malloc(strlen(&symbol[1]) + 1); +- if ( mp->name == (char *) 0 ) ++ if (result<0 && errno!=ENOSPC) { ++ Syslog(LOG_ERR, "Error querying symbol list for %s " \ ++ "- %s\n", symbol, strerror(errno)); ++ free(symbuf); + return(0); +- strcpy(mp->name, &symbol[1]); ++ } ++ } while (result<0); + +- mp->num_syms = 0; +- mp->sym_array = (struct sym_table *) 0; +- ++num_modules; +- return(1); +- } +- else +- { +- if (num_modules > 0) +- mp = &sym_array_modules[num_modules - 1]; +- else +- mp = &sym_array_modules[0]; +- AddSymbol(mp, address, symbol); ++ if ( rtn < 0 ) { ++ /* No symbols??? */ ++ Syslog(LOG_INFO, "No module symbols loaded - unknown error.\n"); ++ free(symbuf); ++ return(0); + } + ++ cbuf=(char *)symbuf; ++ ++ for (i=0; i<rtn; i++) { ++ if (num_modules > 0) ++ mp = &sym_array_modules[num_modules - 1]; ++ else ++ mp = &sym_array_modules[0]; ++ ++ AddSymbol(mp, symbuf[i].value, ++ cbuf+(unsigned long)(symbuf[i].name)); ++ } + ++ free(symbuf); + return(1); + } + +@@ -477,7 +504,7 @@ + + unsigned long address; + +- char *symbol; ++ const char *symbol; + + { + auto int tmp; +diff -Naur sysklogd-1.4.1-orig/module.h sysklogd-1.4.1/module.h +--- sysklogd-1.4.1-orig/module.h 2005-10-17 23:56:17.530192000 -0400 ++++ sysklogd-1.4.1/module.h 2005-10-18 00:05:23.308858441 -0400 +@@ -38,11 +38,24 @@ + char name[MODULE_NAME_LEN]; + }; + ++struct module_symbol ++{ ++ unsigned long value; ++ const char *name; ++}; + + struct list_head { + struct list_head *next, *prev; + }; + ++/* Values for query_module's which. */ ++ ++#define QM_MODULES 1 ++#define QM_DEPS 2 ++#define QM_REFS 3 ++#define QM_SYMBOLS 4 ++#define QM_INFO 5 ++ + + struct module_info + { diff --git a/app-admin/sysklogd/files/sysklogd.rc6 b/app-admin/sysklogd/files/sysklogd.rc6 index 5ae5a62ad9ee..375ba8b87f73 100644 --- a/app-admin/sysklogd/files/sysklogd.rc6 +++ b/app-admin/sysklogd/files/sysklogd.rc6 @@ -1,10 +1,12 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License, v2 or later -# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/files/sysklogd.rc6,v 1.10 2005/02/12 00:59:21 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/files/sysklogd.rc6,v 1.11 2006/05/25 00:54:56 merlin Exp $ opts="reload" +opts="start stop reload restart" + depend() { need clock hostname provide logger @@ -33,6 +35,13 @@ stop_daemon() { [[ -z ${daemon} ]] && return 1 + +reload(){ + ebegin "Reloading configuration" + killall -HUP syslogd &>/dev/null + killall -USR2 klogd &> /dev/null + eend $? +} ebegin "sysklogd -> stop: ${daemon}" # syslogd can be stubborn some times (--retry 15)... start-stop-daemon --stop --oknodo --retry 15 \ diff --git a/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild b/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild index 98482421d60b..9bb4ea59948b 100644 --- a/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild +++ b/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild,v 1.5 2005/06/26 07:19:40 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/sysklogd-1.4.1-r11.ebuild,v 1.6 2006/05/25 00:54:56 merlin Exp $ inherit eutils diff --git a/app-admin/sysklogd/sysklogd-1.4.2.ebuild b/app-admin/sysklogd/sysklogd-1.4.2.ebuild new file mode 100644 index 000000000000..501d5bcddf80 --- /dev/null +++ b/app-admin/sysklogd/sysklogd-1.4.2.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysklogd/sysklogd-1.4.2.ebuild,v 1.1 2006/05/25 00:54:56 merlin Exp $ + +inherit eutils + +CVS_DATE="20051017" +MY_P=${PN}-1.4.1 +S="${WORKDIR}/${MY_P}" + +DESCRIPTION="Standard log daemons" +HOMEPAGE="http://www.infodrom.org/projects/sysklogd/" +SRC_URI="ftp://metalab.unc.edu/pub/Linux/system/daemons/${MY_P}.tar.gz + http://dev.gentoo.org/~merlin/${MY_P}-cvs-${CVS_DATE}.patch.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" +RESTRICT="test" + +DEPEND="" +RDEPEND="dev-lang/perl + sys-apps/debianutils" +PROVIDE="virtual/logger" + +src_unpack() { + unpack ${A} + cd "${S}" + + # CVS patch / effectively version to 1.4.2 + epatch "${WORKDIR}/${MY_P}-cvs-${CVS_DATE}.patch" + + # CAEN/OWL security patches + epatch "${FILESDIR}/${MY_P}-caen-owl-syslogd-bind.diff" + epatch "${FILESDIR}/${MY_P}-caen-owl-syslogd-drop-root.diff" + epatch "${FILESDIR}/${MY_P}-caen-owl-klogd-drop-root.diff" + + # Handle SO_BSDCOMPAT being depricated in 2.5+ kernels. + epatch "${FILESDIR}/${MY_P}-SO_BSDCOMPAT.patch" + + # http://linuxfromscratch.org/pipermail/patches/2003-October/000432.html + epatch "${FILESDIR}/${MY_P}-querymod.patch" + + sed -i \ + -e "s:-O3:${CFLAGS} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE:" \ + Makefile || die "sed CFLAGS" +} + +src_compile() { + emake LDFLAGS="" || die +} + +src_install() { + dosbin syslogd klogd "${FILESDIR}"/syslogd-listfiles || die "dosbin" + doman *.[1-9] "${FILESDIR}"/syslogd-listfiles.8 + exeinto /etc/cron.daily + newexe "${FILESDIR}"/syslog-cron syslog.cron + dodoc ANNOUNCE CHANGES MANIFEST NEWS README.1st README.linux + dodoc "${FILESDIR}"/syslog.conf + insinto /etc + doins "${FILESDIR}"/syslog.conf + newinitd "${FILESDIR}"/sysklogd.rc6 sysklogd + newconfd "${FILESDIR}"/sysklogd.confd sysklogd +} |