static void ERinitsyslog(void) { # ifdef NT_GENERIC ERsysinit = TRUE; if (EventLog == NULL) { /* ** Register the event source according to the product and ** installation code. */ TCHAR tchServiceName[ _MAX_PATH ]; CHAR *inst_id; NMgtAt("II_INSTALLATION", &inst_id); STlpolycat(3, sizeof(tchServiceName)-1, SystemServiceName, "_Database_", inst_id, &tchServiceName[0]); EventLog = RegisterEventSource ( (LPTSTR)NULL, /* Use Local Machine */ tchServiceName ); /* eventlog app name to find in registry*/ } # else /* NT_GENERIC */ ERsysinit = TRUE; # if defined(OS_THREADS_USED) && defined(any_aix) openlog_r( SystemProductName, LOG_CONS, LOG_USER ); # else openlog( SystemProductName, LOG_CONS, LOG_USER ); # endif # endif /* NT_GENERIC */ }
int main(int argc, char *argv[]) { struct sigaction sa; int ch, r; while ((ch = getopt(argc, argv, "rv")) != -1) { switch (ch) { case 'r': replace = 1; break; case 'v': verbose = 1; break; default: usage(); break; } } openlog_r("reorg_spamdb", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); sigfillset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = sig_term; sigaction(SIGTERM, &sa, NULL); sigaction(SIGHUP, &sa, NULL); sigaction(SIGCHLD, &sa, NULL); sigaction(SIGINT, &sa, NULL); if ((pw = getpwnam("_spamd")) == NULL) errx(1, "no such user _spamd"); /* check if PATH_SPAMD_DB exist and is a regular file */ r = lstat(PATH_SPAMD_DB, &statbuf_in); if ( r == 0 && !S_ISREG(statbuf_in.st_mode)) { syslog_r(LOG_ERR, &sdata, "exit \"%s\" : Not a regular file", PATH_SPAMD_DB); errx(1, "exit \"%s\" : Not a regular file", PATH_SPAMD_DB); } if (r == -1) { syslog_r(LOG_ERR, &sdata, "%s (%m)", PATH_SPAMD_DB); err(1, "%s", PATH_SPAMD_DB); } check_spamd_db(); closelog_r(&sdata); exit(0); }
/* * OsJournalise - Ecrit dans le journal de l'OS */ void OsJournalise(int Code, char *Message) { #ifdef _AIX static struct syslog_data LogData = SYSLOG_DATA_INIT; #endif static BOOL PremierAppel = TRUE; int Level = LOG_ERR; /* Par défaut */ int Facility = LOG_LOCAL1; char *Type; char Info[32]; if (PremierAppel) { #ifdef _AIX (void)openlog_r("", LOG_CONS | LOG_PID, Facility, &LogData); #else (void)openlog("", LOG_CONS | LOG_PID, Facility); #endif PremierAppel = FALSE; } switch (Code) { case LOG_INFO: Level = LOG_INFO; Type = "Info."; break; case LOG_WARNING: Level = LOG_WARNING; Type = "Warn."; break; case LOG_ERR: Level = LOG_ERR; Type = "ERROR"; break; } sprintf(Info, "(%s) ", Type); #ifdef _AIX (void)syslog_r(Level | Facility, &LogData, "%s%s", Info, Message); #else (void)syslog(Level | Facility, "%s%s", Info, Message); #endif return; }
int main(int argc, char *argv[]) { #ifdef __FreeBSD__ extern char *__progname; FILE *fpid = NULL; struct stat dbstat; int pt, ge, we; /* make build on amd64/sparc happy */ #endif fd_set *fdsr = NULL, *fdsw = NULL; struct sockaddr_in sin; struct sockaddr_in lin; int ch, s, s2, conflisten = 0, syncfd = 0, i, omax = 0, one = 1; socklen_t sinlen; u_short port; struct servent *ent; struct rlimit rlp; char *bind_address = NULL; const char *errstr; char *sync_iface = NULL; char *sync_baddr = NULL; tzset(); openlog_r("spamd", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); if ((ent = getservbyname("spamd", "tcp")) == NULL) errx(1, "Can't find service \"spamd\" in /etc/services"); port = ntohs(ent->s_port); if ((ent = getservbyname("spamd-cfg", "tcp")) == NULL) errx(1, "Can't find service \"spamd-cfg\" in /etc/services"); cfg_port = ntohs(ent->s_port); if ((ent = getservbyname("spamd-sync", "udp")) == NULL) errx(1, "Can't find service \"spamd-sync\" in /etc/services"); sync_port = ntohs(ent->s_port); if (gethostname(hostname, sizeof hostname) == -1) err(1, "gethostname"); maxfiles = get_maxfiles(); if (maxcon > maxfiles) maxcon = maxfiles; if (maxblack > maxfiles) maxblack = maxfiles; while ((ch = #ifndef __FreeBSD__ getopt(argc, argv, "45l:c:B:p:bdG:h:s:S:M:n:vw:y:Y:")) != -1) { #else getopt(argc, argv, "45l:c:B:p:bdG:h:s:S:M:n:vw:y:Y:t:m:")) != -1) { #endif switch (ch) { case '4': nreply = "450"; break; case '5': nreply = "550"; break; case 'l': bind_address = optarg; break; case 'B': i = atoi(optarg); maxblack = i; break; case 'c': i = atoi(optarg); if (i > maxfiles) { fprintf(stderr, "%d > system max