summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2008-06-07 16:24:09 +0000
committerMike Frysinger <vapier@gentoo.org>2008-06-07 16:24:09 +0000
commitc000921fbd5380d37f7851900ebeb6c57d1f9b1c (patch)
treee51e6886ac58f8e1337998c9378a8ab030a48724 /app-admin/sysklogd/files
parentremove old (diff)
downloadhistorical-c000921fbd5380d37f7851900ebeb6c57d1f9b1c.tar.gz
historical-c000921fbd5380d37f7851900ebeb6c57d1f9b1c.tar.bz2
historical-c000921fbd5380d37f7851900ebeb6c57d1f9b1c.zip
Version bump #225053 by Fabio Rossi and switch to Debian /etc files (which we were using anyways) for #40304 #69391 #204843.
Package-Manager: portage-2.2_pre5.spank.spunk
Diffstat (limited to 'app-admin/sysklogd/files')
-rw-r--r--app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff162
-rw-r--r--app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff103
-rw-r--r--app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff118
-rw-r--r--app-admin/sysklogd/files/sysklogd-1.5-build.patch20
-rw-r--r--app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch38
5 files changed, 441 insertions, 0 deletions
diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff
new file mode 100644
index 000000000000..40b8817d4e28
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff
@@ -0,0 +1,162 @@
+http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff?rev=1.2;content-type=text%2Fplain
+diff -upk.orig sysklogd-1.4.2.orig/klogd.8 sysklogd-1.4.2/klogd.8
+--- sysklogd-1.4.2.orig/klogd.8 2005-03-11 16:12:09 +0000
++++ sysklogd-1.4.2/klogd.8 2005-08-18 14:37:47 +0000
+@@ -18,6 +19,12 @@ klogd \- Kernel Log Daemon
+ .RB [ " \-f "
+ .I fname
+ ]
++.RB [ " \-u "
++.I username
++]
++.RB [ " \-j "
++.I chroot_dir
++]
+ .RB [ " \-iI " ]
+ .RB [ " \-n " ]
+ .RB [ " \-o " ]
+@@ -53,6 +60,20 @@ stderr.
+ .BI "\-f " file
+ Log messages to the specified filename rather than to the syslog facility.
+ .TP
++.BI "\-u " username
++Tells klogd to become the specified user and drop root privileges before
++starting logging.
++.TP
++.BI "\-j " chroot_dir
++Tells klogd to
++.BR chroot (2)
++into this directory after initializing.
++This option is only valid if the \-u option is also used to run klogd
++without root privileges.
++Note that the use of this option will prevent \-i and \-I from working
++unless you set up the chroot directory in such a way that klogd can still
++read the kernel module symbols.
++.TP
+ .BI "\-i \-I"
+ Signal the currently executing klogd daemon. Both of these switches control
+ the loading/reloading of symbol information. The \-i switch signals the
+diff -upk.orig sysklogd-1.4.2.orig/klogd.c sysklogd-1.4.2/klogd.c
+--- sysklogd-1.4.2.orig/klogd.c 2005-08-18 12:29:52 +0000
++++ sysklogd-1.4.2/klogd.c 2005-08-18 14:37:47 +0000
+@@ -261,6 +261,8 @@
+ #include <stdarg.h>
+ #include <paths.h>
+ #include <stdlib.h>
++#include <pwd.h>
++#include <grp.h>
+ #include "klogd.h"
+ #include "ksyms.h"
+ #ifndef TESTING
+@@ -315,6 +317,9 @@ static enum LOGSRC {none, proc, kernel}
+ int debugging = 0;
+ int symbols_twice = 0;
+
++char *server_user = NULL;
++char *chroot_dir = NULL;
++int log_flags = 0;
+
+ /* Function prototypes. */
+ extern int ksyslog(int type, char *buf, int len);
+@@ -535,8 +540,9 @@ static enum LOGSRC GetKernelLogSrc(void)
+ * First do a stat to determine whether or not the proc based
+ * file system is available to get kernel messages from.
