Fix #48: add option ('-K') to disable kernel logging

This patch adds support for disabling kernel logging, opensys().  This
is in addition to the character device validation check, and primarily
for use in container use-cases -- where logging kernel is not needed.

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>

man/syslogd.8

@@ -38,7 +38,7 @@
 .Nd log systems messages
 .Sh SYNOPSIS
 .Nm
-.Op Fl ?46AdFHknsTtv
+.Op Fl ?46AdFHKknsTtv
 .Op Fl a Ar addr[/len][:port]
 .Op Fl a Ar name[:port]
 .Op Fl b Ar addr[:port]
@@ -255,6 +255,9 @@ and wants to monitor when and how it exits.
 .It Fl H
 When logging remote messages use hostname from the message (if supplied)
 instead of using address from which the message was received.
+.It Fl K
+Disable kernel logging.  Useful in container use-cases where kernel logs
+har handled by the host system.
 .It Fl k
 Disable the translation of
 messages received with facility

src/syslogd.c

@@ -140,6 +140,7 @@ static int	  SecureMode;		  /* when true, receive only unix domain socks */
 static int	  RemoteAddDate;	  /* Always set the date on remote messages */
 static int	  RemoteHostname;	  /* Log remote hostname from the message */
 
+static int	  KernLog = 1;		  /* Track kernel logs by default */
 static int	  KeepKernFac;		  /* Keep remotely logged kernel facility */
 static int	  KeepKernTime;		  /* Keep kernel timestamp, evern after initial read */
 
@@ -255,8 +256,8 @@ static void sys_seqno_save(void)
 int usage(int code)
 {
 	printf("Usage:\n"
-	       "  syslogd [-46AdFKknsTv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n"
+	       "  syslogd [-46AdFKknsTtv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n"
-	       "                          [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n"
+	       "                           [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n"
 	       "Options:\n"
 	       "  -4        Force IPv4 only\n"
 	       "  -6        Force IPv6 only\n"
@@ -285,6 +286,7 @@ int usage(int code)
 	       "  -d        Enable debug mode, implicitly enables -F to prevent backgrounding\n"
 	       "  -F        Run in foreground, required when monitored by init(1)\n"
 	       "  -f FILE   Alternate .conf file, default: %s\n"
+	       "  -K        Disable kernel logging, useful in container use-cases\n"
 	       "  -k        Allow logging with facility 'kernel', otherwise remapped to 'user'\n"
 	       "  -m MINS   Interval between MARK messages, 0 to disable, default: 20 min\n"
 	       "  -n        Disable DNS query for every request\n"
@@ -318,7 +320,7 @@ int main(int argc, char *argv[])
 	int pflag = 0, bflag = 0;
 	int ch;
 
-	while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:km:nP:p:r:sTtv?")) != EOF) {
+	while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:Kkm:nP:p:r:sTtv?")) != EOF) {
 		switch ((char)ch) {
 		case '4':
 			family = PF_INET;
@@ -369,6 +371,10 @@ int main(int argc, char *argv[])
 			RemoteHostname = 1;
 			break;
 
+		case 'K':
+			KernLog = 0;
+			break;
+
 		case 'k':		/* keep remote kern fac */
 			KeepKernFac = 1;
 			break;
@@ -457,14 +463,17 @@ int main(int argc, char *argv[])
 	 * /dev/kmsg and fall back to _PROC_KLOG, which on GLIBC
 	 * systems is /proc/kmsg, and /dev/klog on *BSD.
 	 */
-	sys_seqno_load();
+	if (KernLog) {
-	if (opensys("/dev/kmsg")) {
+		sys_seqno_load();
-		if (opensys(_PATH_KLOG))
+		if (opensys("/dev/kmsg")) {
-			warn("Kernel logging disabled, failed opening %s", _PATH_KLOG);
+			if (opensys(_PATH_KLOG))
-		else
+				warn("Kernel logging disabled, failed opening %s",
+				     _PATH_KLOG);
+			else
+				kern_console_off();
+		} else
 			kern_console_off();
-	} else
+	}
-		kern_console_off();
 
 	consfile.f_type = F_CONSOLE;
 	strlcpy(consfile.f_un.f_fname, ctty, sizeof(consfile.f_un.f_fname));
@@ -523,7 +532,8 @@ int main(int argc, char *argv[])
 		if (rc < 0 && errno != EINTR)
 			ERR("select()");
 
-		sys_seqno_save();
+		if (KernLog)
+			sys_seqno_save();
 	}
 }