Re: [logs] sdsc syslog on bsd?

From: ArkanoiD (ark@private)
Date: Mon Feb 14 2005 - 07:47:47 PST


Wow! Thank you very much.

On Mon, Feb 14, 2005 at 11:09:41AM -0500, Jose Nazario wrote:
> On Mon, 14 Feb 2005, ArkanoiD wrote:
> 
> > Is there a BSD port of SDSC syslog or its suitable replacement?
> 
> back when the project was first announced, at 1.0, i sent tom perrine soem
> initial patches to get it to build on OpenBSD. here's a copy of the
> message:
> 
> again, i have tried sdsc secure syslog on openbsd and found it has a
> handful of linux specific include issues and one small function
> dependency. a diff of what it took to get it to partially build is
> attached.
> 
> the remaining problem comes in OMOD_USER_send_msg() in omod_user.c.
> starting with setutent(), the remainder of the function uses structs and
> functions specific to linux (or at least absent in openbsd). i don't know
> enough about your code to determine what it is you're hoping to do and how
> crucial this is, so ... i didn't go beyond commenting out a pair of lines.
> 
> any suggestions? i hope these patches (i cc'd Yann Berthier, according to
> some list traffic in january he was working on a freebsd port if he had
> time) are useful for a bsd port. as for the linux specific stuff ... looks
> like no one has yet figured out what to do about it and keep your goals
> intact.
> 
> 
> the patch is attached as a reference point. i am no longer working on the
> effort ... i share it to facilitate any porting effort. it's a bit
> hackish, and i only want it to compile to start playing with it some more.
> 
> ________
> jose nazario, ph.d.			jose@private
> http://monkey.org/~jose/ 		http://infosecdaily.net/
> 
> email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com 
> 
> [host=TEST]

> diff -ur sdscsyslogd-1.0.0/examples/syslog sdscsyslogd-1.0.0-openbsd/examples/syslog
> --- sdscsyslogd-1.0.0/examples/syslog	Wed Apr 30 18:19:41 2003
> +++ sdscsyslogd-1.0.0-openbsd/examples/syslog	Thu May  1 18:51:18 2003
> @@ -36,11 +36,11 @@
>  		fi
>  
>  		# set the proper RR path
> -		if [ "yes" == "yes" ]; then
> +		if [ "no" == "yes" ]; then
>  			if [ -z $LD_LIBRARY_PATH ]; then
> -				BEEP_LD=`echo ":/projects/security/devink/lib" | sed -e "s/^://g"`
> +				BEEP_LD=`echo "" | sed -e "s/^://g"`
>  			else
> -				BEEP_LD=`echo ":/projects/security/devink/lib"`
> +				BEEP_LD=`echo ""`
>  			fi
>  
>  			export LD_LIBRARY_PATH="$LD_LIBRARY_PATH$BEEP_LD"
> diff -ur sdscsyslogd-1.0.0/src/controller/controller.h sdscsyslogd-1.0.0-openbsd/src/controller/controller.h
> --- sdscsyslogd-1.0.0/src/controller/controller.h	Wed Apr 30 16:03:09 2003
> +++ sdscsyslogd-1.0.0-openbsd/src/controller/controller.h	Thu May  1 18:45:23 2003
> @@ -46,6 +46,8 @@
>  #ifndef CTLR_CONTROLLER_H
>  #define CTLR_CONTROLLER_H
>  
> +#include <limits.h>
> +
>  #include "util/list.h"
>  #include "util/acl.h"
>  #include "config/config.h"
> diff -ur sdscsyslogd-1.0.0/src/message/msg_parse.c sdscsyslogd-1.0.0-openbsd/src/message/msg_parse.c
> --- sdscsyslogd-1.0.0/src/message/msg_parse.c	Wed Apr 30 16:03:26 2003
> +++ sdscsyslogd-1.0.0-openbsd/src/message/msg_parse.c	Thu May  1 18:54:32 2003
> @@ -41,6 +41,7 @@
>   * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>   */
>  
> +#include <sys/limits.h>
>  #include <sys/time.h>
>  #include <time.h>
>  #include <stdlib.h>
> diff -ur sdscsyslogd-1.0.0/src/outputmod/omod_user.c sdscsyslogd-1.0.0-openbsd/src/outputmod/omod_user.c
> --- sdscsyslogd-1.0.0/src/outputmod/omod_user.c	Wed Apr 30 16:03:32 2003
> +++ sdscsyslogd-1.0.0-openbsd/src/outputmod/omod_user.c	Thu May  1 19:32:34 2003
> @@ -49,6 +49,7 @@
>  #include <sys/stat.h>
>  #include <utmp.h>
>  #include <fcntl.h>
> +#include <paths.h>
>  #include <stdlib.h>
>  #include <stdio.h>
>  #include <unistd.h>
> @@ -237,8 +238,8 @@
>       */
>      while ( (utent = getutent()) != NULL) { 
>          /* Skip the stuff we really don't care about */
> -        if (utent->ut_type != USER_PROCESS) 
> -            continue;
> +        // if (utent->ut_type != USER_PROCESS) 
> +        //    continue;
>          if (utent->ut_name[0] == '\0') 
>              continue;
>          
> diff -ur sdscsyslogd-1.0.0/src/util/tsqueue.c sdscsyslogd-1.0.0-openbsd/src/util/tsqueue.c
> --- sdscsyslogd-1.0.0/src/util/tsqueue.c	Wed Apr 30 16:04:05 2003
> +++ sdscsyslogd-1.0.0-openbsd/src/util/tsqueue.c	Thu May  1 19:01:35 2003
> @@ -199,7 +199,7 @@
>       * well just assume that it is still present when COND_WAIT()
>       * returns.
>       */
> -    haveElem = COND_WAIT(q->insert, q->lock, &tv);
> +    // haveElem = COND_WAIT(q->insert, q->lock, &tv);
>  
>      MUTEX_UNLOCK(q->lock);
>  

_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Mon Feb 14 2005 - 08:21:36 PST