+ */
+- if ( use_syscall ||
+- ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) )
++ if (!server_user &&
++ (use_syscall ||
++ ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT))))
+ {
+ /* Initialize kernel logging. */
+ ksyslog(1, NULL, 0);
+@@ -983,6 +989,27 @@ static void LogProcLine(void)
+ }
+
+
++static int drop_root(void)
++{
++ struct passwd *pw;
++
++ if (!(pw = getpwnam(server_user))) return -1;
++
++ if (!pw->pw_uid) return -1;
++
++ if (chroot_dir) {
++ if (chdir(chroot_dir)) return -1;
++ if (chroot(".")) return -1;
++ }
++
++ if (setgroups(0, NULL)) return -1;
++ if (setgid(pw->pw_gid)) return -1;
++ if (setuid(pw->pw_uid)) return -1;
++
++ return 0;
++}
++
++
+ int main(argc, argv)
+
+ int argc;
+@@ -1000,7 +1027,7 @@ int main(argc, argv)
+ chdir ("/");
+ #endif
+ /* Parse the command-line. */
+- while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF)
++ while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF)
+ switch((char)ch)
+ {
+ case '2': /* Print lines with symbols twice. */
+@@ -1022,6 +1049,10 @@ int main(argc, argv)
+ case 'I':
+ SignalDaemon(SIGUSR2);
+ return(0);
++ case 'j': /* chroot 'j'ail */
++ chroot_dir = optarg;
++ log_flags |= LOG_NDELAY;
++ break;
+ case 'k': /* Kernel symbol file. */
+ symfile = optarg;
+ break;
+@@ -1037,6 +1068,9 @@ int main(argc, argv)
+ case 's': /* Use syscall interface. */
+ use_syscall = 1;
+ break;
++ case 'u': /* Run as this user */
++ server_user = optarg;
++ break;
+ case 'v':
+ printf("klogd %s.%s\n", VERSION, PATCHLEVEL);
+ exit (1);
+@@ -1045,6 +1079,10 @@ int main(argc, argv)
+ break;
+ }
+
++ if (chroot_dir && !server_user) {
++ fputs("'-j' is only valid with '-u'\n", stderr);
++ exit(1);
++ }
+
+ /* Set console logging level. */
+ if ( log_level != (char *) 0 )
+@@ -1158,7 +1196,7 @@ int main(argc, argv)
+ }
+ }
+ else
+- openlog("kernel", 0, LOG_KERN);
++ openlog("kernel", log_flags, LOG_KERN);
+
+
+ /* Handle one-shot logging. */
+@@ -1191,6 +1229,11 @@ int main(argc, argv)
+ }
+ }
+
++ if (server_user && drop_root()) {
++ syslog(LOG_ALERT, "klogd: failed to drop root");
++ Terminate();
++ }
++
+ /* The main loop. */
+ while (1)
+ {
diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff
new file mode 100644
index 000000000000..ad311a512c0f
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff
@@ -0,0 +1,103 @@
+http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-syslogd-bind.diff?rev=1.1;content-type=text%2Fplain
+diff -upk.orig sysklogd-1.4.2.orig/sysklogd.8 sysklogd-1.4.2/sysklogd.8
+--- sysklogd-1.4.2.orig/sysklogd.8 2004-07-09 17:33:32 +0000
++++ sysklogd-1.4.2/sysklogd.8 2005-08-18 14:40:25 +0000
+@@ -15,6 +15,9 @@ sysklogd \- Linux system logging utiliti
+ .I config file
+ ]
+ .RB [ " \-h " ]
++.RB [ " \-i "
++.I IP address
++]
+ .RB [ " \-l "
+ .I hostlist
+ ]
+@@ -104,6 +107,13 @@ Specifying this switch on the command li
+ This can cause syslog loops that fill up hard disks quite fast and
+ thus needs to be used with caution.
+ .TP
++.BI "\-i " "IP address"
++If
++.B syslogd
++is configured to accept log input from a UDP port, specify an IP address
++to bind to, rather than the default of INADDR_ANY. The address must be in
++dotted quad notation, DNS host names are not allowed.
