diff options
Diffstat (limited to 'app-admin/sysklogd')
-rw-r--r-- | app-admin/sysklogd/Manifest | 17 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff | 162 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff | 103 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff | 118 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.5-build.patch | 20 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch | 38 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.5-glibc-2.24.patch | 11 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd-1.5-syslog-func-collision.patch | 103 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd.confd | 6 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd.logrotate | 8 | ||||
-rw-r--r-- | app-admin/sysklogd/files/sysklogd.rc7 | 74 | ||||
-rw-r--r-- | app-admin/sysklogd/metadata.xml | 11 | ||||
-rw-r--r-- | app-admin/sysklogd/sysklogd-1.5.1-r1.ebuild | 69 | ||||
-rw-r--r-- | app-admin/sysklogd/sysklogd-1.5.1.ebuild | 60 |
14 files changed, 800 insertions, 0 deletions
diff --git a/app-admin/sysklogd/Manifest b/app-admin/sysklogd/Manifest new file mode 100644 index 000000000000..20479d48da93 --- /dev/null +++ b/app-admin/sysklogd/Manifest @@ -0,0 +1,17 @@ +AUX sysklogd-1.4.2-caen-owl-klogd-drop-root.diff 4315 SHA256 f316586561ec40eb185bb83b6e785185b9e33b8290767336cdab626767f88060 SHA512 1a5cf4a5dec3ecaa8258110820b64d6a8e1e768e841a3f0ade8d7827b91e73c2d8a49a9d8b74566373133627af88dd46d14e83ae1940a0b2e6cd6fe8710a7e7a WHIRLPOOL 39768749718213a0e7ff923a0d94a729b4686e543fc1c3d8b32d0c8b125f8d4e03ca5e95c21c4dcfcc05ba57878d7a8deca534b4cc8b152c07e5b98b409824cf +AUX sysklogd-1.4.2-caen-owl-syslogd-bind.diff 3242 SHA256 1818aee4cb0d501542721468199e376b73c71d8635b178b6a8d7bd6aff49aa9d SHA512 995c240fc54681445f68f7681173e1e1860aaab309edc8ac3531881c63c8889f009a7fd622d37145e80fe187410b80c28554140d6a6660134ca87a1c8d13570d WHIRLPOOL c750d7ebb851a92a03c2530d5d47aa4fd51f8c759a97a2ca684d8a64416423b13eeb6f014cabea5125892b6ed48ba1f0f6e90baf6e88af21f659829803dadaa6 +AUX sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff 3245 SHA256 0105d924d9451531645a9957ec7d40228cf2a1cb4ccdf3d89ff255dfec0841b9 SHA512 87865e069f9c78990660cf29a37ba1ded7cc078ea8f05af63fc6068c470d1881181387477dccb830d96af05f352959181619380d61afccf3a11d213372e68852 WHIRLPOOL 288286a3cef3312eb26ced30f6ecc2b8821bfd1042b08b8cd6af3ab82e8f6ff2a638eb55c51e78fb874b12ed3834ebeccf0fe7ba5f65b01233660781732f7165 +AUX sysklogd-1.5-build.patch 626 SHA256 1395e48418e0790cec2a8af9a3821b5d2c0bafe11cd599e181f90f4e720835f6 SHA512 aa8ce937733bb24f6b4bc4a47e40df99697c554276a29a21201b76354b902875bbeb7387520f3b7f8e05a76b16d3c4431bf775c85480fd9e31b78d499b5605fa WHIRLPOOL 6a60b497629dd7396e9b6eb36e3abcb399b981b35c08ee55922f45104e3292d8d437bc7319032f28dbad6251bad142380b071c64188fe58628697abb5152f20a +AUX sysklogd-1.5-debian-cron.patch 913 SHA256 7667df1da0af05120d80f5622b830748b4831c4d555c28d38f3cad266a865b3f SHA512 5af0a61e5fb8dd78c30fa42d747b4de3a4f68b80b86a2f53447d2277c98d72972c242ffe5649c30a9f08f30e27974fd3bfe4a5537fa1c7b8658312b0550b28e0 WHIRLPOOL 3ef686ef93a068a98ef609a362d87c2bc1bf8d202ec08ffe25627417dd4972bd0d26bd20a13a8193fb8a72f5558ee09e53c30a063e3b3e59ca522f2db0f5c9d5 +AUX sysklogd-1.5-glibc-2.24.patch 279 SHA256 e9f9a0a29934a183ad1ad6266d0b3022843f1327125e09d5982fe367cdffffa3 SHA512 35d92a0f1665d38201bdb2f4d4c0e5f17a6086f7a38e489ac4820cdff166419992253fa6c73e321c73e209e4b41a6e2363e19060ef48f18fef8c5ea65ac2664e WHIRLPOOL 334e278121f988c0dcec23c7e9ccff32aace1719b62764659e48ce8493e921859af728c4467586f250a0cf25d9d10a3f6e6f2f3081eb9b33e6e9a85508ddf228 +AUX sysklogd-1.5-syslog-func-collision.patch 2273 SHA256 e035765eb6d7f013d42d872dc0561deac52dccaf00fa26e21504891b3e0ae14a SHA512 1fc3e215a45d95dd11ca2d1713f9a3f416e82b9d60127da62d904071f02ec1e934aa099a20d09a7c1eea37f9d93dbaa0e0ce8118af9b58b92d781cc26659e5fc WHIRLPOOL 