of %d connections\n", i, maxfiles); usage(); } maxcon = i; break; case 'p': i = atoi(optarg); port = i; break; case 'd': debug = 1; break; case 'b': greylist = 0; break; case 'G': if (sscanf(optarg, "%d:%d:%d", &pt, &ge, &we) != 3) usage(); /* convert to seconds from minutes */ passtime = pt * 60; /* convert to seconds from hours */ whiteexp = we * (60 * 60); /* convert to seconds from hours */ greyexp = ge * (60 * 60); break; case 'h': bzero(&hostname, sizeof(hostname)); if (strlcpy(hostname, optarg, sizeof(hostname)) >= sizeof(hostname)) errx(1, "-h arg too long"); break; case 's': i = strtonum(optarg, 0, 10, &errstr); if (errstr) usage(); stutter = i; break; case 'S': i = strtonum(optarg, 0, 90, &errstr); if (errstr) usage(); grey_stutter = i; break; case 'M': low_prio_mx_ip = optarg; break; case 'n': spamd = optarg; break; case 'v': verbose = 1; break; case 'w': window = atoi(optarg); if (window <= 0) usage(); break; case 'Y': if (sync_addhost(optarg, sync_port) != 0) sync_iface = optarg; syncsend++; break; case 'y': sync_baddr = optarg; syncrecv++; break; #ifdef __FreeBSD__ case 't': ipfw_tabno = atoi(optarg); break; case 'm': if (strcmp(optarg, "ipfw") == 0) use_pf=0; break; #endif default: usage(); break; } } #ifdef __FreeBSD__ /* check if PATH_SPAMD_DB is a regular file */ if (lstat(PATH_SPAMD_DB, &dbstat) == 0 && !S_ISREG(dbstat.st_mode)) { syslog(LOG_ERR, "error %s (Not a regular file)", PATH_SPAMD_DB); errx(1, "exit \"%s\" : Not a regular file", PATH_SPAMD_DB); } #endif setproctitle("[priv]%s%s", greylist ? " (greylist)" : "", (syncrecv || syncsend) ? " (sync)" : ""); if (!greylist) maxblack = maxcon; else if (maxblack > maxcon) usage(); rlp.rlim_cur = rlp.rlim_max = maxcon + 15; if (setrlimit(RLIMIT_NOFILE, &rlp) == -1) err(1, "setrlimit"); con = calloc(maxcon, sizeof(*con)); if (con == NULL) err(1, "calloc"); con->obuf = malloc(8192); if (con->obuf == NULL) err(1, "malloc"); con->osize = 8192; for (i = 0; i < maxcon; i++) con[i].fd = -1; signal(SIGPIPE, SIG_IGN); s = socket(AF_INET, SOCK_STREAM, 0); if (s == -1) err(1, "socket"); if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) == -1) return (-1); conflisten = socket(AF_INET, SOCK_STREAM, 0); if (conflisten == -1) err(1, "socket"); if (setsockopt(conflisten, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) == -1) return (-1); memset(&sin, 0, sizeof sin); sin.sin_len = sizeof(sin); if (bind_address) { if (inet_pton(AF_INET, bind_address, &sin.sin_addr) != 1) err(1, "inet_pton"); } else sin.sin_addr.s_addr = htonl(INADDR_ANY); sin.sin_family = AF_INET; sin.sin_port = htons(port); if (bind(s, (struct sockaddr *)&sin, sizeof sin) == -1) err(1, "bind"); memset(&lin, 0, sizeof sin); lin.sin_len = sizeof(sin); lin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); lin.sin_family = AF_INET; lin.sin_port = htons(cfg_port); if (bind(conflisten, (struct sockaddr *)&lin, sizeof lin) == -1) err(1, "bind local"); if (syncsend || syncrecv) { syncfd = sync_init(sync_iface, sync_baddr, sync_port); if (syncfd == -1) err(1, "sync init"); } if ((pw = getpwnam("_spamd")) == NULL) errx(1, "no such user _spamd"); #ifdef __FreeBSD__ /* open the pid file just before daemon */ fpid = fopen(pid_file, "w"); if (fpid == NULL) { syslog(LOG_ERR, "error can't create pid file %s (%m)", pid_file); err(1, "can't create pid file \"%s\"", pid_file); } #endif if (debug == 0) { if (daemon(1, 1) == -1) err(1, "daemon"); } if (greylist) { #ifdef __FreeBSD__ if(use_pf){ #endif pfdev = open("/dev/pf", O_RDWR); if (pfdev == -1) { syslog_r(LOG_ERR, &sdata, "open /dev/pf: %m"); exit(1); } #ifdef __FreeBSD__ } #endif maxblack = (maxblack >= maxcon) ? maxcon - 100 : maxblack; if (maxblack < 0) maxblack = 0; /* open pipe to talk to greylister */ if (pipe(greypipe) == -1) { syslog(LOG_ERR, "pipe (%m)"); exit(1); } /* open pipe to recieve spamtrap configs */ if (pipe(trappipe) == -1) { syslog(LOG_ERR, "pipe (%m)"); exit(1); } jail_pid = fork(); switch (jail_pid) { case -1: syslog(LOG_ERR, "fork (%m)"); exit(1); case 0: /* child - continue */ signal(SIGPIPE, SIG_IGN); grey = fdopen(greypipe[1], "w"); if (grey == NULL) { syslog(LOG_ERR, "fdopen (%m)"); _exit(1); } close(greypipe[0]); trapfd = trappipe[0]; trapcfg = fdopen(trappipe[0], "r"); if (trapcfg == NULL) { syslog(LOG_ERR, "fdopen (%m)"); _exit(1); } close(trappipe[1]); goto jail; } /* parent - run greylister */ grey = fdopen(greypipe[0], "r"); if (grey == NULL) { syslog(LOG_ERR, "fdopen (%m)"); exit(1); } close(greypipe[1]); trapcfg = fdopen(trappipe[1], "w"); if (trapcfg == NULL) { syslog(LOG_ERR, "fdopen (%m)"); exit(1); } close(trappipe[0]); return (greywatcher()); /* NOTREACHED */ } jail: #ifdef __FreeBSD__ /* after switch user and daemon write and close the pid file */ if (fpid) { fprintf(fpid, "%ld\n", (long) getpid()); if (fclose(fpid) == EOF) { syslog(LOG_ERR, "error can't close pid file %s (%m)", pid_file); exit(1); } } #endif if (chroot("/var/empty") == -1 || chdir("/") == -1) { syslog(LOG_ERR, "cannot chdir to /var/empty."); exit(1); } if (pw) if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) err(1, "failed to drop privs"); if (listen(s, 10) == -1) err(1, "listen"); if (listen(conflisten, 10) == -1) err(1, "listen"); if (debug != 0) printf("listening for incoming connections.\n"); syslog_r(LOG_WARNING, &sdata, "listening for incoming connections."); while (1) { struct timeval tv, *tvp; int max, n; int writers; max = MAX(s, conflisten); if (syncrecv) max = MAX(max, syncfd); max = MAX(max, conffd); max = MAX(max, trapfd); time(&t); for (i = 0; i < maxcon; i++) if (con[i].fd != -1) max = MAX(max, con[i].fd); if (max > omax) { free(fdsr); fdsr = NULL; free(fdsw); fdsw = NULL; fdsr = (fd_set *)calloc(howmany(max+1, NFDBITS), sizeof(fd_mask)); if (fdsr == NULL) err(1, "calloc"); fdsw = (fd_set *)calloc(howmany(max+1, NFDBITS), sizeof(fd_mask)); if (fdsw == NULL) err(1, "calloc"); omax = max; } else { memset(fdsr, 0, howmany(max+1, NFDBITS) * sizeof(fd_mask)); memset(fdsw, 0, howmany(max+1, NFDBITS) * sizeof(fd_mask)); } writers = 0; for (i = 0; i < maxcon; i++) { if (con[i].fd != -1 && con[i].r) { if (con[i].r + MAXTIME <= t) { closecon(&con[i]); continue; } FD_SET(con[i].fd, fdsr); } if (con[i].fd != -1 && con[i].w) { if (con[i].w + MAXTIME <= t) { closecon(&con[i]); continue; } if (con[i].w <= t) FD_SET(con[i].fd, fdsw); writers = 1; } } FD_SET(s, fdsr); /* only one active config conn at a time */ if (conffd == -1) FD_SET(conflisten, fdsr); else FD_SET(conffd, fdsr); if (trapfd != -1) FD_SET(trapfd, fdsr); if (syncrecv) FD_SET(syncfd, fdsr); if (writers == 0) { tvp = NULL; } else { tv.tv_sec = 1; tv.tv_usec = 0; tvp = &tv; } n = select(max+1, fdsr, fdsw, NULL, tvp); if (n == -1) { if (errno != EINTR) err(1, "select"); continue; } if (n == 0) continue; for (i = 0; i < maxcon; i++) { if (con[i].fd != -1 && FD_ISSET(con[i].fd, fdsr)) handler(&con[i]); if (con[i].fd != -1 && FD_ISSET(con[i].fd, fdsw)) handlew(&con[i], clients + 5 < maxcon); } if (FD_ISSET(s, fdsr)) { sinlen = sizeof(sin); s2 = accept(s, (struct sockaddr *)&sin, &sinlen); if (s2 == -1) /* accept failed, they may try again */ continue; for (i = 0; i < maxcon; i++) if (con[i].fd == -1) break; if (i == maxcon) close(s2); else { initcon(&con[i], s2, (struct sockaddr *)&sin); syslog_r(LOG_INFO, &sdata, "%s: connected (%d/%d)%s%s", con[i].addr, clients, blackcount, ((con[i].lists == NULL) ? "" : ", lists:"), ((con[i].lists == NULL) ? "": con[i].lists)); } } if (FD_ISSET(conflisten, fdsr)) { sinlen = sizeof(lin); conffd = accept(conflisten, (struct sockaddr *)&lin, &sinlen); if (conffd == -1) /* accept failed, they may try again */ continue; else if (ntohs(lin.sin_port) >= IPPORT_RESERVED) { close(conffd); conffd = -1; } } if (conffd != -1 && FD_ISSET(conffd, fdsr)) do_config(); if (trapfd != -1 && FD_ISSET(trapfd, fdsr)) read_configline(trapcfg); if (syncrecv && FD_ISSET(syncfd, fdsr)) sync_recv(); } exit(1); }
