When a SIGHUP signal is sent to syslogd, the configuration is reparsed, leading to new resource acquisition. If syslogd is running in capability mode and a SIGHUP is received, new resources cannot be acquired. To mitigate this issue, libcasper is used to parse the configuration. The libcasper process runs outside of capability mode and is capable of parsing syslogd's configuration and obtaining new resources. These resources are then sent to the syslogd process via nvlist.
Details
- Reviewers
markj
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Skipped - Unit
Tests Skipped
Event Timeline
Use logerror() to log errors instead of exiting. This makes debugging significantly easier when something goes wrong during configuration parsing.
usr.sbin/syslogd/syslogd_cap_config.c | ||
---|---|---|
74 | What's the point of having filed_count as an nvlist element? Doesn't nvlist_get_nvlist_array() return the size of the array in filed_count? | |
130 | Per my comment in D41463, we should continue factoring this code out to make it less confusing. In an ideal design, IMO, readconfigfile() would return the nvlist instead of mucking with global variables. That doesn't need to happen in this revision, it's just a comment about the direction I think we should go. |
Don't manually add the filed count to the nvlist. The filed count is fetched when getting the nvlist filed array.
Fix minor mistyping in populate_config(). filed_count should be declared as size_t, not uint64_t.
usr.sbin/syslogd/syslogd_cap_config.c | ||
---|---|---|
82 | Does the casper service do any validation of the config file path? Doesn't this interface allow syslogd to parse any file as a syslogd configuration file and derive capabilities from it? Most likely we should handle this by making the configuration service take a limit, set by cap_limit_set(). During initialization, syslogd would limit the service to only /etc/syslog.conf (or whatever is specified by -f). An attempt to parse any other file should be rejected by the casper service. |
usr.sbin/syslogd/syslogd_cap_config.c | ||
---|---|---|
82 |
I made ConfFile a global variable and did a strcmp() to verify that the passed-in path matched libcasper's original copy. |