From 29e932008deecc006b2b6f34f951bc311403c5e9 Mon Sep 17 00:00:00 2001 From: Joachim Wiberg Date: Sun, 13 Feb 2022 23:40:06 +0100 Subject: [PATCH] Fix #48: add option ('-K') to disable kernel logging This patch adds support for disabling kernel logging, opensys(). This is in addition to the character device validation check, and primarily for use in container use-cases -- where logging kernel is not needed. Signed-off-by: Joachim Wiberg --- man/syslogd.8 | 5 ++++- src/syslogd.c | 32 +++++++++++++++++++++----------- 2 files changed, 25 insertions(+), 12 deletions(-) diff --git a/man/syslogd.8 b/man/syslogd.8 index 17479e3..8bb3863 100644 --- a/man/syslogd.8 +++ b/man/syslogd.8 @@ -38,7 +38,7 @@ .Nd log systems messages .Sh SYNOPSIS .Nm -.Op Fl ?46AdFHknsTtv +.Op Fl ?46AdFHKknsTtv .Op Fl a Ar addr[/len][:port] .Op Fl a Ar name[:port] .Op Fl b Ar addr[:port] @@ -255,6 +255,9 @@ and wants to monitor when and how it exits. .It Fl H When logging remote messages use hostname from the message (if supplied) instead of using address from which the message was received. +.It Fl K +Disable kernel logging. Useful in container use-cases where kernel logs +har handled by the host system. .It Fl k Disable the translation of messages received with facility diff --git a/src/syslogd.c b/src/syslogd.c index 484f05b..d0e7993 100644 --- a/src/syslogd.c +++ b/src/syslogd.c @@ -140,6 +140,7 @@ static int SecureMode; /* when true, receive only unix domain socks */ static int RemoteAddDate; /* Always set the date on remote messages */ static int RemoteHostname; /* Log remote hostname from the message */ +static int KernLog = 1; /* Track kernel logs by default */ static int KeepKernFac; /* Keep remotely logged kernel facility */ static int KeepKernTime; /* Keep kernel timestamp, evern after initial read */ @@ -255,8 +256,8 @@ static void sys_seqno_save(void) int usage(int code) { printf("Usage:\n" - " syslogd [-46AdFKknsTv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n" - " [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n" + " syslogd [-46AdFKknsTtv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n" + " [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n" "Options:\n" " -4 Force IPv4 only\n" " -6 Force IPv6 only\n" @@ -285,6 +286,7 @@ int usage(int code) " -d Enable debug mode, implicitly enables -F to prevent backgrounding\n" " -F Run in foreground, required when monitored by init(1)\n" " -f FILE Alternate .conf file, default: %s\n" + " -K Disable kernel logging, useful in container use-cases\n" " -k Allow logging with facility 'kernel', otherwise remapped to 'user'\n" " -m MINS Interval between MARK messages, 0 to disable, default: 20 min\n" " -n Disable DNS query for every request\n" @@ -318,7 +320,7 @@ int main(int argc, char *argv[]) int pflag = 0, bflag = 0; int ch; - while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:km:nP:p:r:sTtv?")) != EOF) { + while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:Kkm:nP:p:r:sTtv?")) != EOF) { switch ((char)ch) { case '4': family = PF_INET; @@ -369,6 +371,10 @@ int main(int argc, char *argv[]) RemoteHostname = 1; break; + case 'K': + KernLog = 0; + break; + case 'k': /* keep remote kern fac */ KeepKernFac = 1; break; @@ -457,14 +463,17 @@ int main(int argc, char *argv[]) * /dev/kmsg and fall back to _PROC_KLOG, which on GLIBC * systems is /proc/kmsg, and /dev/klog on *BSD. */ - sys_seqno_load(); - if (opensys("/dev/kmsg")) { - if (opensys(_PATH_KLOG)) - warn("Kernel logging disabled, failed opening %s", _PATH_KLOG); - else + if (KernLog) { + sys_seqno_load(); + if (opensys("/dev/kmsg")) { + if (opensys(_PATH_KLOG)) + warn("Kernel logging disabled, failed opening %s", + _PATH_KLOG); + else + kern_console_off(); + } else kern_console_off(); - } else - kern_console_off(); + } consfile.f_type = F_CONSOLE; strlcpy(consfile.f_un.f_fname, ctty, sizeof(consfile.f_un.f_fname)); @@ -523,7 +532,8 @@ int main(int argc, char *argv[]) if (rc < 0 && errno != EINTR) ERR("select()"); - sys_seqno_save(); + if (KernLog) + sys_seqno_save(); } }