rpms/rsyslog/F-8 rsyslog-1.19.11-hostacl.patch, NONE, 1.1 rsyslog-1.19.11-race.patch, NONE, 1.1 rsyslog.spec, 1.18, 1.19
Peter Vrabec (pvrabec)
fedora-extras-commits at redhat.com
Mon Dec 17 13:19:42 UTC 2007
Author: pvrabec
Update of /cvs/extras/rpms/rsyslog/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20503
Modified Files:
rsyslog.spec
Added Files:
rsyslog-1.19.11-hostacl.patch rsyslog-1.19.11-race.patch
Log Message:
- fixed a potential race condition with enqueueMsg(),
it may fix (#384341)
- rsyslog ignores $AllowedSender if started before
network (#395911)
rsyslog-1.19.11-hostacl.patch:
--- NEW FILE rsyslog-1.19.11-hostacl.patch ---
diff -up rsyslog-1.19.11/syslogd.c.hostacl rsyslog-1.19.11/syslogd.c
--- rsyslog-1.19.11/syslogd.c.hostacl 2007-10-17 09:41:50.000000000 +0200
+++ rsyslog-1.19.11/syslogd.c 2007-12-17 13:45:52.000000000 +0100
@@ -542,6 +542,8 @@ int send_to_all = 0; /* send
static int MarkSeq = 0; /* mark sequence number - modified in domark() only */
static int NoFork = 0; /* don't fork - don't run in daemon mode - read-only after startup */
static int AcceptRemote = 0;/* receive messages that come via UDP - read-only after startup */
+int ACLAddHostnameOnFail = 0; /* add hostname to acl when DNS resolving has failed */
+int ACLDontResolve = 0; /* add hostname to acl instead of resolving it to IP(s) */
int DisableDNS = 0; /* don't look up IP addresses of remote messages */
char **StripDomains = NULL;/* these domains may be stripped before writing logs - r/o after s.u., never touched by init */
char **LocalHosts = NULL;/* these hosts are logged with their hostname - read-only after startup, never touched by init */
@@ -857,7 +859,8 @@ static rsRetVal AddAllowedSender(struct
}
if (!strchr (iAllow->addr.HostWildcard, '*') &&
- !strchr (iAllow->addr.HostWildcard, '?')) {
+ !strchr (iAllow->addr.HostWildcard, '?') &&
+ ACLDontResolve == 0) {
/* single host - in this case, we pull its IP addresses from DNS
* and add IP-based ACLs.
*/
@@ -870,11 +873,15 @@ static rsRetVal AddAllowedSender(struct
hints.ai_socktype = SOCK_DGRAM;
if (getaddrinfo (iAllow->addr.HostWildcard, NULL, &hints, &res) != 0) {
- logerrorSz("DNS error: Can't resolve \"%s\", not added as allowed sender", iAllow->addr.HostWildcard);
- /* We could use the text name in this case - maybe this could become
- * a user-defined option at some stage.
- */
- return RS_RET_ERR;
+ logerrorSz("DNS error: Can't resolve \"%s\"", iAllow->addr.HostWildcard);
+
+ if (ACLAddHostnameOnFail) {
+ logerrorSz("Adding hostname \"%s\" to ACL as a wildcard entry.", iAllow->addr.HostWildcard);
+ return AddAllowedSenderEntry(ppRoot, ppLast, iAllow, iSignificantBits);
+ } else {
+ logerrorSz("Hostname \"%s\" WON\'T be added to ACL.", iAllow->addr.HostWildcard);
+ return RS_RET_NOENTRY;
+ }
}
for (restmp = res ; res != NULL ; res = res->ai_next) {
@@ -1635,7 +1642,7 @@ void getCurrTime(struct syslogTime *t)
static int usage(void)
{
- fprintf(stderr, "usage: rsyslogd [-46Adhvw] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
+ fprintf(stderr, "usage: rsyslogd [-46AdhqQvw] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \
" [-s domainlist] [-r[port]] [-tport[,max-sessions]] [-f conffile] [-i pidfile] [-x]\n");
exit(1); /* "good" exit - done to terminate usage() */
}
@@ -3730,10 +3737,15 @@ static rsRetVal addAllowedSenderLine(cha
}
if((iRet = AddAllowedSender(ppRoot, ppLast, uIP, iBits))
!= RS_RET_OK) {
- logerrorInt("Error %d adding allowed sender entry "
- "- ignoring.", iRet);
- rsParsDestruct(pPars);
- return(iRet);
+ if (iRet == RS_RET_NOENTRY) {
+ logerrorInt("Error %d adding allowed sender entry "
+ "- ignoring.", iRet);
+ } else {
+ logerrorInt("Error %d adding allowed sender entry "
+ "- terminating, nothing more will be added.", iRet);
+ rsParsDestruct(pPars);
+ return(iRet);
+ }
}
free (uIP); /* copy stored in AllowedSenders list */
}
@@ -6156,7 +6168,7 @@ int main(int argc, char **argv)
/* END core initializations */
- while ((ch = getopt(argc, argv, "46Aa:dehi:f:l:m:nop:r::s:t:u:vwx")) != EOF) {
+ while ((ch = getopt(argc, argv, "46Aa:dehi:f:l:m:nop:qQr::s:t:u:vwx")) != EOF) {
switch((char)ch) {
case '4':
family = PF_INET;
@@ -6215,6 +6227,12 @@ int main(int argc, char **argv)
case 'p': /* path to regular log socket */
funixn[0] = optarg;
break;
+ case 'q': /* add hostname if DNS resolving has failed */
+ ACLAddHostnameOnFail = 1;
+ break;
+ case 'Q': /* dont resolve hostnames in ACL to IPs */
+ ACLDontResolve = 1;
+ break;
case 'r': /* accept remote messages */
#ifdef SYSLOG_INET
AcceptRemote = 1;
diff -up rsyslog-1.19.11/rsyslogd.8.hostacl rsyslog-1.19.11/rsyslogd.8
--- rsyslog-1.19.11/rsyslogd.8.hostacl 2007-12-17 13:46:12.000000000 +0100
+++ rsyslog-1.19.11/rsyslogd.8 2007-12-17 13:54:43.000000000 +0100
@@ -34,7 +34,8 @@ rsyslogd \- reliable and extended syslog
.RB [ " \-p"
.IB socket
]
-.br
+.RB [ " \-q " ]
+.RB [ " \-Q " ]
.RB [ " \-r "
.I [port]
]
@@ -194,6 +195,15 @@ machine. When specified, no local log so
You can specify an alternative unix domain socket instead of
.IR /dev/log "."
