Hello All,
I want to listen to /dev/log. For that I am using the following code.
Please let me know whats the issue in the following code snip. Code I am running with root user.
Thanks, wasim
if ((sockfd = socket(AF_UNIX,SOCK_STREAM, 0)) == -1) { printf("Failed To open AF_UNIX Socket"); return -1; } sunx.sun_family = AF_UNIX; strncpy(sunx.sun_path, PR_PATH_LOG, sizeof(sunx.sun_path)); /*if (connect(sockfd, &syslog_addr, sizeof(syslog_addr)) == -1) { //Connect call goes successful, But after that I am not able to recv any data.*/ if (bind(sockfd, (struct sockaddr *) &sunx,sizeof(sunx.sun_family)+strlen(sunx.sun_path)) < 0) { /* bind fails saying 98 : Address already in use Even if I kill syslogd*/ printf("Connect failed with the errno %s %d : %s\n",PR_PATH_LOG, errno,strerror(errno)); close(sockfd); }
if(recv( sockfd, (void *) buff, 1024,0) <=0) /* recv never come out if I use connect even after I do logger */ { printf("Error in recv call... errno = %d : %s : %s\n", errno, strerror(errno),buff); break; }
On 07/22/2010 02:29 AM, Mansuri, Wasim (NSN - IN/Bangalore) wrote:
Hello All,
I want to listen to /dev/log. For that I am using the following code.
Please let me know whats the issue in the following code snip. Code I am running with root user.
Thanks, wasim
if ((sockfd = socket(AF_UNIX,SOCK_STREAM, 0)) == -1) { printf("Failed To open AF_UNIX Socket"); return -1; } sunx.sun_family = AF_UNIX; strncpy(sunx.sun_path, PR_PATH_LOG, sizeof(sunx.sun_path)); /*if (connect(sockfd, &syslog_addr, sizeof(syslog_addr)) == -1) { //Connect call goes successful, But after that I am not able to recv any data.*/ if (bind(sockfd, (struct sockaddr *) &sunx,sizeof(sunx.sun_family)+strlen(sunx.sun_path)) < 0) { /* bind fails saying 98 : Address already in use Even if I kill syslogd*/ printf("Connect failed with the errno %s %d : %s\n",PR_PATH_LOG, errno,strerror(errno)); close(sockfd); }
if(recv( sockfd, (void *) buff, 1024,0) <=0) /* recv never come out if I use connect even after I do logger */ { printf("Error in recv call... errno = %d : %s : %s\n", errno, strerror(errno),buff); break; }
I'm not 100% understanding exactly what you want to do. First, I think you should use 'PF-INET' not 'AF_UNIX'. In any case, the sequence of calls should be: socket(2), bind(2), listen(2), accept(2), recv(2).
The connect(2) function is used on the sending side.
You can use the lsof(8) command to see if that socket is already in use.
On 07/21/2010 11:29 PM, Mansuri, Wasim (NSN - IN/Bangalore) wrote:
Hello All,
I want to listen to /dev/log. For that I am using the following code.
Please let me know whats the issue in the following code snip. Code I am running with root user.
Thanks, wasim
if ((sockfd = socket(AF_UNIX,SOCK_STREAM, 0)) == -1) { printf("Failed To open AF_UNIX Socket"); return -1; } sunx.sun_family = AF_UNIX; strncpy(sunx.sun_path, PR_PATH_LOG, sizeof(sunx.sun_path)); /*if (connect(sockfd,&syslog_addr, sizeof(syslog_addr)) == -1) { //Connect call goes successful, But after that I am not able to recv any data.*/ if (bind(sockfd, (struct sockaddr *)&sunx,sizeof(sunx.sun_family)+strlen(sunx.sun_path))< 0) { /* bind fails saying 98 : Address already in use Even if I kill syslogd*/ printf("Connect failed with the errno %s %d : %s\n",PR_PATH_LOG, errno,strerror(errno)); close(sockfd); }
if(recv( sockfd, (void *) buff, 1024,0)<=0) /* recv never come out if I use connect even after I do logger */ { printf("Error in recv call... errno = %d : %s : %s\n", errno, strerror(errno),buff); break; }
I can see a couple of things. First, [r|ng]syslogd _listens_ to /dev/log, it is not the output. If you want to log things, you write to /dev/log and syslogd will log it. This, for example, is how the utility "logger(1)" works. If you're trying to monitor what's being fed _to_ [r|ng]syslogd, this probably won't work as syslogd has already opened the socket for read.
Second, If you're going to do a bind(), you must do it before the connect(), not after.
Third, a bind() is not necessary if you are a client--only if you're the server. You can bind() as a client if you wish to have a specific address assigned to you. However your code is trying to use the already existing data for syslogd. You'd need to create a unique pathname to bind to you.
