From 5b3962de0db943f0317efa56d66e0ea82433a66d Mon Sep 17 00:00:00 2001
From: maniacikarus <maniacikarus@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Date: Wed, 22 Aug 2007 08:06:33 +0000
Subject: [PATCH] Syslogeinstellungen fuer var log messages per GUI Einstellbar

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@798 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
---
 config/rootfiles/common/misc-progs |   1 +
 html/cgi-bin/logs.cgi/config.dat   |  12 +-
 langs/de/cgi-bin/de.pl             |   2 +
 langs/en/cgi-bin/en.pl             |   2 +
 src/misc-progs/Makefile            |   5 +-
 src/misc-progs/restartsyslogd.c    | 178 +++++++++++++++++++++++++++++
 6 files changed, 198 insertions(+), 2 deletions(-)
 create mode 100644 src/misc-progs/restartsyslogd.c

diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs
index 419920c04e..fe57e55f7f 100644
--- a/config/rootfiles/common/misc-progs
+++ b/config/rootfiles/common/misc-progs
@@ -30,3 +30,4 @@ usr/local/bin/squidctrl
 usr/local/bin/timectrl
 #usr/local/bin/tripwirectrl
 usr/local/bin/upnpctrl
+usr/local/bin/restartsyslogd
diff --git a/html/cgi-bin/logs.cgi/config.dat b/html/cgi-bin/logs.cgi/config.dat
index 43bc3bcdbd..4ef89ef75e 100644
--- a/html/cgi-bin/logs.cgi/config.dat
+++ b/html/cgi-bin/logs.cgi/config.dat
@@ -33,6 +33,7 @@ $logsettings{'LOGWATCH_KEEP'} = '56';
 my @VS = ('15','50','100','150','250','500');
 $logsettings{'ENABLE_REMOTELOG'} = 'off';
 $logsettings{'REMOTELOG_ADDR'} = '';
+$logsettings{'VARMESSAGES'} = 'daemon.*;local0.*;local2.*;*.info;mail.none;authpriv.*';
 $logsettings{'ACTION'} = '';
 &Header::getcgihash(\%logsettings);
 
@@ -145,7 +146,16 @@ END
 ;
 &Header::closebox();
 
-
+&Header::openbox('100%', 'left', $Lang::tr{'messages logging'});
+print <<END
+<table width='100%'>
+<tr>
+  <td>$Lang::tr{'log var messages'}</td><td><input type='text' name='VARMESSAGES' size='50' value='$logsettings{'VARMESSAGES'}' /></td>
+</tr>
+</table>
+END
+;
+&Header::closebox();
 
 print <<END
 <div align='center'>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index e72edb92f8..5246737697 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -976,6 +976,7 @@
 'log settings' => 'Logdatei-Einstellungen',
 'log summaries' => 'Log Übersicht',
 'log summary' => 'Log Zusammenfassung',
+'log var messages' => 'Einstellungen für /var/log/messages',
 'log view' => 'Log Anzeige',
 'log viewer' => 'Protokollansicht',
 'log viewing options' => 'Log Ansichts-Optionen',
@@ -1042,6 +1043,7 @@
 'memory' => 'Speicher',
 'memory information' => 'Speicherinformationen',
 'memory usage per' => 'Speichernutzung pro',
+'messages logging' => 'Logeinstellungen für /var/log/messages',
 'method' => 'Methode:',
 'min costs' => 'Minimale Kosten',
 'min delay' => 'Minimale Verzoegerung',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index ab36808f6d..d80330b662 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1003,6 +1003,7 @@
 'log settings' => 'Log Settings',
 'log summaries' => 'Log summaries',
 'log summary' => 'Log Summary',
+'log var messages' => 'Settings for /var/log/messages',
 'log view' => 'Log View',
 'log viewer' => 'Log viewer',
 'log viewing options' => 'Log viewing options',
@@ -1069,6 +1070,7 @@
 'memory' => 'Memory',
 'memory information' => 'memory information',
 'memory usage per' => 'Memory Usage per',
+'messages logging' => 'Logsettings for /var/log/messages',
 'method' => 'Method:',
 'min costs' => 'Minimum costs',
 'min delay' => 'Minimum delay',
diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile
index 01889fe5a9..96791ad062 100644
--- a/src/misc-progs/Makefile
+++ b/src/misc-progs/Makefile
@@ -10,7 +10,7 @@ SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \
 	applejuicectrl rebuildhosts backupctrl \
 	logwatch openvpnctrl outgoingfwctrl \
 	restartwireless getipstat qosctrl launch-ether-wake \
-	redctrl extrahdctrl sambactrl upnpctrl tripwirectrl \
+	redctrl restartsyslogd extrahdctrl sambactrl upnpctrl tripwirectrl \
 	smartctrl clamavctrl pakfire mpfirectrl
 