2d1e25a2cc1ca3154d831db080036ca4c4de7a4c7958fd65cb4c246a313bd81076b95d8195f2448c7728daacb133983bff1da81a8138e7509d6a56e0ee0717ad +AUX sysklogd.confd 113 SHA256 11a1eeb9edd09639d5143227bada137945822b23c5abb88fec5ebaef064b991d SHA512 4553d85e93fb07e7d4a6ed0b47a3ea2044a5605adaac05223724c32a60bb8ae96d99ca95965c3931640beef234e976c1141b83f603aa8c6e8aca1dec20ca807c WHIRLPOOL 4785cb1036e25a15a11de75b68e46138563ed0a610ccc70454807e8c0b22235e40779910157ad5dce67d98d661b9a614a22cbf7c4f76db9df15cbafdb9733bfa +AUX sysklogd.logrotate 402 SHA256 2e864ce0e5a2ca2c7964f7dff0fe1a76a5dcb90d237c0df7c19fa9cc6b5cb5e4 SHA512 655b25bc92c6d73807b11b0d64f97d619c067efb9fc16ee9c2aba5ba349b13991a22c83e7adaafb95e17578b17992992cab16d18b7bdb2be7d4fc876df5824f7 WHIRLPOOL b03ff6ecdf95fc164e161389e51bcf6c38760815dbafab711f7e2a5720d939fb54dbef930d97c7d752262d5dcf840c2b9296c2f02190730083947bf682a958d9 +AUX sysklogd.rc7 1447 SHA256 704c5a7eb81023a8de4f5e0b2aee7f6701ffec2e5a49f62093e68c60864adb47 SHA512 f3c8f00fbf65833735d57927fe25c6299103bbc0b8fa548103b4f2f06f0dc2aa2276f12326ff7477f4ba491a96ccd30fe01cc53e841b0ccee83c4dacabb5a94e WHIRLPOOL b9a481d43e57288e08d3aa0bce58efb7dd4418759d15ed24aff6246da340736ff95dfe9392abbd235231d4dc7536c14098d6284e831394f09ff8a48022e6bdaf +DIST sysklogd-1.5.1.tar.gz 90011 SHA256 5166c185ae23c92e8b9feee66a6e3d0bc944bf673112f53e3ecf62e08ce7c201 SHA512 a72196a1a172d25be1c4791ef6256fe71fa2ba8c1383d230e646e93f8a65c3a57c535189726325da4c792fdb2e9cb119bba43c878816a8e78e78189fd32b12b7 WHIRLPOOL a9be298553e89d1b61f3ac4d5cfc6bd5662ab84d9120adfcdd6b8aaf5fe4d54d9e34ac19dab5c1738578af302597e424e95fc68345a1855e3be2760b093037ea +DIST sysklogd_1.5-6.diff.gz 25677 SHA256 1c5366865bd058530071a6071c317ab3562f33f4b0f3a934878cb97059fde20a SHA512 816961a835a43057569f62fd20d9f7b5e0bfcfcb173b68947457708504db3ce47e635956c8a9564f9bd577d8f3c49dfc725d321dfd3370b2de918363c30f838e WHIRLPOOL 0c330ed79b5a688ddec0a80e6333c181cfa297350ec9559166e5828d715a305b5b52eee5f7cc95f7b4ebccf03f21de594d428fa2b2ef117bd0a1630684c71364 +EBUILD sysklogd-1.5.1-r1.ebuild 1712 SHA256 e74362cbac8a71c7314362da8b11c5b74ff53493ce1060fe861114a7c636d503 SHA512 55596c949870980f4138387d382b51aefc37d53c03e61e75c50424bbd1049c0098dd26f039038252b2fb794f96ac1646da2054763d0965dc66c30064479b06ef WHIRLPOOL 47fff401109a4d1c1355fba66cad2aec19d4a30f3f11b6fb39c3ff4476f9bb5212d11f84f6626de785776fa4a0a3e6769b7f331280744e736208fe423b634097 +EBUILD sysklogd-1.5.1.ebuild 1640 SHA256 9a6b736f61db6b68bee7e91ce87a89ec5926553b4e5561f7de32c8e381e94fcd SHA512 7608dbe2f695a63775e89022088cb4f191f3100475f90c6d5194568661b7b9171c16ff6499a8b7344de7da4499127c41c442261ba5955e60f39468b6e4452248 WHIRLPOOL 6b7cd1b21fade85a28edb637eb9f5792ba992925d73b39bbd291a3a6988993b84ef24794fb35ee3911c6373fa098b6e3c60cddb63176646a1ff9655a842d8aa2 +MISC ChangeLog 3315 SHA256 4441e6ba58fddb02cd7f9822fc9358815aa787e77128cad32da43bd4cd41e350 SHA512 43cb2daa243d6b1df40b72fe86d1828aebc1ec4173335a50a08291dfbbd9dc7189aea26b9a7c7c7dd53741965dbb8acb93b4863bce696346866c00a85a0d49eb WHIRLPOOL d232d2a8d1a22ccfb315e5bcf06a122797a01655ab9cf5889a848cea90243466a52cbdaffbd3decc17d67c9c4022f87843aa8ffff91f4311e328ee5aee0b548b +MISC ChangeLog-2015 15635 SHA256 cfccc77a19c2729be872db0550b7e0f67c97a659803f2c82edf724c4622a9dd8 SHA512 51b47993682d6e95eccb280d1287f434c0571b92d81bfb12fa27bac13fd44d5736b3c895725ab7787b1a1701bd4ceb373e7a85483518c5f365c2910309694d73 WHIRLPOOL efd9b53f4b75b728f913efbf91e8921618bf85cb59c0bf7eb0db726fc4645740c75b30e89305aa090efabd74109fd1aa69fc1688f21d1b3b3efad7e7cd02c108 +MISC metadata.xml 378 SHA256 7f01137a34aaabb7e8b3acd0583f460cad4363610b52a0d83425454207da07f1 SHA512 9d7311cf197ebeec7e989d97d08a35360242ee0aa467e38e1715c6a425e1e279ddd75da8e2856c1238f357741d67bd67d07841425d7dcc3f8f964def8f02d15c WHIRLPOOL d2c6d06721d0b4df25114f1ef75f25999bfcdd3076f31cec2203075bf4215acabf5c31df9d71b8b5fa010d6b643a0fd064ba9d728cc2548133df2c1cbc573f2e diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff new file mode 100644 index 000000000000..40b8817d4e28 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff @@ -0,0 +1,162 @@ +http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-klogd-drop-root.diff?rev=1.2;content-type=text%2Fplain +diff -upk.orig sysklogd-1.4.2.orig/klogd.8 sysklogd-1.4.2/klogd.8 +--- sysklogd-1.4.2.orig/klogd.8 2005-03-11 16:12:09 +0000 ++++ sysklogd-1.4.2/klogd.8 2005-08-18 14:37:47 +0000 +@@ -18,6 +19,12 @@ klogd \- Kernel Log Daemon + .RB [ " \-f " + .I fname + ] ++.RB [ " \-u " ++.I username ++] ++.RB [ " \-j " ++.I chroot_dir ++] + .RB [ " \-iI " ] + .RB [ " \-n " ] + .RB [ " \-o " ] +@@ -53,6 +60,20 @@ stderr. + .BI "\-f " file + Log messages to the specified filename rather than to the syslog facility. + .TP ++.BI "\-u " username ++Tells klogd to become the specified user and drop root privileges before ++starting logging. ++.TP ++.BI "\-j " chroot_dir ++Tells klogd to ++.BR chroot (2) ++into this directory after initializing. ++This option is only valid if the \-u option is also used to run klogd ++without root privileges. ++Note that the use of this option will prevent \-i and \-I from working ++unless you set up the chroot directory in such a way that klogd can still ++read the kernel module symbols. ++.TP + .BI "\-i \-I" + Signal the currently executing klogd daemon. Both of these switches control + the loading/reloading of symbol information. The \-i switch signals the +diff -upk.orig sysklogd-1.4.2.orig/klogd.c sysklogd-1.4.2/klogd.c +--- sysklogd-1.4.2.orig/klogd.c 2005-08-18 12:29:52 +0000 ++++ sysklogd-1.4.2/klogd.c 2005-08-18 14:37:47 +0000 +@@ -261,6 +261,8 @@ + #include <stdarg.h> + #include <paths.h> + #include <stdlib.h> ++#include <pwd.h> ++#include <grp.h> + #include "klogd.h" + #include "ksyms.h" + #ifndef TESTING +@@ -315,6 +317,9 @@ static enum LOGSRC {none, proc, kernel} + int debugging = 0; + int symbols_twice = 0; + ++char *server_user = NULL; ++char *chroot_dir = NULL; ++int log_flags = 0; + + /* Function prototypes. */ + extern int ksyslog(int type, char *buf, int len); +@@ -535,8 +540,9 @@ static enum LOGSRC GetKernelLogSrc(void) + * First do a stat to determine whether or not the proc based + * file system is available to get kernel messages from. + */ +- if ( use_syscall || +- ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) ) ++ if (!server_user && ++ (use_syscall || ++ ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)))) + { + /* Initialize kernel logging. */ + ksyslog(1, NULL, 0); +@@ -983,6 +989,27 @@ static void LogProcLine(void) + } + + ++static int drop_root(void) ++{ ++ struct passwd *pw; ++ ++ if (!(pw = getpwnam(server_user))) return -1; ++ ++ if (!pw->pw_uid) return -1; ++ ++ if (chroot_dir) { ++ if (chdir(chroot_dir)) return -1; ++ if (chroot(".")) return -1; ++ } ++ ++ if (setgroups(0, NULL)) return -1; ++ if (setgid(pw->pw_gid)) return -1; ++ if (setuid(pw->pw_uid)) return -1; ++ ++ return 0; ++} ++ ++ + int main(argc, argv) + + int argc; +@@ -1000,7 +1027,7 @@ int main(argc, argv) + chdir ("/"); + #endif + /* Parse the command-line. */ +- while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF) ++ while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF) + switch((char)ch) + { + case '2': /* Print lines with symbols twice. */ +@@ -1022,6 +1049,10 @@ int main(argc, argv) + case 'I': + SignalDaemon(SIGUSR2); + return(0); ++ case 'j': /* chroot 'j'ail */ ++ chroot_dir = optarg; ++ log_flags |= LOG_NDELAY; ++ break; + case 'k': /* Kernel symbol file. */ + symfile = optarg; + break; +@@ -1037,6 +1068,9 @@ int main(argc, argv) + case 's': /* Use syscall interface. */ + use_syscall = 1; + break; ++ case 'u': /* Run as this user */ ++ server_user = optarg; ++ break; + case 'v': + printf("klogd %s.