Instead of running the domark() timer on half the MarkInterval option,
we take the FreeBSD approach and run on each TIMERINTVL (30 sec), same
as the doflush() timer. This allows greater resolution on the MARK log
message, meaning we would be off by < 30 seconds instead of the current
MarkInterval / 2.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This patch imports the FreeBSD meaning to the `-c` command line option.
It disables "last message repeated" style log compression for repeated
log messages. A single `-c` disables compression for pipes, another
`-c` (-cc works) also disables compression for all other log targets.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This is a follow-up to d7576c7 which initially added support for running
in systemd based systems. Since the unit file sources the syslog.socket
we have /run/systemd/journal/syslog open already on descriptor 3. All
we need to do is verify that's the mode syslogd runs in.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
(-T) -- fixes changes in 8f8332885 that resulted in "Jan 0 00:00:00" timestamps.
check_timestamp() saw the nonzero timestamp.usec and returned without setting
buffer->timestamp, leaving it with nonzero usecs and an all-zeros struct tm.
Slight differences in output when called with `-v` flag:
- Should output to stdout, that's what people expect (not an error)
- Should output *project* name and version, for syslogd this is not
so obvious since it *logs* 'syslogd vx.y.z' while the version is
'sysklogd vx.y.z'
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
When logging to a file we want a space to separate proc[pid]: from the
message, but for regular logging local/remote we don't want to inject
an extra space.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This may cause a bit of a regression for some users, but the RFC is
crystal clear on this point, the tag MUST NOT exceed 32 characters.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This is the first RFC5424 (only) support for for logging to a remote
host. The syntax continues to follow the FreeBSD logger.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
As reported on GitHub. When logging to a remote host, after a few
SIGHUP's we get the following log message:
Only 16 IP addresses per socket supported.
When closing all currently open sockets, the socket count must be reset
to allow for opening new ones, otherwise we'll run out of "counts".
Yes, this should be refactored to use the FreeBSD model implementation.
Problem introduced in v2.4.0, commit 075815e.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Do not corrupt logfiles when kernel messages contain control codes,
notably \n. Instead, preserve the kernel's protective C-style hex
encoding. For example, \n embedded in a message by a kernel-level
facility is received as "\x0a". Kernel-level facilities cannot be
trusted to use only syslog-safe codes in kernel messages. See:
<https://kernel.org/doc/Documentation/ABI/testing/dev-kmsg>
This change avoids the possibility of advancing past the null
terminator, by always testing the value at the pointer before
advancing the pointer.
While repairing this, I reconciled the code sections that read the
priority, sequence, and timestamp, so that they handle the pointer in
exactly the same way. This makes the source easier to maintain.
Only to clean up, possibly relevant for no-MMU systems, but
they have other issues as well (e.g. fork) that prevent them
from using the sysklogd project.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Logic for secure mode setting in .conf file
- Command line always wins
- SIGHUP activates changes
Note, if -s is given on command line it always wins, regardless.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This is redundant and causes message truncation. The <PRI> field is
skipped within wallmsg() itself.
Signed-off-by: Edward K. McGuire <metaed@gmail.com>
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>