Репозитории ALT
| S: | 1.8.0-alt1 |
| 5.1: | 1.4.1-alt30 |
| 4.1: | 1.4.1-alt28 |
| 4.0: | 1.4.1-alt27 |
| 3.0: | 1.4.1-alt20 |
Группа :: Система/Ядро и оборудование
Пакет: sysklogd
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: sysklogd-1.4.1-alt-syslogd-chroot.patch
Скачать
Скачать
diff -u sysklogd-1.4.1~/sysklogd.8 sysklogd-1.4.1/sysklogd.8
--- sysklogd-1.4.1~/sysklogd.8 Thu Feb 7 16:40:34 2002
+++ sysklogd-1.4.1/sysklogd.8 Thu Feb 7 16:53:21 2002
@@ -2,7 +2,7 @@
.\" May be distributed under the GNU General Public License
.\" Sun Aug 30 11:35:55 MET: Martin Schulze: Updates
.\"
-.TH SYSKLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW" "Linux System Administration"
+.TH SYSKLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW/ALT" "Linux System Administration"
.SH NAME
sysklogd \- Linux system logging utilities.
.SH SYNOPSIS
@@ -35,6 +35,9 @@
.RB [ " \-u"
.IB username
]
+.RB [ " \-j "
+.I chroot_dir
+]
.RB [ " \-v " ]
.LP
.SH DESCRIPTION
@@ -175,6 +178,19 @@
.B SIGHUP
the files will be reopened as the non-privileged user. You should
take this into account when deciding the ownership of the log files.
+.TP
+.BI "\-j " chroot_dir
+Tells
+.B syslogd
+daemon to
+.BR chroot (2)
+into this directory after initializing.
+This option is only valid if the \-u option is also used to run
+.B syslogd
+without root privileges.
+Note that the use of this option will prevent
+.B SIGHUP
+from working which makes daemon reload practically impossible.
.TP
.B "\-v"
Print version and exit.
diff -u sysklogd-1.4.1~/syslogd.c sysklogd-1.4.1/syslogd.c
--- sysklogd-1.4.1~/syslogd.c Thu Feb 7 16:40:34 2002
+++ sysklogd-1.4.1/syslogd.c Thu Feb 7 16:42:04 2002
@@ -742,6 +742,7 @@
char *bind_addr = NULL; /* bind UDP port to this interface only */
char *server_user = NULL; /* user name to run server as */
+char *chroot_dir = NULL; /* user name to run server as */
extern int errno;
@@ -791,6 +792,11 @@
if (!pw->pw_uid) return -1;
+ if (chroot_dir) {+ if (chroot(chroot_dir)) return -1;
+ if (chdir("/")) return -1;+ }
+
if (initgroups(server_user, pw->pw_gid)) return -1;
if (setgid(pw->pw_gid)) return -1;
if (setuid(pw->pw_uid)) return -1;
@@ -851,7 +857,7 @@
funix[i] = -1;
}
- while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF)
+ while ((ch = getopt(argc, argv, "a:dhf:i:j:l:m:np:rs:u:v")) != EOF)
switch((char)ch) {case 'a':
if (nfunix < MAXFUNIX)
@@ -876,6 +882,9 @@
}
bind_addr = optarg;
break;
+ case 'j':
+ chroot_dir = optarg;
+ break;
case 'l':
if (LocalHosts) {fprintf(stderr, "Only one -l argument allowed, "
@@ -917,6 +926,10 @@
if ((argc -= optind))
usage();
+ if (chroot_dir && !server_user) {+ fputs("'-j' is only valid with '-u'", stderr);+ exit(1);
+ }
#ifndef TESTING
if ( !(Debug || NoFork) )
{