Refactor of nslookup of unknown remote syslog servers, both when
(re)reading the .conf file and at runtime. This means we retry
DNS lookup every 30 sec, or INET_SUSPEND_TIME +/- 30 sec.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
The domark() timer handles a lot of the critical maintenance action in
syslogd, it must always be guaranteed to run.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Only block signals *after* all sanity checking of log message has been
completed, otherwise we will end up with blocked SIGHUP and SIGALRM.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
We definitely want to be able to run syslogd in debug mode for extended
periods of time and still run under finit/systemd or similar, letting
users know we run as 'PID'.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
When logging to a remote server, using @fqdn syntax in syslog.conf,
syslogd calls getaddrinfo() to resolve the IP address. Older versions
of syslogd gave up after 10 retries. We want to retry forever since we
may be running in a setup with bad network connection to the DNS server
for longer periods of time.
This patch only removes the 'give up' mechanism, which unfortunately
reused the f_prevcount value, which in turn could cause that value to
become -1 and thus trigger an assert(). With this code out of the way,
and the type change in the previous commit, the counter can never again
be negative.
Note: The configurable suspend time before trying again remains at its
default of 3 minutes.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
When we fail sending to a remote host, help admin debug the issue by
stating which remote we failed to send to.
Also minor changes to other similar error messages, use same form.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
For most use-cases a kernel with CONFIG_KALLSYMS and a stand-alone
syslogd is sufficient. No need for the complexity of klogd.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
- We have the -a PEER and -s to limit exposure to remote attacks
- Mention include file syntax in .conf file differences section
- Mention SECURITY section in BUGS, there are countermeasures
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
When creating Inet sockets we may get multiple struct addrinfo records.
With this patch we support up to 16 records per Internet peer. When
closing we iterate over all peers and all records.
Refactor socket_close() to clean up any lingering socket path when
closing UNIX socket.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
This patch re-adds the -n flag, but now to disable DNS reverse-query for
all incoming messages. This can potentially speed up logging a lot for
small/embedded systems that act as log sink.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
This change will probably break most installations. We do this to free
up '-n' for use as disabling DNS lookups, from FreeBSD *and* NetBSD.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
This patch makes us wire-compatible with older versions of ourself, and
current versions set up to use default remote format.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