 install : all
@@ -123,3 +123,6 @@ mpfirectrl: mpfirectrl.c setuid.o ../install+setup/libsmooth/varval.o
 
 backupctrl: backupctrl.c setuid.o ../install+setup/libsmooth/varval.o
 	$(COMPILE) -I../install+setup/libsmooth/ backupctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
+
+restartsyslogd: restartsyslogd.c setuid.o ../install+setup/libsmooth/varval.o
+	$(COMPILE) -I../install+setup/libsmooth/ restartsyslogd.c setuid.o ../install+setup/libsmooth/varval.o -o $@
diff --git a/src/misc-progs/restartsyslogd.c b/src/misc-progs/restartsyslogd.c
new file mode 100644
index 0000000000..25222c8542
--- /dev/null
+++ b/src/misc-progs/restartsyslogd.c
@@ -0,0 +1,178 @@
+/* This file is part of the IPCop Firewall.
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence.  See the file COPYING for details.
+ *
+ * Copyright (C) 2003-07-12 Robert Kerr <rkerr@go.to>
+ *
+ * $Id$
+ *
+ * Edited by the IPFire Team to change var log messages 
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <errno.h>
+#include "libsmooth.h"
+#include "setuid.h"
+
+#define ERR_ANY 1
+#define ERR_SETTINGS 2    /* error in settings file */
+#define ERR_ETC 3         /* error with CONFIG_ROOT/etc permissions */
+#define ERR_CONFIG 4      /* error updated sshd_config */
+#define ERR_SYSLOG 5      /* error restarting syslogd */
+
+int main(void)
+{
+   char buffer[STRING_SIZE], hostname[STRING_SIZE], varmessages[STRING_SIZE];
+   int config_fd,rc,fd,pid;
+   struct stat st;
+   struct keyvalue *kv = NULL;
+   memset(buffer, 0, STRING_SIZE);
+   memset(hostname, 0, STRING_SIZE);
+   memset(varmessages, 0, STRING_SIZE);
+
+   if (!(initsetuid()))
+      exit(1);
+
+
+   /* Read in and verify config */
+   kv=initkeyvalues();
+
+   if (!readkeyvalues(kv, CONFIG_ROOT "/logging/settings"))
+   {
+      fprintf(stderr, "Cannot read syslog settings\n");
+      exit(ERR_SETTINGS);
+   }
+
+   if (!findkey(kv, "ENABLE_REMOTELOG", buffer))
+   {
+      fprintf(stderr, "Cannot read ENABLE_REMOTELOG\n");
+      exit(ERR_SETTINGS);
+   }
+
+   if (!findkey(kv, "REMOTELOG_ADDR", hostname))
+   {
+      fprintf(stderr, "Cannot read REMOTELOG_ADDR\n");
+      exit(ERR_SETTINGS);
+   }
+   
+   if (!findkey(kv, "VARMESSAGES", varmessages))
+   {
+      fprintf(stderr, "Cannot read VARMESSAGES\n");
+      exit(ERR_SETTINGS);
+   }
+
+   if (strspn(hostname, VALID_FQDN) != strlen(hostname))
+   {
+      fprintf(stderr, "Bad REMOTELOG_ADDR: %s\n", hostname);
+      exit(ERR_SETTINGS);
+   }
+
+   freekeyvalues(kv);
+
+
+   /* If anyone other than root can write to CONFIG_ROOT/etc this would be totally
+    * insecure - same if anyone other than root owns CONFIG_ROOT/etc, as they could
+    * change the file mode to give themselves or anyone else write access. */
+
+   if(lstat(CONFIG_ROOT "/etc",&st))
+   {
+      perror("Unable to stat" CONFIG_ROOT "/etc");
+      exit(ERR_ETC);
+   }