void do_log(LogLevel level, const char *fmt, va_list args) { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) struct syslog_data sdata = SYSLOG_DATA_INIT; #endif char msgbuf[MSGBUFSIZ]; char fmtbuf[MSGBUFSIZ]; char *txt = NULL; int pri = LOG_INFO; int saved_errno = errno; log_handler_fn *tmp_handler; if (level > log_level) return; switch (level) { case SYSLOG_LEVEL_FATAL: if (!log_on_stderr) txt = "fatal"; pri = LOG_CRIT; break; case SYSLOG_LEVEL_ERROR: if (!log_on_stderr) txt = "error"; pri = LOG_ERR; break; case SYSLOG_LEVEL_INFO: pri = LOG_INFO; break; case SYSLOG_LEVEL_VERBOSE: pri = LOG_INFO; break; case SYSLOG_LEVEL_DEBUG1: txt = "debug1"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG2: txt = "debug2"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG3: txt = "debug3"; pri = LOG_DEBUG; break; default: txt = "internal error"; pri = LOG_ERR; break; } if (txt != NULL && log_handler == NULL) { snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); } else { vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); } #ifdef WIN32_FIXME strncpy(fmtbuf, msgbuf, sizeof(fmtbuf)); #else strnvis(fmtbuf, msgbuf, sizeof(fmtbuf), log_on_stderr ? LOG_STDERR_VIS : LOG_SYSLOG_VIS); #endif #ifndef WIN32_FIXME if (log_handler != NULL) { /* Avoid recursion */ tmp_handler = log_handler; log_handler = NULL; tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else #endif if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); #ifdef WIN32_FIXME _write(STDERR_FILENO, msgbuf, strlen(msgbuf)); #else (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); #endif } else { #ifdef WIN32_FIXME if (logfd > 0) { char msgbufTimestamp[MSGBUFSIZ]; SYSTEMTIME st; GetLocalTime(&st); snprintf(msgbufTimestamp, sizeof msgbufTimestamp, "%d %02d:%02d:%02d %03d %s\n", GetCurrentProcessId(), st.wHour, st.wMinute, st.wSecond, st.wMilliseconds, msgbuf); _write(logfd, msgbufTimestamp, strlen(msgbufTimestamp)); } #else #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); syslog_r(pri, &sdata, "%.500s", fmtbuf); closelog_r(&sdata); #else openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); syslog(pri, "%.500s", fmtbuf); closelog(); #endif #endif } errno = saved_errno; }
void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) struct syslog_data sdata = SYSLOG_DATA_INIT; #endif argv0 = av0; switch (level) { case SYSLOG_LEVEL_QUIET: case SYSLOG_LEVEL_FATAL: case SYSLOG_LEVEL_ERROR: case SYSLOG_LEVEL_INFO: case SYSLOG_LEVEL_VERBOSE: case SYSLOG_LEVEL_DEBUG1: case SYSLOG_LEVEL_DEBUG2: case SYSLOG_LEVEL_DEBUG3: log_level = level; break; default: fprintf(stderr, "Unrecognized internal syslog level code %d\n", (int) level); exit(1); } log_handler = NULL; log_handler_ctx = NULL; log_on_stderr = on_stderr; if (on_stderr) return; switch (facility) { case SYSLOG_FACILITY_DAEMON: log_facility = LOG_DAEMON; break; case SYSLOG_FACILITY_USER: log_facility = LOG_USER; break; case SYSLOG_FACILITY_AUTH: log_facility = LOG_AUTH; break; #ifdef LOG_AUTHPRIV case SYSLOG_FACILITY_AUTHPRIV: log_facility = LOG_AUTHPRIV; break; #endif case SYSLOG_FACILITY_LOCAL0: log_facility = LOG_LOCAL0; break; case SYSLOG_FACILITY_LOCAL1: log_facility = LOG_LOCAL1; break; case SYSLOG_FACILITY_LOCAL2: log_facility = LOG_LOCAL2; break; case SYSLOG_FACILITY_LOCAL3: log_facility = LOG_LOCAL3; break; case SYSLOG_FACILITY_LOCAL4: log_facility = LOG_LOCAL4; break; case SYSLOG_FACILITY_LOCAL5: log_facility = LOG_LOCAL5; break; case SYSLOG_FACILITY_LOCAL6: log_facility = LOG_LOCAL6; break; case SYSLOG_FACILITY_LOCAL7: log_facility = LOG_LOCAL7; break; default: fprintf(stderr, "Unrecognized internal syslog facility code %d\n", (int) facility); exit(1); } /* * If an external library (eg libwrap) attempts to use syslog * immediately after reexec, syslog may be pointing to the wrong * facility, so we force an open/close of syslog here. */ #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); closelog_r(&sdata); #else openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); closelog(); #endif }
int main(int argc, char **argv) { #ifdef __FreeBSD__ FILE *fpid = NULL; struct stat dbstat; int rst; #endif int ch, i; const char *errstr; struct passwd *pw; pcap_handler phandler = logpkt_handler; int syncfd = 0; struct servent *ent; char *sync_iface = NULL; char *sync_baddr = NULL; if ((ent = getservbyname("spamd-sync", "udp")) == NULL) errx(1, "Can't find service \"spamd-sync\" in /etc/services"); sync_port = ntohs(ent->s_port); #ifndef __FreeBSD__ while ((ch = getopt(argc, argv, "DIi:l:W:Y:")) != -1) { #else while ((ch = getopt(argc, argv, "DIi:l:W:Y:m:")) != -1) { #endif switch (ch) { case 'D': flag_debug = 1; break; case 'I': flag_inbound = 1; break; case 'i': networkif = optarg; break; case 'l': pflogif = optarg; break; case 