++.TP
+ .BI "\-l " "hostlist"
+ Specify a hostname that should be logged only with its simple hostname
+ and not the fqdn. Multiple hosts may be specified using the colon
+diff -upk.orig sysklogd-1.4.2.orig/syslogd.c sysklogd-1.4.2/syslogd.c
+--- sysklogd-1.4.2.orig/syslogd.c 2005-08-18 14:33:22 +0000
++++ sysklogd-1.4.2/syslogd.c 2005-08-18 14:40:25 +0000
+@@ -774,6 +774,8 @@ char **LocalHosts = NULL; /* these hosts
+ int NoHops = 1; /* Can we bounce syslog messages through an
+ intermediate host. */
+
++char *bind_addr = NULL; /* bind UDP port to this interface only */
++
+ extern int errno;
+
+ /* Function prototypes. */
+@@ -878,7 +880,7 @@ int main(argc, argv)
+ funix[i] = -1;
+ }
+
+- while ((ch = getopt(argc, argv, "a:dhf:l:m:np:rs:v")) != EOF)
++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF)
+ switch((char)ch) {
+ case 'a':
+ if (nfunix < MAXFUNIX)
+@@ -895,9 +897,17 @@ int main(argc, argv)
+ case 'h':
+ NoHops = 0;
+ break;
++ case 'i':
++ if (bind_addr) {
++ fprintf(stderr, "Only one -i argument allowed, "
++ "the first one is taken.\n");
++ break;
++ }
++ bind_addr = optarg;
++ break;
+ case 'l':
+ if (LocalHosts) {
+- fprintf (stderr, "Only one -l argument allowed," \
++ fprintf(stderr, "Only one -l argument allowed, "
+ "the first one is taken.\n");
+ break;
+ }
+@@ -1244,7 +1254,7 @@ int main(argc, argv)
+ int usage()
+ {
+ fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
+- " [-s domainlist] [-f conffile]\n");
++ " [-s domainlist] [-f conffile] [-i IP address]\n");
+ exit(1);
+ }
+
+@@ -1286,15 +1296,22 @@ static int create_inet_socket()
+ int fd, on = 1;
+ struct sockaddr_in sin;
+
++ memset(&sin, 0, sizeof(sin));
++ sin.sin_family = AF_INET;
++ sin.sin_port = LogPort;
++ if (bind_addr) {
++ if (!inet_aton(bind_addr, &sin.sin_addr)) {
++ logerror("syslog: not a valid IP address to bind to.");
++ return -1;
++ }
++ }
++
+ fd = socket(AF_INET, SOCK_DGRAM, 0);
+ if (fd < 0) {
+ logerror("syslog: Unknown protocol, suspending inet service.");
+ return fd;
+ }
+
+- memset(&sin, 0, sizeof(sin));
+- sin.sin_family = AF_INET;
+- sin.sin_port = LogPort;
+ if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, \
+ (char *) &on, sizeof(on)) < 0 ) {
+ logerror("setsockopt(REUSEADDR), suspending inet");
diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff
new file mode 100644
index 000000000000..8c3f571f3ca2
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff
@@ -0,0 +1,118 @@
+http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff?rev=1.1;content-type=text%2Fplain
+diff -upk.orig sysklogd-1.4.2.orig/sysklogd.8 sysklogd-1.4.2/sysklogd.8
+--- sysklogd-1.4.2.orig/sysklogd.8 2005-08-18 14:40:25 +0000
++++ sysklogd-1.4.2/sysklogd.8 2005-08-18 14:41:26 +0000
+@@ -32,6 +32,9 @@ sysklogd \- Linux system logging utiliti
+ .RB [ " \-s "
+ .I domainlist
+ ]
++.RB [ " \-u"
++.IB username
++]
+ .RB [ " \-v " ]
+ .LP
+ .SH DESCRIPTION
+@@ -161,6 +164,19 @@ is specified and the host logging resolv
+ no domain would be cut, you will have to specify two domains like:
+ .BR "\-s north.de:infodrom.north.de" .
+ .TP
++.BI "\-u " "username"
++This causes the
++.B syslogd
++daemon to become the named user before starting up logging.
++
++Note that when this option is in use,
++.B syslogd
++will open all log files as root when the daemon is first started;
++however, after a
++.B SIGHUP
++the files will be reopened as the non-privileged user. You should
++take this into account when deciding the ownership of the log files.
++.TP
+ .B "\-v"
+ Print version and exit.
+ .LP
+diff -upk.orig sysklogd-1.4.2.orig/syslogd.c sysklogd-1.4.2/syslogd.c
+--- sysklogd-1.4.2.orig/syslogd.c 2005-08-18 14:40:25 +0000
++++ sysklogd-1.4.2/syslogd.c 2005-08-18 14:41:26 +0000
+@@ -524,6 +524,10 @@ static char sccsid[] = "@(#)syslogd.c 5.
