]>
git.ipfire.org Git - ipfire-2.x.git/blob - src/misc-progs/syslogdctrl.c
1 /* This file is part of the IPCop Firewall.
3 * This program is distributed under the terms of the GNU General Public
4 * Licence. See the file COPYING for details.
6 * Copyright (C) 2003-07-12 Robert Kerr <rkerr@go.to>
10 * Edited by the IPFire Team to change var log messages
18 #include <sys/types.h>
22 #include "libsmooth.h"
26 #define ERR_SETTINGS 2 /* error in settings file */
27 #define ERR_ETC 3 /* error with /etc permissions */
28 #define ERR_CONFIG 4 /* error updated sshd_config */
29 #define ERR_SYSLOG 5 /* error restarting syslogd */
33 char buffer
[STRING_SIZE
], command
[STRING_SIZE
], hostname
[STRING_SIZE
];
34 char varmessages
[STRING_SIZE
], asynclog
[STRING_SIZE
];
35 int config_fd
,rc
,fd
,pid
;
37 struct keyvalue
*kv
= NULL
;
38 memset(buffer
, 0, STRING_SIZE
);
39 memset(hostname
, 0, STRING_SIZE
);
40 memset(varmessages
, 0, STRING_SIZE
);
41 memset(asynclog
, 0, STRING_SIZE
);
47 /* Read in and verify config */
50 if (!readkeyvalues(kv
, "/var/ipfire/logging/settings"))
52 fprintf(stderr
, "Cannot read syslog settings\n");
56 if (!findkey(kv
, "ENABLE_REMOTELOG", buffer
))
58 fprintf(stderr
, "Cannot read ENABLE_REMOTELOG\n");
62 if (!findkey(kv
, "REMOTELOG_ADDR", hostname
))
64 fprintf(stderr
, "Cannot read REMOTELOG_ADDR\n");
68 if (!findkey(kv
, "ENABLE_ASYNCLOG", asynclog
))
70 fprintf(stderr
, "Cannot read ENABLE_ASYNCLOG\n");
75 if (!findkey(kv
, "VARMESSAGES", varmessages
))
77 fprintf(stderr
, "Cannot read VARMESSAGES\n");
81 if (strspn(hostname
, VALID_FQDN
) != strlen(hostname
))
83 fprintf(stderr
, "Bad REMOTELOG_ADDR: %s\n", hostname
);
90 /* If anyone other than root can write to /etc this would be totally
91 * insecure - same if anyone other than root owns /etc, as they could
92 * change the file mode to give themselves or anyone else write access. */
96 perror("Unable to stat /etc");
99 if(!S_ISDIR(st
.st_mode
))
101 fprintf(stderr
, "/etc is not a directory?!\n");
104 if ( st
.st_uid
!= 0 || st
.st_mode
& S_IWOTH
||
105 ((st
.st_gid
!= 0) && (st
.st_mode
& S_IWGRP
)) )
107 fprintf(stderr
, "/etc is owned/writable by non-root users\n");
111 /* O_CREAT with O_EXCL will make open() fail if the file already exists -
112 * mostly to prevent 2 copies running at once */
113 if ((config_fd
= open( "/etc/syslog.conf.new", O_WRONLY
|O_CREAT
|O_EXCL
, 0644 )) == -1 )
115 perror("Unable to open new config file");
119 if (!strcmp(buffer
,"on"))
120 snprintf(buffer
, STRING_SIZE
- 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname
, config_fd
);
122 snprintf(buffer
, STRING_SIZE
- 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd
);
124 /* if the return code isn't 0 failsafe */
125 if ((rc
= unpriv_system(buffer
,99,99)) != 0)
127 fprintf(stderr
, "sed returned bad exit code: %d\n", rc
);
129 unlink("/etc/syslog.conf.new");
134 /* Replace the logging option*/
135 safe_system("grep -v '/var/log/messages' < /etc/syslog.conf.new > /etc/syslog.conf.tmp && mv /etc/syslog.conf.tmp /etc/syslog.conf.new");
137 if (!strcmp(asynclog
,"on"))
138 snprintf(command
, STRING_SIZE
- 1, "printf '%s -/var/log/messages' >> /etc/syslog.conf.new", varmessages
);
140 snprintf(command
, STRING_SIZE
- 1, "printf '%s /var/log/messages' >> /etc/syslog.conf.new", varmessages
);
142 safe_system(command
);
144 if (rename("/etc/syslog.conf.new", "/etc/syslog.conf") == -1)
146 perror("Unable to replace old config file");
147 unlink("/etc/syslog.conf.new");
152 /* Get syslogd to read the new config file */
153 if ((fd
= open("/var/run/syslogd.pid", O_RDONLY
)) == -1)
157 /* pid file doesn't exists.. restart syslog */
158 if((rc
= safe_system("/usr/sbin/syslogd u syslogd -m 0")) == 0 )
163 "Unable to restart syslogd - returned exit code %d\n", rc
);
167 /* Something odd is going on, failsafe */
168 perror("Unable to open pid file");
173 memset(buffer
, 0, STRING_SIZE
);
174 if (read(fd
, buffer
, STRING_SIZE
- 1) == -1)
177 perror("Couldn't read from pid file");
181 /* strtol does sanity checks that atoi doesn't do */
183 pid
= (int)strtol(buffer
, (char **)NULL
, 10);
184 if (errno
|| pid
<= 1)
186 fprintf(stderr
, "Bad pid value\n");
189 if (kill(pid
, SIGHUP
) == -1)
191 fprintf(stderr
, "Unable to send SIGHUP\n");