'W': /* limit whiteexp to 2160 hours (90 days) */ i = strtonum(optarg, 1, (24 * 90), &errstr); if (errstr) usage(); whiteexp = (i * 60 * 60); break; case 'Y': if (sync_addhost(optarg, sync_port) != 0) sync_iface = optarg; syncsend++; break; #ifdef __FreeBSD__ case 'm': if (strcmp(optarg, "ipfw") == 0) use_pf=0; break; #endif default: usage(); /* NOTREACHED */ } } #ifdef __FreeBSD__ /* check if PATH_SPAMD_DB exist and is a regular file */ rst = lstat(PATH_SPAMD_DB, &dbstat); if (rst == -1 && errno == ENOENT){ syslog(LOG_ERR, "error %s (%m)", PATH_SPAMD_DB); err(1, "%s", PATH_SPAMD_DB); } if (rst == 0 && !S_ISREG(dbstat.st_mode)) { syslog(LOG_ERR, "error %s (Not a regular file)", PATH_SPAMD_DB); errx(1, "exit \"%s\" : Not a regular file", PATH_SPAMD_DB); } #endif signal(SIGINT , sighandler_close); signal(SIGQUIT, sighandler_close); signal(SIGTERM, sighandler_close); logmsg(LOG_DEBUG, "Listening on %s for %s %s", pflogif, (networkif == NULL) ? "all interfaces." : networkif, (flag_inbound) ? "Inbound direction only." : ""); if (init_pcap() == -1) err(1, "couldn't initialize pcap"); if (syncsend) { syncfd = sync_init(sync_iface, sync_baddr, sync_port); if (syncfd == -1) err(1, "sync init"); } #ifdef __FreeBSD__ /* open the pid file just before switch the user */ fpid = fopen(pid_file, "w"); if (fpid == NULL) { syslog(LOG_ERR, "error can't create pid file %s (%m)", pid_file); err(1, "can't create pid file \"%s\"", pid_file); } #endif /* privdrop */ pw = getpwnam("_spamd"); if (pw == NULL) errx(1, "User '_spamd' not found! "); if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) err(1, "failed to drop privs"); if (!flag_debug) { if (daemon(0, 0) == -1) err(1, "daemon"); tzset(); openlog_r("spamlogd", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); } #ifdef __FreeBSD__ /* after switch user and daemon write and close the pid file */ if (fpid) { fprintf(fpid, "%ld\n", (long) getpid()); if (fclose(fpid) == EOF) { syslog(LOG_ERR, "error can't close pid file %s (%m)", pid_file); exit (1); } } #endif pcap_loop(hpcap, -1, phandler, NULL); logmsg(LOG_NOTICE, "exiting"); if (!flag_debug) closelog_r(&sdata); exit(0); }
void openlog(const char *ident, int logstat, int logfac) { openlog_r(ident, logstat, logfac, &sdata); }
void do_log(LogLevel level, const char *fmt, va_list args) { //prepend the date and pid to fmt string char fmt2[MSGBUFSIZ]; timer_t timer; char timebuf[255]; struct tm* tm_info; time(&timer); tm_info = localtime(&timer); strftime(timebuf,sizeof(timebuf),"%Y:%m:%d:%H:%M:%S", tm_info); snprintf(fmt2, sizeof(fmt2),"%s %d %s", timebuf, getpid(), fmt); fmt=fmt2; #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) struct syslog_data sdata = SYSLOG_DATA_INIT; #endif char msgbuf[MSGBUFSIZ]; char fmtbuf[MSGBUFSIZ]; char *txt = NULL; int pri = LOG_INFO; int saved_errno = errno; log_handler_fn *tmp_handler; if (level > log_level) return; switch (level) { case SYSLOG_LEVEL_FATAL: if (!log_on_stderr) txt = "fatal"; pri = LOG_CRIT; break; case SYSLOG_LEVEL_ERROR: if (!log_on_stderr) txt = "error"; pri = LOG_ERR; break; case SYSLOG_LEVEL_INFO: pri = LOG_INFO; break; case SYSLOG_LEVEL_VERBOSE: pri = LOG_INFO; break; case SYSLOG_LEVEL_DEBUG1: txt = "debug1"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG2: txt = "debug2"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG3: txt = "debug3"; pri = LOG_DEBUG; break; default: txt = "internal error"; pri = LOG_ERR; break; } if (txt != NULL && log_handler == NULL) { snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); } else { vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); } strnvis(fmtbuf, msgbuf, sizeof(fmtbuf), log_on_stderr ? LOG_STDERR_VIS : LOG_SYSLOG_VIS); if (log_handler != NULL) { /* Avoid recursion */ tmp_handler = log_handler; log_handler = NULL; tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); (void)write(log_stderr_fd2, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); syslog_r(pri, &sdata, "%.500s", fmtbuf); closelog_r(&sdata); #else openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); syslog(pri, "%.500s", fmtbuf); closelog(); #endif } errno = saved_errno; }