.TP
+.BI "\-q "
+Add hostname if DNS fails during ACL processing. During ACL processing,
+hostnames are resolved to IP addreses for performance reasons.
+If DNS fails during that process, the hostname is added as wildcard text,
+which results in proper, but somewhat slower operation once DNS is up again.
+.TP
+.BI "\-Q "
+Do not resolve hostnames to IP addresses during ACL processing.
+.TP
.BI "\-r " ["port"]
Activates the syslog/udp listener service. The listener
will listen to the specified port. If no port is specified,
rsyslog-1.19.11-race.patch:
--- NEW FILE rsyslog-1.19.11-race.patch ---
diff -up rsyslog-1.19.11/syslogd.c.hostacl rsyslog-1.19.11/syslogd.c
--- rsyslog-1.19.11/syslogd.c.hostacl 2007-12-17 12:00:51.000000000 +0100
+++ rsyslog-1.19.11/syslogd.c 2007-12-17 12:01:39.000000000 +0100
@@ -2230,13 +2230,6 @@ void printline(char *hname, char *msg, i
logmsg(pri, pMsg, SYNC_FILE);
- /* rgerhards 2004-11-11:
- * we are done with the message object. If it still is
- * stored somewhere, we can call discard anyhow. This
- * is handled via the reference count - see description
- * of msg_t for details.
- */
- MsgDestruct(pMsg);
return;
}
@@ -2291,7 +2284,6 @@ static void logmsgInternal(int pri, char
* message to the queue engine.
*/
logmsg(pri, pMsg, flags);
- MsgDestruct(pMsg);
}
#else
iminternalAddMsg(pri, pMsg, flags);
@@ -2827,7 +2819,7 @@ static void enqueueMsg(msg_t *pMsg)
goto unlock;
}
}
- queueAdd(fifo, MsgAddRef(pMsg));
+ queueAdd(fifo, pMsg);
unlock:
/* now activate the worker thread */
pthread_mutex_unlock(fifo->mut);
@@ -5508,7 +5500,6 @@ static void processImInternal(void)
while(iminternalRemoveMsg(&iPri, &pMsg, &iFlags) == RS_RET_OK) {
logmsg(iPri, pMsg, iFlags);
- MsgDestruct(pMsg);
}
}
Index: rsyslog.spec
===================================================================
RCS file: /cvs/extras/rpms/rsyslog/F-8/rsyslog.spec,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- rsyslog.spec 29 Nov 2007 12:39:08 -0000 1.18
+++ rsyslog.spec 17 Dec 2007 13:19:04 -0000 1.19
@@ -3,13 +3,15 @@
Summary: Enhanced system logging and kernel message trapping daemons
Name: rsyslog
Version: 1.19.11
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://www.rsyslog.com/
Source0: http://download.adiscon.com/rsyslog/%{name}-%{version}.tar.gz
Source1: rsyslog.init
Source2: rsyslog.sysconfig
+Patch1: rsyslog-1.19.11-hostacl.patch
+Patch2: rsyslog-1.19.11-race.patch
Conflicts: logrotate < 3.5.2
BuildRequires: zlib-devel
BuildRequires: autoconf automake
@@ -46,6 +48,8 @@
%prep
%setup -q
+%patch1 -p1 -b .hostacl
+%patch2 -p1 -b .race
%build
%configure --sbindir=%{sbindir} --disable-static --enable-mysql
@@ -118,6 +122,12 @@
%{_libdir}/rsyslog/ommysql.so
%changelog
+* Mon Dec 17 2007 Peter Vrabec <pvrabec at redhat.com> 1.19.11-2
+- fixed a potential race condition with enqueueMsg(),
+ it may fix (#384341)
+- rsyslog ignores $AllowedSender if started before
+ network (#395911)
+
* Thu Nov 29 2007 Peter Vrabec <pvrabec at redhat.com> 1.19.11-1
- new upstream release
- add conflicts (#400671)
More information about the scm-commits
mailing list