git: 5d045d556b1c - main - syslogd: Ignore getaddrinfo() errors if -ss is specified
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 19 Sep 2024 10:02:27 UTC
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=5d045d556b1cfeb1487d49017b536afb3df105d3 commit 5d045d556b1cfeb1487d49017b536afb3df105d3 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2024-09-19 10:00:33 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2024-09-19 10:01:37 +0000 syslogd: Ignore getaddrinfo() errors if -ss is specified This can arise if the jail doesn't have networking configured, and if -ss is specified, syslogd won't listen on port 514 anyway. Add a regression test case for this as well. PR: 238006 MFC after: 1 month --- usr.sbin/syslogd/syslogd.c | 8 ++++++++ usr.sbin/syslogd/tests/syslogd_test.sh | 34 +++++++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 7770e97e7a2d..12fa61b01bad 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -548,6 +548,14 @@ addsock(const char *name, const char *serv, mode_t mode) if (serv == NULL) serv = "syslog"; error = getaddrinfo(name, serv, &hints, &res0); + if (error == EAI_NONAME && name == NULL && SecureMode > 1) { + /* + * If we're in secure mode, we won't open inet sockets anyway. + * This failure can arise legitimately when running in a jail + * without networking. + */ + return; + } if (error) { asprintf(&msgbuf, "getaddrinfo failed for %s%s: %s", name == NULL ? "" : name, serv, diff --git a/usr.sbin/syslogd/tests/syslogd_test.sh b/usr.sbin/syslogd/tests/syslogd_test.sh index e4927868e47f..08e6d76b9ba6 100644 --- a/usr.sbin/syslogd/tests/syslogd_test.sh +++ b/usr.sbin/syslogd/tests/syslogd_test.sh @@ -22,7 +22,13 @@ readonly SYSLOGD_LOCAL_PRIVSOCKET="${PWD}/logpriv.sock" # Start a private syslogd instance. syslogd_start() { - syslogd \ + local jail + + if [ "$1" = "-j" ]; then + jail="jexec $2" + shift 2 + fi + $jail syslogd \ -b ":${SYSLOGD_UDP_PORT}" \ -C \ -d \ @@ -288,6 +294,31 @@ pipe_action_cleanup() syslogd_stop } +atf_test_case "jail_noinet" "cleanup" +jail_noinet_head() +{ + atf_set descr "syslogd -ss can be run in a jail without INET support" + atf_set require.user root +} +jail_noinet_body() +{ + local logfile + + atf_check jail -c name=syslogd_noinet persist + + logfile="${PWD}/jail_noinet.log" + printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" + syslogd_start -j syslogd_noinet -ss + + syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}" \ + "hello, world" + atf_check -s exit:0 -o match:"test: hello, world" cat "${logfile}" +} +jail_noinet_cleanup() +{ + jail -r syslogd_noinet +} + atf_init_test_cases() { atf_add_test_case "basic" @@ -296,4 +327,5 @@ atf_init_test_cases() atf_add_test_case "host_filter" atf_add_test_case "prop_filter" atf_add_test_case "pipe_action" + atf_add_test_case "jail_noinet" }