void do_log(LogLevel level, const char *fmt, va_list args) { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) struct syslog_data sdata = SYSLOG_DATA_INIT; #endif char msgbuf[MSGBUFSIZ]; char fmtbuf[MSGBUFSIZ]; char *txt = NULL; int pri = LOG_INFO; int saved_errno = errno; if (level > log_level) return; switch (level) { case SYSLOG_LEVEL_FATAL: if (!log_on_stderr) txt = "fatal"; pri = LOG_CRIT; break; case SYSLOG_LEVEL_ERROR: if (!log_on_stderr) txt = "error"; pri = LOG_ERR; break; case SYSLOG_LEVEL_INFO: pri = LOG_INFO; break; case SYSLOG_LEVEL_VERBOSE: pri = LOG_INFO; break; case SYSLOG_LEVEL_DEBUG1: txt = "debug1"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG2: txt = "debug2"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG3: txt = "debug3"; pri = LOG_DEBUG; break; default: txt = "internal error"; pri = LOG_ERR; break; } if (txt != NULL) { snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); } else { vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); } strnvis(fmtbuf, msgbuf, sizeof(fmtbuf), log_on_stderr ? LOG_STDERR_VIS : LOG_SYSLOG_VIS); if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); write(STDERR_FILENO, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); syslog_r(pri, &sdata, "%.500s", fmtbuf); closelog_r(&sdata); #else openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); syslog(pri, "%.500s", fmtbuf); closelog(); #endif } errno = saved_errno; }
int main(int argc, char **argv) { int ch; struct passwd *pw; pcap_handler phandler = logpkt_handler; int syncfd = 0; struct servent *ent; char *sync_iface = NULL; char *sync_baddr = NULL; if ((ent = getservbyname("spamd-sync", "udp")) == NULL) errx(1, "Can't find service \"spamd-sync\" in /etc/services"); sync_port = ntohs(ent->s_port); while ((ch = getopt(argc, argv, "DIi:l:Y:")) != -1) { switch (ch) { case 'D': flag_debug = 1; break; case 'I': flag_inbound = 1; break; case 'i': networkif = optarg; break; case 'l': pflogif = optarg; break; case 'Y': if (sync_addhost(optarg, sync_port) != 0) sync_iface = optarg; syncsend++; break; default: usage(); /* NOTREACHED */ } } signal(SIGINT , sighandler_close); signal(SIGQUIT, sighandler_close); signal(SIGTERM, sighandler_close); logmsg(LOG_DEBUG, "Listening on %s for %s %s", pflogif, (networkif == NULL) ? "all interfaces." : networkif, (flag_inbound) ? "Inbound direction only." : ""); if (init_pcap() == -1) err(1, "couldn't initialize pcap"); if (syncsend) { syncfd = sync_init(sync_iface, sync_baddr, sync_port); if (syncfd == -1) err(1, "sync init"); } /* privdrop */ pw = getpwnam("_spamd"); if (pw == NULL) errx(1, "User '_spamd' not found! "); if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) err(1, "failed to drop privs"); if (!flag_debug) { if (daemon(0, 0) == -1) err(1, "daemon"); tzset(); openlog_r("spamlogd", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); } pcap_loop(hpcap, -1, phandler, NULL); logmsg(LOG_NOTICE, "exiting"); if (!flag_debug) closelog_r(&sdata); exit(0); }
void do_log(LogLevel level, const char *fmt, va_list args) { struct syslog_data sdata = SYSLOG_DATA_INIT; char msgbuf[MSGBUFSIZ]; char fmtbuf[MSGBUFSIZ]; char *txt = NULL; int pri = LOG_INFO; int saved_errno = errno; log_handler_fn *tmp_handler; if (level > log_level) return; switch (level) { case SYSLOG_LEVEL_FATAL: if (!log_on_stderr) txt = "fatal"; pri = LOG_CRIT; break; case SYSLOG_LEVEL_ERROR: if (!log_on_stderr) txt = "error"; pri = LOG_ERR; break; case SYSLOG_LEVEL_INFO: pri = LOG_INFO; break; case SYSLOG_LEVEL_VERBOSE: pri = LOG_INFO; break; case SYSLOG_LEVEL_DEBUG1: txt = "debug1"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG2: txt = "debug2"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG3: txt = "debug3"; pri = LOG_DEBUG; break; default: txt = "internal error"; pri = LOG_ERR; break; } if (txt != NULL && log_handler == NULL) { snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); } else { vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); } strnvis(fmtbuf, msgbuf, sizeof(fmtbuf), VIS_SAFE|VIS_OCTAL); if (log_handler != NULL) { /* Avoid recursion */ tmp_handler = log_handler; log_handler = NULL; tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); } else { openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); syslog_r(pri, &sdata, "%.500s", fmtbuf); closelog_r(&sdata); } errno = saved_errno; }
