Hi,
When syslogd(8) parent exists, the file cleanup code does not work
anymore. unveil(2) prevents removal.
Removing the UNIX domain sockets is not necessary. They are harmless
and unlinked before a new bind. I removed that code.
/var/run/syslog.pid is a common feature so we want to keep it.
Removing a stale pid file is a good idea. Adding a constant path
to unveil is not a risk. So I added a unveil for delete.
Note that the current implemetation triggers a vnode leak in the
kernel. But that is another story.
ok?
bluhm
Index: usr.sbin/syslogd/privsep.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/privsep.c,v
retrieving revision 1.70
diff -u -p -r1.70 privsep.c
--- usr.sbin/syslogd/privsep.c 28 Jun 2019 13:32:51 -0000 1.70
+++ usr.sbin/syslogd/privsep.c 4 Jul 2019 20:57:01 -0000
@@ -190,6 +190,8 @@ priv_exec(char *conf, int numeric, int c
err(1, "unveil");
if (unveil(_PATH_DEV, "rw") == -1)
err(1, "unveil");
+ if (unveil(_PATH_LOGPID, "c") == -1)
+ err(1, "unveil");
/* for pipes */
if (unveil(_PATH_BSHELL, "x") == -1)
@@ -431,12 +433,6 @@ priv_exec(char *conf, int numeric, int c
}
close(sock);
-
- /* Unlink any domain sockets that have been opened */
- for (i = 0; i < nunix; i++)
- (void)unlink(path_unix[i]);
- if (path_ctlsock != NULL)
- (void)unlink(path_ctlsock);
if (restart) {
int status;
Index: usr.sbin/syslogd/syslogd.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.261
diff -u -p -r1.261 syslogd.c
--- usr.sbin/syslogd/syslogd.c 2 Jul 2019 13:17:27 -0000 1.261
+++ usr.sbin/syslogd/syslogd.c 4 Jul 2019 21:03:09 -0000
@@ -215,8 +215,6 @@ char *TypeNames[] = {
SIMPLEQ_HEAD(filed_list, filed) Files;
struct filed consfile;
-int nunix; /* Number of Unix domain sockets requested */
-char **path_unix; /* Paths to Unix domain sockets */
int Debug; /* debug flag */
int Foreground; /* run in foreground, instead of daemonizing */
char LocalHostName[HOST_NAME_MAX+1]; /* our hostname */
@@ -233,7 +231,6 @@ int NoDNS = 0; /* when true, refrain fr
int ZuluTime = 0; /* display date and time in UTC ISO format */
int IncludeHostname = 0; /* include RFC 3164 hostnames when forwarding */
int Family = PF_UNSPEC; /* protocol family, may disable IPv4 or IPv6 */
-char *path_ctlsock = NULL; /* Path to control socket */
struct tls *server_ctx;
struct tls_config *client_config, *server_config;
@@ -372,7 +369,8 @@ main(int argc, char *argv[])
int ch, i;
int lockpipe[2] = { -1, -1}, pair[2], nullfd, fd;
int fd_ctlsock, fd_klog, fd_sendsys, *fd_bind, *fd_listen;
- int *fd_tls, *fd_unix, nbind, nlisten, ntls;
+ int *fd_tls, *fd_unix, nunix, nbind, nlisten, ntls;
+ char **path_unix, *path_ctlsock;
char **bind_host, **bind_port, **listen_host, **listen_port;
char *tls_hostport, **tls_host, **tls_port;
@@ -386,6 +384,7 @@ main(int argc, char *argv[])
err(1, "malloc %s", _PATH_LOG);
path_unix[0] = _PATH_LOG;
nunix = 1;
+ path_ctlsock = NULL;
bind_host = listen_host = tls_host = NULL;
bind_port = listen_port = tls_port = NULL;
Index: usr.sbin/syslogd/syslogd.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.h,v
retrieving revision 1.32
diff -u -p -r1.32 syslogd.h
--- usr.sbin/syslogd/syslogd.h 5 Oct 2017 16:15:24 -0000 1.32
+++ usr.sbin/syslogd/syslogd.h 4 Jul 2019 20:57:24 -0000
@@ -44,11 +44,6 @@ void ttymsg(struct iovec *, int, char *)
void send_fd(int, int);
int receive_fd(int);
-/* The list of domain sockets */
-extern int nunix;
-extern char **path_unix;
-extern char *path_ctlsock;
-
#define ERRBUFSIZE 256
void vlogmsg(int pri, const char *, const char *, va_list);
__dead void die(int);