+   if(!S_ISDIR(st.st_mode))
+   {
+      fprintf(stderr,CONFIG_ROOT "/etc is not a directory?!\n");
+      exit(ERR_ETC);
+   }
+   if ( st.st_uid != 0  ||  st.st_mode & S_IWOTH ||
+      ((st.st_gid != 0) && (st.st_mode & S_IWGRP)) )
+   {
+      fprintf(stderr,CONFIG_ROOT "/etc is owned/writable by non-root users\n");
+      exit(ERR_ETC);
+   }
+
+   /* O_CREAT with O_EXCL will make open() fail if the file already exists -
+    * mostly to prevent 2 copies running at once */
+   if ((config_fd = open( CONFIG_ROOT "/etc/syslog.conf.new", O_WRONLY|O_CREAT|O_EXCL, 0644 )) == -1 )
+   {
+      perror("Unable to open new config file");
+      exit(ERR_CONFIG);
+   }
+
+   if (!strcmp(buffer,"on"))
+      snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' " CONFIG_ROOT "/etc/syslog.conf >&%d", hostname, config_fd );
+   else
+      snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' " CONFIG_ROOT "/etc/syslog.conf >&%d", config_fd );
+      
+      snprintf(buffer, STRING_SIZE - 1, "&& /bin/sed -e 's/*.\/var\/log\/messages/%s \/var\/log\/messages/' " CONFIG_ROOT "/etc/syslog.conf >&%d", varmessages, config_fd );
+
+   /* if the return code isn't 0 failsafe */
+   if ((rc = unpriv_system(buffer,99,99)) != 0)
+   {
+      fprintf(stderr, "sed returned bad exit code: %d\n", rc);
+      close(config_fd);
+      unlink(CONFIG_ROOT "/etc/syslog.conf.new");
+      exit(ERR_CONFIG);
+   }
+   close(config_fd);
+   if (rename(CONFIG_ROOT "/etc/syslog.conf.new", CONFIG_ROOT "/etc/syslog.conf") == -1)
+   {
+      perror("Unable to replace old config file");
+      unlink(CONFIG_ROOT "/etc/syslog.conf.new");
+      exit(ERR_CONFIG);
+   }
+
+
+   /* Get syslogd to read the new config file */
+   if ((fd = open("/var/run/syslogd.pid", O_RDONLY)) == -1)
+   {
+      if(errno == ENOENT)
+      {
+         /* pid file doesn't exists.. restart syslog */
+         if((rc = safe_system("/usr/sbin/syslogd u syslogd -m 0")) == 0 )
+            return 0;
+         else
+         {
+            fprintf(stderr,
+               "Unable to restart syslogd - returned exit code %d\n", rc);
+            exit(ERR_SYSLOG);
+         }
+      } else {
+         /* Something odd is going on, failsafe */
+         perror("Unable to open pid file");
+         exit(ERR_SYSLOG);
+      }
+   }
+
+   memset(buffer, 0, STRING_SIZE);
+   if (read(fd, buffer, STRING_SIZE - 1) == -1)
+   {
+      close(fd);
+      perror("Couldn't read from pid file");
+      exit(ERR_SYSLOG);
+   }
+   close(fd);
+   /* strtol does sanity checks that atoi doesn't do */
+   errno = 0;
+   pid = (int)strtol(buffer, (char **)NULL, 10);
+   if (errno || pid <= 1)
+   {
+      fprintf(stderr, "Bad pid value\n");
+      exit(ERR_SYSLOG);
+   }
+   if (kill(pid, SIGHUP) == -1)
+   {
+      fprintf(stderr, "Unable to send SIGHUP\n");
+      exit(ERR_SYSLOG);
+   }
+
+   return 0;
+}
-- 
2.39.2