1 diff -ur sysklogd-1.4.1-caen-owl-syslogd-bind/sysklogd.8 sysklogd-1.4.1/sysklogd.8
2 --- sysklogd-1.4.1-caen-owl-syslogd-bind/sysklogd.8 Mon Oct 8 07:26:27 2001
3 +++ sysklogd-1.4.1/sysklogd.8 Mon Oct 8 07:30:31 2001
15 is specified and the host logging resolves to satu.infodrom.north.de
16 no domain would be cut, you will have to specify two domains like:
17 .BR "\-s north.de:infodrom.north.de" .
19 +.BI "\-u " "username"
22 +daemon to become the named user before starting up logging.
24 +Note that when this option is in use,
26 +will open all log files as root when the daemon is first started;
29 +the files will be reopened as the non-privileged user. You should
30 +take this into account when deciding the ownership of the log files.
33 Print version and exit.
34 diff -ur sysklogd-1.4.1-caen-owl-syslogd-bind/syslogd.c sysklogd-1.4.1/syslogd.c
35 --- sysklogd-1.4.1-caen-owl-syslogd-bind/syslogd.c Mon Oct 8 07:26:27 2001
36 +++ sysklogd-1.4.1/syslogd.c Mon Oct 8 07:40:35 2001
38 #include <arpa/nameser.h>
39 #include <arpa/inet.h>
51 char *bind_addr = NULL; /* bind UDP port to this interface only */
52 +char *server_user = NULL; /* user name to run server as */
57 static int create_inet_socket();
60 +static int drop_root(void)
64 + if (!(pw = getpwnam(server_user))) return -1;
66 + if (!pw->pw_uid) return -1;
68 + if (initgroups(server_user, pw->pw_gid)) return -1;
69 + if (setgid(pw->pw_gid)) return -1;
70 + if (setuid(pw->pw_uid)) return -1;
82 - while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF)
83 + while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF)
86 if (nfunix < MAXFUNIX)
89 StripDomains = crunch_list(optarg);
92 + server_user = optarg;
95 printf("syslogd %s.%s\n", VERSION, PATCHLEVEL);
97 @@ -1031,6 +1054,11 @@
101 + if (server_user && drop_root()) {
102 + dprintf("syslogd: failed to drop root\n");
106 /* Main loop begins here. */
109 @@ -1185,7 +1213,7 @@
112 fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
113 - " [-s domainlist] [-f conffile] [-i IP address]\n");
114 + " [-s domainlist] [-f conffile] [-i IP address] [-u username]\n");