git: 9ecbda844643 - stable/13 - syslogd: Ignore getaddrinfo() errors if -ss is specified
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 19 Oct 2024 13:18:00 UTC
The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=9ecbda844643f19aba4c1652b2f9db7c8427d336 commit 9ecbda844643f19aba4c1652b2f9db7c8427d336 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2024-09-19 10:00:33 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2024-10-19 13:17:51 +0000 syslogd: Ignore getaddrinfo() errors if -ss is specified This can arise if the jail doesn't have networking configured, and if -ss is specified, syslogd won't listen on port 514 anyway. Add a regression test case for this as well. PR: 238006 MFC after: 1 month (cherry picked from commit 5d045d556b1cfeb1487d49017b536afb3df105d3) --- usr.sbin/syslogd/syslogd.c | 8 ++++++++ usr.sbin/syslogd/tests/syslogd_test.sh | 34 +++++++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 02f8aa39afe8..e78e2327be3b 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -3825,6 +3825,14 @@ socksetup(struct peer *pe) if (pe->pe_serv == NULL) pe->pe_serv = "syslog"; error = getaddrinfo(pe->pe_name, pe->pe_serv, &hints, &res0); + if (error == EAI_NONAME && pe->pe_name == NULL && SecureMode > 1) { + /* + * If we're in secure mode, we won't open inet sockets anyway. + * This failure can arise legitimately when running in a jail + * without networking. + */ + return (0); + } if (error) { char *msgbuf; diff --git a/usr.sbin/syslogd/tests/syslogd_test.sh b/usr.sbin/syslogd/tests/syslogd_test.sh index e4927868e47f..08e6d76b9ba6 100644 --- a/usr.sbin/syslogd/tests/syslogd_test.sh +++ b/usr.sbin/syslogd/tests/syslogd_test.sh @@ -22,7 +22,13 @@ readonly SYSLOGD_LOCAL_PRIVSOCKET="${PWD}/logpriv.sock" # Start a private syslogd instance. syslogd_start() { - syslogd \ + local jail + + if [ "$1" = "-j" ]; then + jail="jexec $2" + shift 2 + fi + $jail syslogd \ -b ":${SYSLOGD_UDP_PORT}" \ -C \ -d \ @@ -288,6 +294,31 @@ pipe_action_cleanup() syslogd_stop } +atf_test_case "jail_noinet" "cleanup" +jail_noinet_head() +{ + atf_set descr "syslogd -ss can be run in a jail without INET support" + atf_set require.user root +} +jail_noinet_body() +{ + local logfile + + atf_check jail -c name=syslogd_noinet persist + + logfile="${PWD}/jail_noinet.log" + printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" + syslogd_start -j syslogd_noinet -ss + + syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}" \ + "hello, world" + atf_check -s exit:0 -o match:"test: hello, world" cat "${logfile}" +} +jail_noinet_cleanup() +{ + jail -r syslogd_noinet +} + atf_init_test_cases() { atf_add_test_case "basic" @@ -296,4 +327,5 @@ atf_init_test_cases() atf_add_test_case "host_filter" atf_add_test_case "prop_filter" atf_add_test_case "pipe_action" + atf_add_test_case "jail_noinet" }