/* * This is used by both syslog_r and syslog. The latter supplies * a non-NULL gettime callback for filling in the date, but we also * use the presence of that callback to decide whether it's safe * to call strerror and what the name of the caller is */ void __vsyslog_r(int pri, struct syslog_data *data, size_t (*gettime)(char *, size_t), const char *fmt, va_list ap) { int cnt; char ch, *p, *t; int fd, saved_errno, error; #define TBUF_LEN 2048 #define FMT_LEN 1024 char *stdp, tbuf[TBUF_LEN], fmt_cpy[FMT_LEN]; int tbuf_left, fmt_left, prlen; #define INTERNALLOG LOG_ERR|LOG_CONS|LOG_PERROR|LOG_PID /* Check for invalid bits. */ if (pri & ~(LOG_PRIMASK|LOG_FACMASK)) { syslog_r(INTERNALLOG, data, "syslog%s: unknown facility/priority: %x", gettime != NULL ? "" : "_r", pri); pri &= LOG_PRIMASK|LOG_FACMASK; } /* Check priority against setlogmask values. */ if (!(LOG_MASK(LOG_PRI(pri)) & data->log_mask)) return; saved_errno = errno; /* Set default facility if none specified. */ if ((pri & LOG_FACMASK) == 0) pri |= data->log_fac; p = tbuf; tbuf_left = TBUF_LEN; #define DEC() \ do { \ if (prlen < 0) \ prlen = 0; \ if (prlen >= tbuf_left) \ prlen = tbuf_left - 1; \ p += prlen; \ tbuf_left -= prlen; \ } while (0) prlen = snprintf(p, tbuf_left, "<%d>", pri); DEC(); /* * syslogd will expand time automagically for reentrant case, and * for normal case, invoke the callback to do it just do like before */ if (gettime != NULL) { prlen = gettime(p, tbuf_left); DEC(); } if (data->log_stat & LOG_PERROR) stdp = p; if (data->log_tag == NULL) data->log_tag = __progname; if (data->log_tag != NULL) { prlen = snprintf(p, tbuf_left, "%s", data->log_tag); DEC(); } if (data->log_stat & LOG_PID) { prlen = snprintf(p, tbuf_left, "[%ld]", (long)getpid()); DEC(); } if (data->log_tag != NULL) { if (tbuf_left > 1) { *p++ = ':'; tbuf_left--; } if (tbuf_left > 1) { *p++ = ' '; tbuf_left--; } } /* strerror() is not reentrant */ for (t = fmt_cpy, fmt_left = FMT_LEN; (ch = *fmt); ++fmt) { if (ch == '%' && fmt[1] == 'm') { ++fmt; if (gettime != NULL) { prlen = snprintf(t, fmt_left, "%s", strerror(saved_errno)); } else { prlen = snprintf(t, fmt_left, "Error %d", saved_errno); } if (prlen < 0) prlen = 0; if (prlen >= fmt_left) prlen = fmt_left - 1; t += prlen; fmt_left -= prlen; } else if (ch == '%' && fmt[1] == '%' && fmt_left > 2) { *t++ = '%'; *t++ = '%'; fmt++; fmt_left -= 2; } else { if (fmt_left > 1) { *t++ = ch; fmt_left--; } } } *t = '\0'; prlen = vsnprintf(p, tbuf_left, fmt_cpy, ap); DEC(); cnt = p - tbuf; /* Output to stderr if requested. */ if (data->log_stat & LOG_PERROR) { struct iovec iov[2]; iov[0].iov_base = stdp; iov[0].iov_len = cnt - (stdp - tbuf); iov[1].iov_base = "\n"; iov[1].iov_len = 1; (void)writev(STDERR_FILENO, iov, 2); } /* Get connected, output the message to the local logger. */ if (!data->opened) openlog_r(data->log_tag, data->log_stat, 0, data); connectlog_r(data); /* * If the send() failed, there are two likely scenarios: * 1) syslogd was restarted * 2) /dev/log is out of socket buffer space * We attempt to reconnect to /dev/log to take care of * case #1 and keep send()ing data to cover case #2 * to give syslogd a chance to empty its socket buffer. */ if ((error = send(data->log_file, tbuf, cnt, 0)) < 0) { if (errno != ENOBUFS) { disconnectlog_r(data); connectlog_r(data); } do { struct timespec rqt = { 0, 1000 }; nanosleep(&rqt, NULL); if ((error = send(data->log_file, tbuf, cnt, 0)) >= 0) break; } while (errno == ENOBUFS); } /* * Output the message to the console; try not to block * as a blocking console should not stop other processes. * Make sure the error reported is the one from the syslogd failure. */ if (error == -1 && (data->log_stat & LOG_CONS) && (fd = open(_PATH_CONSOLE, O_WRONLY|O_NONBLOCK, 0)) >= 0) { struct iovec iov[2]; p = strchr(tbuf, '>') + 1; iov[0].iov_base = p; iov[0].iov_len = cnt - (p - tbuf); iov[1].iov_base = "\r\n"; iov[1].iov_len = 2; (void)writev(fd, iov, 2); (void)close(fd); } }