---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, C2 Hosting ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "Celibacy is not hereditary." - - -- Guy Goden - ----------------------------------------------------------------------
I am working on some network server which has to monitor the os events and report it to some GUI. For that I want to read the /dev/log and process it and report it to the GUI.
So here my aim is not to write but I want to read the messages coming to /dev/log. I made some changes in the code which I pasted in my first post. And found out working with some limitation. My program has to come up before the syslogd comes up. And second is once I bind and start reading syslogd is not able to read anything with which I can not live with.
Now I want to know, Is there any possiblity that My program and syslogd both can listen and read the messages? I mean once I or syslogd reads message buffre for /dev/log does not emptied. I don't want to consume message from the /dev/log, I just want to read it.
If I summerise my question than, Is there any possibility to read the datagram socket whithout consuming data from the socket? I want to keep the data for other applications to read.
-----Original Message----- From: Rick Stevens [mailto:ricks@nerd.com] Sent: Thursday, July 22, 2010 9:52 PM To: Community support for Fedora users Subject: Re: bind() to /dev/log failed
On 07/21/2010 11:29 PM, Mansuri, Wasim (NSN - IN/Bangalore) wrote:
Hello All,
I want to listen to /dev/log. For that I am using the following code.
Please let me know whats the issue in the following code snip. Code I am running with root user.
Thanks, wasim
if ((sockfd = socket(AF_UNIX,SOCK_STREAM, 0)) == -1) { printf("Failed To open AF_UNIX Socket"); return -1; } sunx.sun_family = AF_UNIX; strncpy(sunx.sun_path, PR_PATH_LOG, sizeof(sunx.sun_path)); /*if (connect(sockfd,&syslog_addr, sizeof(syslog_addr)) == -1) { //Connect call goes successful, But after that I am not able to recv any data.*/ if (bind(sockfd, (struct sockaddr *)&sunx,sizeof(sunx.sun_family)+strlen(sunx.sun_path))< 0) { /* bind fails saying 98 : Address already in use Even if I kill syslogd*/ printf("Connect failed with the errno %s %d : %s\n",PR_PATH_LOG, errno,strerror(errno)); close(sockfd); }
if(recv( sockfd, (void *) buff, 1024,0)<=0) /* recv never come out if I use connect even after I do logger */ { printf("Error in recv call... errno = %d : %s : %s\n", errno, strerror(errno),buff); break; }
I can see a couple of things. First, [r|ng]syslogd _listens_ to /dev/log, it is not the output. If you want to log things, you write to /dev/log and syslogd will log it. This, for example, is how the utility "logger(1)" works. If you're trying to monitor what's being fed _to_ [r|ng]syslogd, this probably won't work as syslogd has already opened the socket for read.
Second, If you're going to do a bind(), you must do it before the connect(), not after.
Third, a bind() is not necessary if you are a client--only if you're the server. You can bind() as a client if you wish to have a specific address assigned to you. However your code is trying to use the already existing data for syslogd. You'd need to create a unique pathname to bind to you.
---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, C2 Hosting ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "Celibacy is not hereditary." - - -- Guy Goden - ----------------------------------------------------------------------
On 07/23/2010 05:14 AM, Mansuri, Wasim (NSN - IN/Bangalore) wrote:
I am working on some network server which has to monitor the os events and report it to some GUI. For that I want to read the /dev/log and process it and report it to the GUI.
So here my aim is not to write but I want to read the messages coming to /dev/log. I made some changes in the code which I pasted in my first post. And found out working with some limitation. My program has to come up before the syslogd comes up. And second is once I bind and start reading syslogd is not able to read anything with which I can not live with.
Now I want to know, Is there any possiblity that My program and syslogd both can listen and read the messages? I mean once I or syslogd reads message buffre for /dev/log does not emptied. I don't want to consume message from the /dev/log, I just want to read it.
If I summerise my question than, Is there any possibility to read the datagram socket whithout consuming data from the socket? I want to keep the data for other applications to read.
Not really I don't think. Even if you were able to snoop at the buffers with e.g. recvmsg and the MSG_PEEK flag (man 2 recv) I don't see a way of knowing that syslogd wasn't consuming things behind your back causing your application to appear to lose messages.
Wouldn't it be easier to require some configuration for your app? E.g. have the system syslog daemon configured to pick messages up from /dev/log as normal and deliver them via tcp/udp using regular network syslog messages to a port on which your app is listening?
Very straightforward to set up and would work with any RFC-compliant syslog implementation.
Regards, Bryn.
-
Bryn M. Reeves -
Jerry Feldman -
Mansuri, Wasim (NSN - IN/Bangalore) -
Rick Stevens