]>
Commit | Line | Data |
---|---|---|
cd1a2927 MT |
1 | diff -ur sysklogd-1.4.1.orig/klogd.8 sysklogd-1.4.1/klogd.8 |
2 | --- sysklogd-1.4.1.orig/klogd.8 Sun Mar 11 22:35:51 2001 | |
3 | +++ sysklogd-1.4.1/klogd.8 Mon Oct 8 09:50:50 2001 | |
4 | @@ -3,8 +3,9 @@ | |
5 | .\" Sun Jul 30 01:35:55 MET: Martin Schulze: Updates | |
6 | .\" Sun Nov 19 23:22:21 MET: Martin Schulze: Updates | |
7 | .\" Mon Aug 19 09:42:08 CDT 1996: Dr. G.W. Wettstein: Updates | |
8 | +.\" Thu Feb 17 2000: Chris Wing: Unprivileged klogd feature | |
9 | .\" | |
10 | -.TH KLOGD 8 "21 August, 1999" "Version 1.4" "Linux System Administration" | |
11 | +.TH KLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW" "Linux System Administration" | |
12 | .SH NAME | |
13 | klogd \- Kernel Log Daemon | |
14 | .LP | |
15 | @@ -17,6 +18,12 @@ | |
16 | .RB [ " \-f " | |
17 | .I fname | |
18 | ] | |
19 | +.RB [ " \-u " | |
20 | +.I username | |
21 | +] | |
22 | +.RB [ " \-j " | |
23 | +.I chroot_dir | |
24 | +] | |
25 | .RB [ " \-iI " ] | |
26 | .RB [ " \-n " ] | |
27 | .RB [ " \-o " ] | |
28 | @@ -45,6 +52,20 @@ | |
29 | .TP | |
30 | .BI "\-f " file | |
31 | Log messages to the specified filename rather than to the syslog facility. | |
32 | +.TP | |
33 | +.BI "\-u " username | |
34 | +Tells klogd to become the specified user and drop root privileges before | |
35 | +starting logging. | |
36 | +.TP | |
37 | +.BI "\-j " chroot_dir | |
38 | +Tells klogd to | |
39 | +.BR chroot (2) | |
40 | +into this directory after initializing. | |
41 | +This option is only valid if the \-u option is also used to run klogd | |
42 | +without root privileges. | |
43 | +Note that the use of this option will prevent \-i and \-I from working | |
44 | +unless you set up the chroot directory in such a way that klogd can still | |
45 | +read the kernel module symbols. | |
46 | .TP | |
47 | .BI "\-i \-I" | |
48 | Signal the currently executing klogd daemon. Both of these switches control | |
49 | diff -ur sysklogd-1.4.1.orig/klogd.c sysklogd-1.4.1/klogd.c | |
50 | --- sysklogd-1.4.1.orig/klogd.c Sun Mar 11 22:40:10 2001 | |
51 | +++ sysklogd-1.4.1/klogd.c Mon Oct 8 09:52:06 2001 | |
52 | @@ -258,6 +258,8 @@ | |
53 | #include <stdarg.h> | |
54 | #include <paths.h> | |
55 | #include <stdlib.h> | |
56 | +#include <pwd.h> | |
57 | +#include <grp.h> | |
58 | #include "klogd.h" | |
59 | #include "ksyms.h" | |
60 | #ifndef TESTING | |
61 | @@ -308,6 +310,9 @@ | |
62 | int debugging = 0; | |
63 | int symbols_twice = 0; | |
64 | ||
65 | +char *server_user = NULL; | |
66 | +char *chroot_dir = NULL; | |
67 | +int log_flags = 0; | |
68 | ||
69 | /* Function prototypes. */ | |
70 | extern int ksyslog(int type, char *buf, int len); | |
71 | @@ -528,8 +533,9 @@ | |
72 | * First do a stat to determine whether or not the proc based | |
73 | * file system is available to get kernel messages from. | |
74 | */ | |
75 | - if ( use_syscall || | |
76 | - ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) ) | |
77 | + if (!server_user && | |
78 | + (use_syscall || | |
79 | + ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)))) | |
80 | { | |
81 | /* Initialize kernel logging. */ | |
82 | ksyslog(1, NULL, 0); | |
83 | @@ -977,6 +983,27 @@ | |
84 | } | |
85 | ||
86 | ||
87 | +static int drop_root(void) | |
88 | +{ | |
89 | + struct passwd *pw; | |
90 | + | |
91 | + if (!(pw = getpwnam(server_user))) return -1; | |
92 | + | |
93 | + if (!pw->pw_uid) return -1; | |
94 | + | |
95 | + if (chroot_dir) { | |
96 | + if (chroot(chroot_dir)) return -1; | |
97 | + if (chdir("/")) return -1; | |
98 | + } | |
99 | + | |
100 | + if (setgroups(0, NULL)) return -1; | |
101 | + if (setgid(pw->pw_gid)) return -1; | |
102 | + if (setuid(pw->pw_uid)) return -1; | |
103 | + | |
104 | + return 0; | |
105 | +} | |
106 | + | |
107 | + | |
108 | int main(argc, argv) | |
109 | ||
110 | int argc; | |
111 | @@ -994,7 +1021,7 @@ | |
112 | chdir ("/"); | |
113 | #endif | |
114 | /* Parse the command-line. */ | |
115 | - while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF) | |
116 | + while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF) | |
117 | switch((char)ch) | |
118 | { | |
119 | case '2': /* Print lines with symbols twice. */ | |
120 | @@ -1016,6 +1043,10 @@ | |
121 | case 'I': | |
122 | SignalDaemon(SIGUSR2); | |
123 | return(0); | |
124 | + case 'j': /* chroot 'j'ail */ | |
125 | + chroot_dir = optarg; | |
126 | + log_flags |= LOG_NDELAY; | |
127 | + break; | |
128 | case 'k': /* Kernel symbol file. */ | |
129 | symfile = optarg; | |
130 | break; | |
131 | @@ -1031,6 +1062,9 @@ | |
132 | case 's': /* Use syscall interface. */ | |
133 | use_syscall = 1; | |
134 | break; | |
135 | + case 'u': /* Run as this user */ | |
136 | + server_user = optarg; | |
137 | + break; | |
138 | case 'v': | |
139 | printf("klogd %s.%s\n", VERSION, PATCHLEVEL); | |
140 | exit (1); | |
141 | @@ -1039,6 +1073,10 @@ | |
142 | break; | |
143 | } | |
144 | ||
145 | + if (chroot_dir && !server_user) { | |
146 | + fputs("'-j' is only valid with '-u'", stderr); | |
147 | + exit(1); | |
148 | + } | |
149 | ||
150 | /* Set console logging level. */ | |
151 | if ( log_level != (char *) 0 ) | |
152 | @@ -1136,7 +1174,7 @@ | |
153 | } | |
154 | } | |
155 | else | |
156 | - openlog("kernel", 0, LOG_KERN); | |
157 | + openlog("kernel", log_flags, LOG_KERN); | |
158 | ||
159 | ||
160 | /* Handle one-shot logging. */ | |
161 | @@ -1161,4 +1199,9 @@ | |
162 | } | |
163 | } | |
164 | + | |
165 | + if (server_user && drop_root()) { | |
166 | + syslog(LOG_ALERT, "klogd: failed to drop root"); | |
167 | + Terminate(); | |
168 | + } | |
169 | ||
170 | /* The main loop. */ |