int main(int argc, char *argv[]) { fd_set set; int ch, uflag = 0, p; struct passwd *pw; if (geteuid() != 0) { (void) fprintf(stderr, "%s: need root privileges\n", __progname); exit(1); } pw = getpwnam("_discardd"); if (pw == NULL) { (void) fprintf(stderr, "%s: no _discardd user\n", __progname); exit(1); } while ((ch = getopt(argc, argv, "u")) != -1) { switch (ch) { case 'u': uflag = 1; break; default: usage(); /* NOTREACHED */ } } argc -= optind; argv += optind; openlog_r(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); /* Start TCP and UDP protocols separately. */ starttcp(); if (uflag) startudp(); /* Drop privileges */ if (chroot("/var/empty") != 0 || chdir("/") != 0) { (void) fprintf(stderr, "%s: could not chroot\n", __progname); exit(1); } if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) { (void) fprintf(stderr, "%s: can't drop privileges\n", __progname); exit(1); } if (daemon(0, 0) < 0) { (void) fprintf(stderr, "%s: unable to daemonize\n", __progname); exit(1); } #ifdef __OpenBSD__ if ((p = pledge("stdio inet proc", NULL)) == -1) { fprintf(stderr, "%s: pledge(2) failed: %s\n", __progname, strerror(errno)); exit(1); } #endif signal(SIGCHLD, SIG_IGN); signal(SIGUSR1, quit); FD_ZERO(&set); while (1) { FD_SET(tcpfd, &set); if (uflag) FD_SET(udpfd, &set); if (select(MAX(tcpfd, udpfd) + 1, &set, NULL, NULL, NULL) < 0) { syslog_r(LOG_ERR, &sdata, "%s", strerror(errno)); exit(1); } if (tcpfd > -1 && FD_ISSET(tcpfd, &set)) discardtcp(); if (uflag && udpfd > -1 && FD_ISSET(udpfd, &set)) discardudp(); } return 0; }
int main(int argc, char *argv[]) { int ch, cftest = 0, daemonize = 1, rdomain = -1; extern char *__progname; char *sync_iface = NULL; char *sync_baddr = NULL; u_short sync_port = 0; struct servent *ent; /* Initially, log errors to stderr as well as to syslogd. */ openlog_r(__progname, LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY, &sdata); opterr = 0; while ((ch = getopt(argc, argv, "A:C:L:c:dfl:nY:y:")) != -1) switch (ch) { case 'Y': syncsend = 1; break; case 'y': syncrecv = 1; break; } if (syncsend || syncrecv) { if ((ent = getservbyname("dhcpd-sync", "udp")) == NULL) errx(1, "Can't find service \"dhcpd-sync\" in " "/etc/services"); sync_port = ntohs(ent->s_port); } optreset = optind = opterr = 1; while ((ch = getopt(argc, argv, "A:C:L:c:dfl:nY:y:")) != -1) switch (ch) { case 'A': abandoned_tab = optarg; break; case 'C': changedmac_tab = optarg; break; case 'L': leased_tab = optarg; break; case 'c': path_dhcpd_conf = optarg; break; case 'd': daemonize = 0; log_perror = 1; break; case 'f': daemonize = 0; break; case 'l': path_dhcpd_db = optarg; break; case 'n': daemonize = 0; cftest = 1; log_perror = 1; break; case 'Y': if (sync_addhost(optarg, sync_port) != 0) sync_iface = optarg; syncsend = 1; break; case 'y': sync_baddr = optarg; syncrecv = 1; break; default: usage(); } argc -= optind; argv += optind; while (argc > 0) { struct interface_info *tmp = calloc(1, sizeof(*tmp)); if (!tmp) error("calloc"); strlcpy(tmp->name, argv[0], sizeof(tmp->name)); tmp->next = interfaces; interfaces = tmp; argc--; argv++; } /* Default DHCP/BOOTP ports. */ server_port = htons(SERVER_PORT); client_port = htons(CLIENT_PORT); tzset(); time(&cur_time); if (!readconf()) error("Configuration file errors encountered"); if (cftest) exit(0); db_startup(); discover_interfaces(&rdomain); if (rdomain != -1) if (setrtable(rdomain) == -1) error("setrtable (%m)"); icmp_startup(1, lease_pinged); if (syncsend || syncrecv) { syncfd = sync_init(sync_iface, sync_baddr, sync_port); if (syncfd == -1) err(1, "sync init"); } if ((pw = getpwnam("_dhcp")) == NULL) error("user \"_dhcp\" not found"); if (daemonize) daemon(0, 0); /* don't go near /dev/pf unless we actually intend to use it */ if ((abandoned_tab != NULL) || (changedmac_tab != NULL) || (leased_tab != NULL)){ if (pipe(pfpipe) == -1) error("pipe (%m)"); switch (pfproc_pid = fork()){ case -1: error("fork (%m)"); /* NOTREACHED */ exit(1); case 0: /* child process. start up table engine */ pftable_handler(); /* NOTREACHED */ exit(1); default: gotpipe = 1; break; } } if (chroot(_PATH_VAREMPTY) == -1) error("chroot %s: %m", _PATH_VAREMPTY); if (chdir("/") == -1) error("chdir(\"/\"): %m"); if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) error("can't drop privileges: %m"); bootp_packet_handler = do_packet; add_timeout(cur_time + 5, periodic_scan, NULL); dispatch(); /* not reached */ exit(0); }