+ #include <arpa/nameser.h>
+ #include <arpa/inet.h>
+ #include <resolv.h>
++
++#include <pwd.h>
++#include <grp.h>
++
+ #ifndef TESTING
+ #include "pidfile.h"
+ #endif
+@@ -775,6 +779,7 @@ int NoHops = 1; /* Can we bounce syslog
+ intermediate host. */
+
+ char *bind_addr = NULL; /* bind UDP port to this interface only */
++char *server_user = NULL; /* user name to run server as */
+
+ extern int errno;
+
+@@ -827,6 +832,21 @@ static int set_nonblock_flag(int desc)
+ return fcntl(desc, F_SETFL, flags | O_NONBLOCK);
+ }
+
++static int drop_root(void)
++{
++ struct passwd *pw;
++
++ if (!(pw = getpwnam(server_user))) return -1;
++
++ if (!pw->pw_uid) return -1;
++
++ if (initgroups(server_user, pw->pw_gid)) return -1;
++ if (setgid(pw->pw_gid)) return -1;
++ if (setuid(pw->pw_uid)) return -1;
++
++ return 0;
++}
++
+ int main(argc, argv)
+ int argc;
+ char **argv;
+@@ -880,7 +900,7 @@ int main(argc, argv)
+ funix[i] = -1;
+ }
+
+- while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF)
++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF)
+ switch((char)ch) {
+ case 'a':
+ if (nfunix < MAXFUNIX)
+@@ -933,6 +953,9 @@ int main(argc, argv)
+ }
+ StripDomains = crunch_list(optarg);
+ break;
++ case 'u':
++ server_user = optarg;
++ break;
+ case 'v':
+ printf("syslogd %s.%s\n", VERSION, PATCHLEVEL);
+ exit (0);
+@@ -1100,6 +1123,11 @@ int main(argc, argv)
+ kill (ppid, SIGTERM);
+ #endif
+
++ if (server_user && drop_root()) {
++ dprintf("syslogd: failed to drop root\n");
++ exit(1);
++ }
++
+ /* Main loop begins here. */
+ for (;;) {
+ int nfds;
+@@ -1254,7 +1282,7 @@ int main(argc, argv)
+ int usage()
+ {
+ fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
+- " [-s domainlist] [-f conffile] [-i IP address]\n");
++ " [-s domainlist] [-f conffile] [-i IP address] [-u username]\n");
+ exit(1);
+ }
+
diff --git a/app-admin/sysklogd/files/sysklogd-1.5-build.patch b/app-admin/sysklogd/files/sysklogd-1.5-build.patch
new file mode 100644
index 000000000000..12f4822cd265
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.5-build.patch
@@ -0,0 +1,20 @@
+respect env CC/CFLAGS/CPPFLAGS/LDFLAGS
+
+--- Makefile
++++ Makefile
+@@ -17,14 +17,12 @@
+ # along with this program; if not, write to the Free Software
+ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+-CC= gcc
+ #SKFLAGS= -g -DSYSV -Wall
+ #LDFLAGS= -g
+-SKFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce
++SKFLAGS= $(CFLAGS) $(CPPFLAGS) -DSYSV -Wall -fno-strength-reduce
+ # -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+ # -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE
+ # $(shell getconf LFS_SKFLAGS)
+-LDFLAGS= -s
+
+ # Look where your install program is.
+ INSTALL = /usr/bin/install
diff --git a/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch b/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch
new file mode 100644
index 000000000000..7f6c2a79b0b2
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch
@@ -0,0 +1,38 @@
+--- debian/cron.daily
++++ debian/cron.daily
+@@ -20,10 +20,6 @@
+ # Written by Martin Schulze <joey@debian.org>.
+ # $Id: cron.daily,v 1.14 2007-05-28 16:33:34 joey Exp $
+
+-test -x /usr/sbin/syslogd-listfiles || exit 0
+-test -x /sbin/syslogd || exit 0
+-test -f /usr/share/sysklogd/dummy || exit 0
+-
+ set -e
+
+ cd /var/log
+@@ -41,4 +37,4 @@
+
+ # Restart syslogd
+ #
+-/etc/init.d/sysklogd reload-or-restart > /dev/null
++/etc/init.d/sysklogd --quiet reload
+--- debian/cron.weekly
++++ debian/cron.weekly
+@@ -19,10 +19,6 @@
+ # Written by Ian A. Murdock <imurdock@debian.org>.
+ # $Id: cron.weekly,v 1.11 2007-05-28 16:33:34 joey Exp $
+
+-test -x /usr/sbin/syslogd-listfiles || exit 0
+-test -x /sbin/syslogd || exit 0
+-test -f /usr/share/sysklogd/dummy || exit 0
+-
+ set -e
+
+ cd /var/log
+@@ -40,4 +36,4 @@
+
+ # Restart syslogd
+ #
+-/etc/init.d/sysklogd reload-or-restart > /dev/null
++/etc/init.d/sysklogd --quiet reload