%s\n", VERSION, PATCHLEVEL); + exit (1); +@@ -1045,6 +1079,10 @@ int main(argc, argv) + break; + } + ++ if (chroot_dir && !server_user) { ++ fputs("'-j' is only valid with '-u'\n", stderr); ++ exit(1); ++ } + + /* Set console logging level. */ + if ( log_level != (char *) 0 ) +@@ -1158,7 +1196,7 @@ int main(argc, argv) + } + } + else +- openlog("kernel", 0, LOG_KERN); ++ openlog("kernel", log_flags, LOG_KERN); + + + /* Handle one-shot logging. */ +@@ -1191,6 +1229,11 @@ int main(argc, argv) + } + } + ++ if (server_user && drop_root()) { ++ syslog(LOG_ALERT, "klogd: failed to drop root"); ++ Terminate(); ++ } ++ + /* The main loop. */ + while (1) + { diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff new file mode 100644 index 000000000000..ad311a512c0f --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-bind.diff @@ -0,0 +1,103 @@ +http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-syslogd-bind.diff?rev=1.1;content-type=text%2Fplain +diff -upk.orig sysklogd-1.4.2.orig/sysklogd.8 sysklogd-1.4.2/sysklogd.8 +--- sysklogd-1.4.2.orig/sysklogd.8 2004-07-09 17:33:32 +0000 ++++ sysklogd-1.4.2/sysklogd.8 2005-08-18 14:40:25 +0000 +@@ -15,6 +15,9 @@ sysklogd \- Linux system logging utiliti + .I config file + ] + .RB [ " \-h " ] ++.RB [ " \-i " ++.I IP address ++] + .RB [ " \-l " + .I hostlist + ] +@@ -104,6 +107,13 @@ Specifying this switch on the command li + This can cause syslog loops that fill up hard disks quite fast and + thus needs to be used with caution. + .TP ++.BI "\-i " "IP address" ++If ++.B syslogd ++is configured to accept log input from a UDP port, specify an IP address ++to bind to, rather than the default of INADDR_ANY. The address must be in ++dotted quad notation, DNS host names are not allowed. ++.TP + .BI "\-l " "hostlist" + Specify a hostname that should be logged only with its simple hostname + and not the fqdn. Multiple hosts may be specified using the colon +diff -upk.orig sysklogd-1.4.2.orig/syslogd.c sysklogd-1.4.2/syslogd.c +--- sysklogd-1.4.2.orig/syslogd.c 2005-08-18 14:33:22 +0000 ++++ sysklogd-1.4.2/syslogd.c 2005-08-18 14:40:25 +0000 +@@ -774,6 +774,8 @@ char **LocalHosts = NULL; /* these hosts + int NoHops = 1; /* Can we bounce syslog messages through an + intermediate host. */ + ++char *bind_addr = NULL; /* bind UDP port to this interface only */ ++ + extern int errno; + + /* Function prototypes. */ +@@ -878,7 +880,7 @@ int main(argc, argv) + funix[i] = -1; + } + +- while ((ch = getopt(argc, argv, "a:dhf:l:m:np:rs:v")) != EOF) ++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF) + switch((char)ch) { + case 'a': + if (nfunix < MAXFUNIX) +@@ -895,9 +897,17 @@ int main(argc, argv) + case 'h': + NoHops = 0; + break; ++ case 'i': ++ if (bind_addr) { ++ fprintf(stderr, "Only one -i argument allowed, " ++ "the first one is taken.\n"); ++ break; ++ } ++ bind_addr = optarg; ++ break; + case 'l': + if (LocalHosts) { +- fprintf (stderr, "Only one -l argument allowed," \ ++ fprintf(stderr, "Only one -l argument allowed, " + "the first one is taken.\n"); + break; + } +@@ -1244,7 +1254,7 @@ int main(argc, argv) + int usage() + { + fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ +- " [-s domainlist] [-f conffile]\n"); ++ " [-s domainlist] [-f conffile] [-i IP address]\n"); + exit(1); + } + +@@ -1286,15 +1296,22 @@ static int create_inet_socket() + int fd, on = 1; + struct sockaddr_in sin; + ++ memset(&sin, 0, sizeof(sin)); ++ sin.sin_family = AF_INET; ++ sin.sin_port = LogPort; ++ if (bind_addr) { ++ if (!inet_aton(bind_addr, &sin.sin_addr)) { ++ logerror("syslog: not a valid IP address to bind to."); ++ return -1; ++ } ++ } ++ + fd = socket(AF_INET, SOCK_DGRAM, 0); + if (fd < 0) { + logerror("syslog: Unknown protocol, suspending inet service."); + return fd; + } + +- memset(&sin, 0, sizeof(sin)); +- sin.sin_family = AF_INET; +- sin.sin_port = LogPort; + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, \ + (char *) &on, sizeof(on)) < 0 ) { + logerror("setsockopt(REUSEADDR), suspending inet"); diff --git a/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff new file mode 100644 index 000000000000..8c3f571f3ca2 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff @@ -0,0 +1,118 @@ +http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/sysklogd/sysklogd-1.4.2-caen-owl-syslogd-drop-root.diff?rev=1.1;content-type=text%2Fplain +diff -upk.orig sysklogd-1.4.2.orig/sysklogd.8 sysklogd-1.4.2/sysklogd.8 +--- sysklogd-1.4.2.orig/sysklogd.8 2005-08-18 14:40:25 +0000 ++++ sysklogd-1.4.2/sysklogd.8 2005-08-18 14:41:26 +0000 +@@ -32,6 +32,9 @@ sysklogd \- Linux system logging utiliti + .RB [ " \-s " + .I domainlist + ] ++.RB [ " \-u" ++.IB username ++] + .RB [ " \-v " ] + .LP + .SH DESCRIPTION +@@ -161,6 +164,19 @@ is specified and the host logging resolv + no domain would be cut, you will have to specify two domains like: + .BR "\-s north.de:infodrom.north.de" . + .TP ++.BI "\-u " "username" ++This causes the ++.B syslogd ++daemon to become the named user before starting up logging. ++ ++Note that when this option is in use, ++.B syslogd ++will open all log files as root when the daemon is first started; ++however, after a ++.B SIGHUP ++the files will be reopened as the non-privileged user. You should ++take this into account when deciding the ownership of the log files. ++.TP + .B "\-v" + Print version and exit. + .LP +diff -upk.orig sysklogd-1.4.2.orig/syslogd.c sysklogd-1.4.2/syslogd.c +--- sysklogd-1.4.2.orig/syslogd.c 2005-08-18 14:40:25 +0000 ++++ sysklogd-1.4.2/syslogd.c 2005-08-18 14:41:26 +0000 +@@ -524,6 +524,10 @@ static char sccsid[] = "@(#)syslogd.c 5. + #include <arpa/nameser.h> + #include <arpa/inet.h> + #include <resolv.h> ++ ++#include <pwd.h> ++#include <grp.h> ++ + #ifndef TESTING + #include "pidfile.h" + #endif +@@ -775,6 +779,7 @@ int NoHops = 1; /* Can we bounce syslog + intermediate host. */ + + char *bind_addr = NULL; /* bind UDP port to this interface only */ ++char *server_user = NULL; /* user name to run server as */ + + extern int errno; + +@@ -827,6 +832,21 @@ static int set_nonblock_flag(int desc) + return fcntl(desc, F_SETFL, flags | O_NONBLOCK); + } + ++static int drop_root(void) ++{ ++ struct passwd *pw; ++ ++ if (!(pw = getpwnam(server_user))) return -1; ++ ++ if (!pw->pw_uid) return -1; ++ ++ if (initgroups(server_user, pw->pw_gid)) return -1; ++ if (setgid(pw->pw_gid)) return -1; ++ if (setuid(pw->pw_uid)) return -1; ++ ++ return 0; ++} ++ + int main(argc, argv) + int argc; + char **argv; +@@ -880,7 +900,7 @@ int main(argc, argv) + funix[i] = -1; + } + +- while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:v")) != EOF) ++ while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF) + switch((char)ch) { + case 'a': + if (nfunix < MAXFUNIX) +@@ -933,6 +953,9 @@ int main(argc, argv) + } + StripDomains = crunch_list(optarg); + break; ++ case 'u': ++ server_user = optarg; ++ break; + case 'v': + printf("syslogd %s.%s\n", VERSION, PATCHLEVEL); + exit (0); +@@ -1100,6 +1123,11 @@ int main(argc, argv) + kill (ppid, SIGTERM); + #endif + ++ if (server_user && drop_root()) { ++ dprintf("syslogd: failed to drop root\n"); ++ exit(1); ++ } ++ + /* Main loop begins here. */ + for (;;) { + int nfds; +@@ -1254,7 +1282,7 @@ int main(argc, argv) + int usage() + { + fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ +- " [-s domainlist] [-f conffile] [-i IP address]\n"); ++ " [-s domainlist] [-f conffile] [-i IP address] [-u username]\n"); + exit(1); + } + diff --git a/app-admin/sysklogd/files/sysklogd-1.5-build.patch b/app-admin/sysklogd/files/sysklogd-1.5-build.patch new file mode 100644 index 000000000000..12f4822cd265 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.5-build.patch @@ -0,0 +1,20 @@ +respect env CC/CFLAGS/CPPFLAGS/LDFLAGS + +--- Makefile ++++ Makefile +@@ -17,14 +17,12 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +-CC= gcc + #SKFLAGS= -g -DSYSV -Wall + #LDFLAGS= -g +-SKFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce ++SKFLAGS= $(CFLAGS) $(CPPFLAGS) -DSYSV -Wall -fno-strength-reduce + # -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE + # -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE + # $(shell getconf LFS_SKFLAGS) +-LDFLAGS= -s + + # Look where your install program is. + INSTALL = /usr/bin/install diff --git a/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch b/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch new file mode 100644 index 000000000000..7f6c2a79b0b2 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.5-debian-cron.patch @@ -0,0 +1,38 @@ +--- debian/cron.daily ++++ debian/cron.daily +@@ -20,10 +20,6 @@ + # Written by Martin Schulze <joey@debian.org>. + # $Id: cron.daily,v 1.14 2007-05-28 16:33:34 joey Exp $ + +-test -x /usr/sbin/syslogd-listfiles || exit 0 +-test -x /sbin/syslogd || exit 0 +-test -f /usr/share/sysklogd/dummy || exit 0 +- + set -e + + cd /var/log +@@ -41,4 +37,4 @@ + + # Restart syslogd + # +-/etc/init.d/sysklogd reload-or-restart > /dev/null ++/etc/init.d/sysklogd --quiet reload +--- debian/cron.weekly ++++ debian/cron.weekly +@@ -19,10 +19,6 @@ + # Written by Ian A. Murdock <imurdock@debian.org>. + # $Id: cron.weekly,v 1.11 2007-05-28 16:33:34 joey Exp $ + +-test -x /usr/sbin/syslogd-listfiles || exit 0 +-test -x /sbin/syslogd || exit 0 +-test -f /usr/share/sysklogd/dummy || exit 0 +- + set -e + + cd /var/log +@@ -40,4 +36,4 @@ + + # Restart syslogd + # +-/etc/init.d/sysklogd reload-or-restart > /dev/null ++/etc/init.d/sysklogd --quiet reload diff --git a/app-admin/sysklogd/files/sysklogd-1.5-glibc-2.24.patch b/app-admin/sysklogd/files/sysklogd-1.5-glibc-2.24.patch new file mode 100644 index 000000000000..fcddb7574590 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.5-glibc-2.24.patch @@ -0,0 +1,11 @@ +--- sysklogd-1.5.1/syslogd.c ++++ sysklogd-1.5.1/syslogd.c +@@ -2094,7 +2094,7 @@ + (void) signal(SIGCHLD, reapchild); /* reset signal handler -ASP */ + wait ((int *)0); + #else +- union wait status; ++ int status; + + while (wait3(&status, WNOHANG, (struct rusage *) NULL) > 0) + ; diff --git a/app-admin/sysklogd/files/sysklogd-1.5-syslog-func-collision.patch b/app-admin/sysklogd/files/sysklogd-1.5-syslog-func-collision.patch new file mode 100644 index 000000000000..76912a265565 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd-1.5-syslog-func-collision.patch @@ -0,0 +1,103 @@ +http://bugs.gentoo.org/342601 + +rename local "syslog" and "vsyslog" functions to avoid conflicts with glibc's + +patch by Dmitriy Matrosov + +--- sysklogd-1.5/klogd.c ++++ sysklogd-1.5/klogd.c +@@ -258,7 +262,6 @@ + #if !defined(__GLIBC__) + #include <linux/time.h> + #endif /* __GLIBC__ */ +-#include <stdarg.h> + #include <paths.h> + #include <stdlib.h> + #include <pwd.h> +@@ -637,7 +640,7 @@ + } + argl += 3; + } +- syslog(priority, fmt, argl); ++ syslog_own(priority, fmt, argl); + va_end(ap); + #ifdef TESTING + putchar('\n'); +@@ -646,7 +649,7 @@ + } + + va_start(ap, fmt); +- vsyslog(priority, fmt, ap); ++ vsyslog_own(priority, fmt, ap); + va_end(ap); + #ifdef TESTING + printf ("\n"); +@@ -1205,7 +1208,7 @@ + } + + if (server_user && drop_root()) { +- syslog(LOG_ALERT, "klogd: failed to drop root"); ++ syslog_own(LOG_ALERT, "klogd: failed to drop root"); + Terminate(); + } + +--- sysklogd-1.5/klogd.h ++++ sysklogd-1.5/klogd.h +@@ -24,6 +24,7 @@ + #include <stdio.h> + #include <syslog.h> + #include <string.h> ++#include <stdarg.h> + + + /* Function prototypes. */ +@@ -38,3 +43,5 @@ + extern char * ExpandKadds(char *, char *); + extern void SetParanoiaLevel(int); + extern void Syslog(int priority, char *fmt, ...); ++extern void syslog_own(int, const char *, ...); ++extern void vsyslog_own(int, const char *, va_list); +--- sysklogd-1.5/ksym_mod.c ++++ sysklogd-1.5/ksym_mod.c +@@ -95,7 +98,6 @@ + #if !defined(__GLIBC__) + #include <linux/time.h> + #endif /* __GLIBC__ */ +-#include <stdarg.h> + #include <paths.h> + #include <linux/version.h> + +--- sysklogd-1.5/syslog.c ++++ sysklogd-1.5/syslog.c +@@ -75,6 +79,10 @@ + + #define _PATH_LOGNAME "/dev/log" + ++ ++void syslog_own(int, const char *, ...); ++void vsyslog_own(int, const char *, va_list); ++ + static int LogFile = -1; /* fd for log */ + static int connected; /* have done connect */ + static int LogStat = 0; /* status bits, set by openlog() */ +@@ -82,17 +90,17 @@ + static int LogFacility = LOG_USER; /* default facility code */ + + void +-syslog(int pri, const char *fmt, ...) ++syslog_own(int pri, const char *fmt, ...) + { + va_list ap; + + va_start(ap, fmt); +- vsyslog(pri, fmt, ap); ++ vsyslog_own(pri, fmt, ap); + va_end(ap); + } + + void +-vsyslog(pri, fmt, ap) ++vsyslog_own(pri, fmt, ap) + int pri; + const char *fmt; + va_list ap; diff --git a/app-admin/sysklogd/files/sysklogd.confd b/app-admin/sysklogd/files/sysklogd.confd new file mode 100644 index 000000000000..c9735739117d --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd.confd @@ -0,0 +1,6 @@ +# Config file for /etc/init.d/sysklogd + +SYSLOGD="-m 0" +# send warnings and above to the console +KLOGD="-c 3 -2" + diff --git a/app-admin/sysklogd/files/sysklogd.logrotate b/app-admin/sysklogd/files/sysklogd.logrotate new file mode 100644 index 000000000000..8148a2ab2948 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd.logrotate @@ -0,0 +1,8 @@ +/var/log/auth.log /var/log/daemon.log /var/log/debug /var/log/kern.log /var/log/lpr.log /var/log/mail.err /var/log/mail.info /var/log/mail.log /var/log/mail.warn /var/log/messages /var/log/news/news.crit /var/log/news/news.err /var/log/news/news.notice /var/log/syslog /var/log/user.log { + create 640 root root + sharedscripts + missingok + postrotate + /etc/init.d/sysklogd -q reload + endscript +} diff --git a/app-admin/sysklogd/files/sysklogd.rc7 b/app-admin/sysklogd/files/sysklogd.rc7 new file mode 100644 index 000000000000..787fe3d752d7 --- /dev/null +++ b/app-admin/sysklogd/files/sysklogd.rc7 @@ -0,0 +1,74 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later + +extra_started_commands="reload" + +depend() { + need clock hostname + provide logger +} + +start_daemon() { + local retval=0 + local daemon="$1" + local options="$2" + + [ -z "${daemon}" ] && return 1 + + ebegin "sysklogd -> start: ${daemon}" + start-stop-daemon --start --exec /usr/sbin/"${daemon}" \ + --pidfile /var/run/"${daemon}".pid -- ${options} + retval=$? + eend ${retval} "Failed to start ${daemon}" + + return ${retval} +} + +stop_daemon() { + local retval=0 + local daemon="$1" + + [ -z "${daemon}" ] && return 1 + + ebegin "sysklogd -> stop: ${daemon}" + # syslogd can be stubborn some times (--retry 15)... + start-stop-daemon --stop --retry 15 --quiet --pidfile /var/run/"${daemon}".pid + retval=$? + eend ${retval} "Failed to stop ${daemon}" + + return ${retval} +} + +start() { + start_daemon "syslogd" "${SYSLOGD}" || return 1 + + # klogd do not always start proper if started too early + sleep 1 + + if ! start_daemon "klogd" "${KLOGD}" ; then + stop_daemon "syslogd" + return 1 + fi + + return 0 +} + +stop() { + stop_daemon "klogd" || return 1 + stop_daemon "syslogd" || return 1 + return 0 +} + +reload() { + local ret=0 + + ebegin "Reloading configuration" + + start-stop-daemon --signal HUP --pidfile /var/run/syslogd.pid + ret=$((${ret} + $?)) + start-stop-daemon --signal USR1 --pidfile /var/run/klogd.pid + ret=$((${ret} + $?)) + + eend ${ret} +} diff --git a/app-admin/sysklogd/metadata.xml b/app-admin/sysklogd/metadata.xml new file mode 100644 index 000000000000..094ccd37b3fd --- /dev/null +++ b/app-admin/sysklogd/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="project"> + <email>base-system@gentoo.org</email> + <name>Gentoo Base System</name> + </maintainer> + <use> + <flag name="logrotate">use app-admin/logrotate for rotating logs rather than custom cron scripts</flag> + </use> +</pkgmetadata> diff --git a/app-admin/sysklogd/sysklogd-1.5.1-r1.ebuild b/app-admin/sysklogd/sysklogd-1.5.1-r1.ebuild new file mode 100644 index 000000000000..84b9d1750410 --- /dev/null +++ b/app-admin/sysklogd/sysklogd-1.5.1-r1.