This is the first RFC5424 (only) support for for logging to a remote
host. The syntax continues to follow the FreeBSD logger.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
As reported on GitHub. When logging to a remote host, after a few
SIGHUP's we get the following log message:
Only 16 IP addresses per socket supported.
When closing all currently open sockets, the socket count must be reset
to allow for opening new ones, otherwise we'll run out of "counts".
Yes, this should be refactored to use the FreeBSD model implementation.
Problem introduced in v2.4.0, commit 075815e.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
No need to advertise that sysklogd is not kept up-to-date in all the
distros on the planet. Nothing much I can do about it.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Do not corrupt logfiles when kernel messages contain control codes,
notably \n. Instead, preserve the kernel's protective C-style hex
encoding. For example, \n embedded in a message by a kernel-level
facility is received as "\x0a". Kernel-level facilities cannot be
trusted to use only syslog-safe codes in kernel messages. See:
<https://kernel.org/doc/Documentation/ABI/testing/dev-kmsg>
This change avoids the possibility of advancing past the null
terminator, by always testing the value at the pointer before
advancing the pointer.
While repairing this, I reconciled the code sections that read the
priority, sequence, and timestamp, so that they handle the pointer in
exactly the same way. This makes the source easier to maintain.
Only to clean up, possibly relevant for no-MMU systems, but
they have other issues as well (e.g. fork) that prevent them
from using the sysklogd project.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This disables the "unauthenticated remote disk-filling service" by
default. A user can easily change this to 0 (or 2) to allow other
systems to log to their syslogd.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Logic for secure mode setting in .conf file
- Command line always wins
- SIGHUP activates changes
Note, if -s is given on command line it always wins, regardless.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This is redundant and causes message truncation. The <PRI> field is
skipped within wallmsg() itself.
Signed-off-by: Edward K. McGuire <metaed@gmail.com>
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Many projects use sysklogd with the shipped syslog.conf as their own
default /etc/syslog.conf. This is fine of course, but for many small
embedded systems getting all debug messages in the log by default is not
desirable.
This change drops debug messages from /var/log/syslog by default and
recommends admins to use /var/log/debug, or drop the debug filter.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>