gboolean
system_generate_system(CfgLexer *lexer, gint type, const gchar *name,
CfgArgs *args, gpointer user_data)
{
gchar buf[256];
GString *sysblock;
struct utsname u;
g_snprintf(buf, sizeof(buf), "source confgen system");
sysblock = g_string_sized_new(1024);
if (uname(&u) != 0)
{
msg_error("system(): Cannot get information about the running kernel",
evt_tag_errno("error", errno),
NULL);
return FALSE;
}
if (strcmp(u.sysname, "Linux") == 0)
{
char *log = "/dev/log";
if (getenv("LISTEN_FDS") != NULL)
{
struct stat sbuf;
if (stat("/run/systemd/journal/syslog", &sbuf) == 0)
{
if (S_ISSOCK(sbuf.st_mode))
log = "/run/systemd/journal/syslog";
}
}
system_sysblock_add_unix_dgram(sysblock, log, NULL, "8192");
if (access("/proc/kmsg", R_OK) == -1)
{
msg_warning("system(): /proc/kmsg is not readable, please "
"check permissions if this is unintentional.",
evt_tag_errno("error", errno),
NULL);
}
else
system_sysblock_add_file(sysblock, "/proc/kmsg", -1, "kernel", "kernel");
}
else if (strcmp(u.sysname, "SunOS") == 0)
{
system_sysblock_add_module(sysblock, "afstreams");
if (strcmp(u.release, "5.8") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", NULL);
else if (strcmp(u.release, "5.9") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/etc/.syslog_door");
else
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/var/run/syslog_door");
}
else if (strcmp(u.sysname, "FreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_unix_dgram(sysblock, "/var/run/logpriv", "0600", NULL);
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "GNU/kFreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "HP-UX") == 0)
{
system_sysblock_add_pipe(sysblock, "/dev/pipe", 2048);
}
else if (strcmp(u.sysname, "AIX") == 0 ||
strcmp(u.sysname, "OSF1") == 0 ||
strncmp(u.sysname, "CYGWIN", 6) == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/dev/log", NULL, NULL);
}
else
{
msg_error("system(): Error detecting platform, unable to define the system() source. "
"Please send your system information to the developers!",
evt_tag_str("sysname", u.sysname),
evt_tag_str("release", u.release),
NULL);
return FALSE;
}
if (!cfg_lexer_include_buffer(lexer, buf, sysblock->str, sysblock->len))
{
g_string_free(sysblock, TRUE);
return FALSE;
}
return TRUE;
}
gboolean
system_generate_system(CfgLexer *lexer, gint type, const gchar *name,
CfgArgs *args, gpointer user_data)
{
gchar buf[256];
GString *sysblock;
struct utsname u;
g_snprintf(buf, sizeof(buf), "source confgen system");
sysblock = g_string_sized_new(1024);
if (uname(&u) < 0)
{
msg_error("system(): Cannot get information about the running kernel",
evt_tag_errno("error", errno),
NULL);
return FALSE;
}
if (strcmp(u.sysname, "Linux") == 0)
{
char *log = system_linux_find_dev_log ();
if (!log)
{
return FALSE;
}
system_sysblock_add_unix_dgram(sysblock, log, NULL, "8192");
system_sysblock_add_linux_kmsg(sysblock);
}
else if (strcmp(u.sysname, "SunOS") == 0)
{
system_sysblock_add_module(sysblock, "afstreams");
if (strcmp(u.release, "5.8") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", NULL);
else if (strcmp(u.release, "5.9") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/etc/.syslog_door");
else
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/var/run/syslog_door");
}
else if (strcmp(u.sysname, "FreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_unix_dgram(sysblock, "/var/run/logpriv", "0600", NULL);
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "GNU/kFreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "HP-UX") == 0)
{
system_sysblock_add_pipe(sysblock, "/dev/log", 2048);
}
else if (strcmp(u.sysname, "AIX") == 0 ||
strcmp(u.sysname, "OSF1") == 0 ||
strncmp(u.sysname, "CYGWIN", 6) == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/dev/log", NULL, NULL);
}
else
{
msg_error("system(): Error detecting platform, unable to define the system() source. "
"Please send your system information to the developers!",
evt_tag_str("sysname", u.sysname),
evt_tag_str("release", u.release),
NULL);
return FALSE;
}
if (!cfg_lexer_include_buffer(lexer, buf, sysblock->str, sysblock->len))
{
g_string_free(sysblock, TRUE);
return FALSE;
}
return TRUE;
}
static gboolean
system_generate_system_transports(GString *sysblock)
{
struct utsname u;
if (uname(&u) < 0)
{
msg_error("system(): Cannot get information about the running kernel",
evt_tag_errno("error", errno),
NULL);
return FALSE;
}
if (strcmp(u.sysname, "Linux") == 0)
{
system_sysblock_add_linux(sysblock);
}
else if (strcmp(u.sysname, "SunOS") == 0)
{
system_sysblock_add_module(sysblock, "afstreams");
if (strcmp(u.release, "5.8") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", NULL);
else if (strcmp(u.release, "5.9") == 0)
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/etc/.syslog_door");
else
system_sysblock_add_sun_streams(sysblock, "/dev/log", "/var/run/syslog_door");
}
else if (strcmp(u.sysname, "FreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_unix_dgram(sysblock, "/var/run/logpriv", "0600", NULL);
if (!system_freebsd_is_jailed())
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "GNU/kFreeBSD") == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL, NULL);
system_sysblock_add_freebsd_klog(sysblock, u.release);
}
else if (strcmp(u.sysname, "HP-UX") == 0)
{
system_sysblock_add_pipe(sysblock, "/dev/log", 2048);
}
else if (strcmp(u.sysname, "AIX") == 0 ||
strcmp(u.sysname, "OSF1") == 0 ||
strncmp(u.sysname, "CYGWIN", 6) == 0)
{
system_sysblock_add_unix_dgram(sysblock, "/dev/log", NULL, NULL);
}
else
{
msg_error("system(): Error detecting platform, unable to define the system() source. "
"Please send your system information to the developers!",
evt_tag_str("sysname", u.sysname),
evt_tag_str("release", u.release),
NULL);
return FALSE;
}
g_string_append(sysblock, "\n");
return TRUE;
}