From owner-svn-src-head@freebsd.org Thu Mar 12 19:55:53 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4315A26A05E; Thu, 12 Mar 2020 19:55:53 +0000 (UTC) (envelope-from oshogbo@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48dfhS6k2Gz4Tsq; Thu, 12 Mar 2020 19:55:52 +0000 (UTC) (envelope-from oshogbo@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BCADB2A669; Thu, 12 Mar 2020 19:55:52 +0000 (UTC) (envelope-from oshogbo@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 02CJtqlZ048332; Thu, 12 Mar 2020 19:55:52 GMT (envelope-from oshogbo@FreeBSD.org) Received: (from oshogbo@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 02CJtqcw048330; Thu, 12 Mar 2020 19:55:52 GMT (envelope-from oshogbo@FreeBSD.org) Message-Id: <202003121955.02CJtqcw048330@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: oshogbo set sender to oshogbo@FreeBSD.org using -f From: Mariusz Zaborski Date: Thu, 12 Mar 2020 19:55:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r358919 - head/usr.bin/logger X-SVN-Group: head X-SVN-Commit-Author: oshogbo X-SVN-Commit-Paths: head/usr.bin/logger X-SVN-Commit-Revision: 358919 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Mar 2020 19:55:53 -0000 Author: oshogbo Date: Thu Mar 12 19:55:51 2020 New Revision: 358919 URL: https://svnweb.freebsd.org/changeset/base/358919 Log: logger: capsicumize Submitted by: Tiger Gao Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23744 Modified: head/usr.bin/logger/Makefile head/usr.bin/logger/logger.c Modified: head/usr.bin/logger/Makefile ============================================================================== --- head/usr.bin/logger/Makefile Thu Mar 12 19:10:53 2020 (r358918) +++ head/usr.bin/logger/Makefile Thu Mar 12 19:55:51 2020 (r358919) @@ -9,4 +9,10 @@ PROG= logger CFLAGS+= -DINET6 .endif +.if ${MK_CASPER} != "no" +LIBADD+= casper +LIBADD+= cap_syslog +CFLAGS+=-DWITH_CASPER +.endif + .include Modified: head/usr.bin/logger/logger.c ============================================================================== --- head/usr.bin/logger/logger.c Thu Mar 12 19:10:53 2020 (r358918) +++ head/usr.bin/logger/logger.c Thu Mar 12 19:55:51 2020 (r358919) @@ -44,10 +44,12 @@ static char sccsid[] = "@(#)logger.c 8.1 (Berkeley) 6/ #include __FBSDID("$FreeBSD$"); +#include #include #include #include +#include #include #include #include @@ -57,6 +59,9 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include + #define SYSLOG_NAMES #include @@ -76,6 +81,7 @@ static void logmessage(int, const char *, const char * struct socks *, ssize_t, const char *); static void usage(void); +static cap_channel_t *capsyslog; #ifdef INET6 static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */ #else @@ -92,12 +98,13 @@ static int send_to_all = 0; /* send message to all IPv int main(int argc, char *argv[]) { + cap_channel_t *capcas; struct socks *socks; ssize_t nsock; time_t now; int ch, logflags, pri; char *tag, *host, buf[1024], *timestamp, tbuf[26], - *hostname, hbuf[MAXHOSTNAMELEN]; + *hostname, hbuf[MAXHOSTNAMELEN], *pristr; const char *svcname, *src; tag = NULL; @@ -107,6 +114,7 @@ main(int argc, char *argv[]) src = NULL; socks = NULL; pri = LOG_USER | LOG_NOTICE; + pristr = NULL; logflags = 0; unsetenv("TZ"); while ((ch = getopt(argc, argv, "46Af:H:h:iP:p:S:st:")) != -1) @@ -140,7 +148,7 @@ main(int argc, char *argv[]) svcname = optarg; break; case 'p': /* priority */ - pri = pencode(optarg); + pristr = optarg; break; case 's': /* log to standard error */ logflags |= LOG_PERROR; @@ -168,12 +176,25 @@ main(int argc, char *argv[]) nsock = 0; } + capcas = cap_init(); + if (capcas == NULL) + err(1, "Unable to contact Casper"); + caph_cache_catpages(); + caph_cache_tzdata(); + if (caph_enter() < 0) + err(1, "Unable to enter capability mode"); + capsyslog = cap_service_open(capcas, "system.syslog"); + if (capsyslog == NULL) + err(1, "Unable to open system.syslog service"); + cap_close(capcas); + + if (pristr != NULL) + pri = pencode(pristr); if (tag == NULL) tag = getlogin(); /* setup for logging */ if (host == NULL) - openlog(tag, logflags, 0); - (void) fclose(stdout); + cap_openlog(capsyslog, tag, logflags, 0); (void )time(&now); (void )ctime_r(&now, tbuf); @@ -349,7 +370,7 @@ logmessage(int pri, const char *timestamp, const char int len, i, lsent; if (nsock == 0) { - syslog(pri, "%s", buf); + cap_syslog(capsyslog, pri, "%s", buf); return; } if ((len = asprintf(&line, "<%d>%s %s %s: %s", pri, timestamp,