diff options
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/syslogd/syslogd.8 | 9 | ||||
-rw-r--r-- | usr.sbin/syslogd/syslogd.c | 10 |
2 files changed, 14 insertions, 5 deletions
diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8 index 2e276bd74dc6..5514fd5103f5 100644 --- a/usr.sbin/syslogd/syslogd.8 +++ b/usr.sbin/syslogd/syslogd.8 @@ -250,8 +250,10 @@ The .Nm utility reads messages from the .Ux -domain socket -.Pa /var/run/log , +domain sockets +.Pa /var/run/log +and +.Pa /var/run/logpriv , from an Internet domain socket specified in .Pa /etc/services , and from the special device @@ -293,6 +295,9 @@ default process ID file name of the .Ux domain datagram log socket +.It Pa /var/run/logpriv +.Ux +socket for priveleged applications .It Pa /dev/klog kernel log device .El diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 38480eedfbac..ed266d45e017 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -129,6 +129,8 @@ const char ctty[] = _PATH_CONSOLE; /* * Unix sockets. + * We have two default sockets, one with 666 permissions, + * and one for priveleged programs */ struct funix { int s; @@ -136,11 +138,13 @@ struct funix { mode_t mode; STAILQ_ENTRY(funix) next; }; -struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE, +struct funix funix_secure = { -1, _PATH_LOG_PRIV, S_IRUSR | S_IWUSR, { NULL } }; +struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE, + { &funix_secure } }; STAILQ_HEAD(, funix) funixes = { &funix_default, - &(funix_default.next.stqe_next) }; + &(funix_secure.next.stqe_next) }; /* * Flags to logmsg(). @@ -504,7 +508,7 @@ main(int argc, char *argv[]) "cannot create %s", fx->name); logerror(line); dprintf("cannot create %s (%d)\n", fx->name, errno); - if (fx == &funix_default) + if (fx == &funix_default || fx == &funix_secure) die(0); else STAILQ_REMOVE(&funixes, fx, funix, next); |