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils flag-o-matic toolchain-funcs + +DEB_PV="1.5-6" +DESCRIPTION="Standard log daemons" +HOMEPAGE="http://www.infodrom.org/projects/sysklogd/" +SRC_URI="http://www.infodrom.org/projects/sysklogd/download/${P}.tar.gz + mirror://debian/pool/main/s/sysklogd/${PN}_${DEB_PV}.diff.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="logrotate" +RESTRICT="test" + +DEPEND="" +RDEPEND="dev-lang/perl + sys-apps/debianutils" + +DOCS=( ANNOUNCE CHANGES NEWS README.1st README.linux ) + +PATCHES=( + "${WORKDIR}"/${PN}_${DEB_PV}.diff + + "${FILESDIR}"/${PN}-1.5-debian-cron.patch + "${FILESDIR}"/${PN}-1.5-build.patch + + # CAEN/OWL security patches + "${FILESDIR}"/${PN}-1.4.2-caen-owl-syslogd-bind.diff + "${FILESDIR}"/${PN}-1.4.2-caen-owl-syslogd-drop-root.diff + "${FILESDIR}"/${PN}-1.4.2-caen-owl-klogd-drop-root.diff + + "${FILESDIR}"/${PN}-1.5-syslog-func-collision.patch #342601 + "${FILESDIR}"/${PN}-1.5-glibc-2.24.patch #604232 +) + +src_prepare() { + epatch "${PATCHES[@]}" +} + +src_configure() { + append-lfs-flags + tc-export CC +} + +src_install() { + dosbin syslogd klogd debian/syslog-facility debian/syslogd-listfiles + doman *.[1-9] debian/syslogd-listfiles.8 + insinto /etc + doins debian/syslog.conf + if use logrotate ; then + insinto /etc/logrotate.d + newins "${FILESDIR}"/sysklogd.logrotate sysklogd + else + exeinto /etc/cron.daily + newexe debian/cron.daily syslog + exeinto /etc/cron.weekly + newexe debian/cron.weekly syslog + fi + + einstalldocs + + newinitd "${FILESDIR}"/sysklogd.rc7 sysklogd + newconfd "${FILESDIR}"/sysklogd.confd sysklogd +} diff --git a/app-admin/sysklogd/sysklogd-1.5.1.ebuild b/app-admin/sysklogd/sysklogd-1.5.1.ebuild new file mode 100644 index 000000000000..99df849cf104 --- /dev/null +++ b/app-admin/sysklogd/sysklogd-1.5.1.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs + +DEB_PV="1.5-6" +DESCRIPTION="Standard log daemons" +HOMEPAGE="http://www.infodrom.org/projects/sysklogd/" +SRC_URI="http://www.infodrom.org/projects/sysklogd/download/${P}.tar.gz + mirror://debian/pool/main/s/sysklogd/${PN}_${DEB_PV}.diff.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86" +IUSE="logrotate" +RESTRICT="test" + +DEPEND="" +RDEPEND="dev-lang/perl + sys-apps/debianutils" + +src_prepare() { + epatch "${WORKDIR}"/${PN}_${DEB_PV}.diff + + epatch "${FILESDIR}"/${PN}-1.5-debian-cron.patch + epatch "${FILESDIR}"/${PN}-1.5-build.patch + + # CAEN/OWL security patches + epatch "${FILESDIR}"/${PN}-1.4.2-caen-owl-syslogd-bind.diff + epatch "${FILESDIR}"/${PN}-1.4.2-caen-owl-syslogd-drop-root.diff + epatch "${FILESDIR}"/${PN}-1.4.2-caen-owl-klogd-drop-root.diff + + epatch "${FILESDIR}"/${PN}-1.5-syslog-func-collision.patch #342601 +} + +src_configure() { + append-lfs-flags + tc-export CC +} + +src_install() { + dosbin syslogd klogd debian/syslog-facility debian/syslogd-listfiles + doman *.[1-9] debian/syslogd-listfiles.8 + insinto /etc + doins debian/syslog.conf + if use logrotate ; then + insinto /etc/logrotate.d + newins "${FILESDIR}"/sysklogd.logrotate sysklogd + else + exeinto /etc/cron.daily + newexe debian/cron.daily syslog + exeinto /etc/cron.weekly + newexe debian/cron.weekly syslog + fi + dodoc ANNOUNCE CHANGES NEWS README.1st README.linux + newinitd "${FILESDIR}"/sysklogd.rc7 sysklogd + newconfd "${FILESDIR}"/sysklogd.confd sysklogd +} |