[src/trunk]: src/usr.sbin/syslogd 1.) bring usage text up to date, and clarif...

[jwise <jwise%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/a62b0067b85e
branches:  trunk
changeset: 494064:a62b0067b85e
user:      jwise <jwise%NetBSD.org@localhost>
date:      Fri Jun 30 17:32:43 2000 +0000

description:
1.) bring usage text up to date, and clarify description of `-s' option
    in man page and comments -- for some time it has no longer prevents
    an inet socket from being opened, just caused it to be ignored

2.) Fix this problem with `-s' -- syslogd always opens an inet socket, even if
    -s is specified and it has nowhere to send to.  This socket is then
    shutdown(), but there is no way to not have this socket open.

    Users setting up paranoid installations can now specify `-S' which
    prevents any non-unix-domain sockets from being opened, even if
    forwarding is specified in /etc/syslogd.conf.

    As per the previous fix, this is not made the default for `-s', as it
    also prevents syslogd from forwarding log messages.

3.) document the above in the man page and usage.

Justification:  in light of the possibility of future DoS attacks, or the
desire to set up a machine which is relatively uninformative in the face
of port scans, users may quite legitimately want to control what sockets
are open on their machine.  Telling such users that they cannot run
syslogd is non-ideal.

diffstat:

 usr.sbin/syslogd/syslogd.8 |   8 +++++---
 usr.sbin/syslogd/syslogd.c |  19 +++++++++++++------
 2 files changed, 18 insertions(+), 9 deletions(-)

diffs (106 lines):

diff -r 5d038c9f2196 -r a62b0067b85e usr.sbin/syslogd/syslogd.8
--- a/usr.sbin/syslogd/syslogd.8        Fri Jun 30 17:10:15 2000 +0000
+++ b/usr.sbin/syslogd/syslogd.8        Fri Jun 30 17:32:43 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: syslogd.8,v 1.15 1999/11/30 12:08:49 ad Exp $
+.\"    $NetBSD: syslogd.8,v 1.16 2000/06/30 17:32:43 jwise Exp $
 .\"
 .\" Copyright (c) 1983, 1986, 1991, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -41,7 +41,7 @@
 .Nd log systems messages
 .Sh SYNOPSIS
 .Nm "
-.Op Fl ds
+.Op Fl dsS
 .Bk -words
 .Op Fl f Ar config_file
 .Ek
@@ -74,7 +74,7 @@
 Select the number of minutes between ``mark'' messages;
 the default is 20 minutes.
 .It Fl s
-Select ``secure'' mode, in which syslogd does not open a UDP socket but
+Select ``secure'' mode, in which syslogd does not listen on a UDP socket but
 only communicates over a
 .Ux
 domain socket.
@@ -82,6 +82,8 @@
 which syslogd runs is subject to attack over the network and it is desired
 that the machine be protected from attempts to remotely fill logs
 and similar attacks.
+.It Fl S
+Select ``secure no network'' mode, in which syslogd opens no sockets for listening or sending.
 .It Fl p
 Specify the pathname of an log socket.  Multiple
 .Fl p
diff -r 5d038c9f2196 -r a62b0067b85e usr.sbin/syslogd/syslogd.c
--- a/usr.sbin/syslogd/syslogd.c        Fri Jun 30 17:10:15 2000 +0000
+++ b/usr.sbin/syslogd/syslogd.c        Fri Jun 30 17:32:43 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: syslogd.c,v 1.34 2000/02/18 09:44:46 lukem Exp $       */
+/*     $NetBSD: syslogd.c,v 1.35 2000/06/30 17:32:43 jwise Exp $       */
 
 /*
  * Copyright (c) 1983, 1988, 1993, 1994
@@ -43,7 +43,7 @@
 #if 0
 static char sccsid[] = "@(#)syslogd.c  8.3 (Berkeley) 4/4/94";
 #else
-__RCSID("$NetBSD: syslogd.c,v 1.34 2000/02/18 09:44:46 lukem Exp $");
+__RCSID("$NetBSD: syslogd.c,v 1.35 2000/06/30 17:32:43 jwise Exp $");
 #endif
 #endif /* not lint */
 
@@ -191,7 +191,8 @@
 int    Initialized = 0;        /* set when we have initialized ourselves */
 int    MarkInterval = 20 * 60; /* interval between marks in seconds */
 int    MarkSeq = 0;            /* mark sequence number */
-int    SecureMode = 0;         /* when true, speak only unix domain socks */
+int    SecureMode = 0;         /* listen only on unix domain socks */
+int    NoNetMode = 0;          /* send+listen only on unix domain socks */
 char   **LogPaths;             /* array of pathnames to read messages from */
 
 void   cfline __P((char *, struct filed *));
@@ -227,7 +228,7 @@
        char *p, *line, **pp;
        struct pollfd *readfds;
 
-       while ((ch = getopt(argc, argv, "dsf:m:p:P:")) != -1)
+       while ((ch = getopt(argc, argv, "dsSf:m:p:P:")) != -1)
                switch(ch) {
                case 'd':               /* debug */
                        Debug++;
@@ -246,9 +247,12 @@
                        logpath_fileadd(&LogPaths, &funixsize, 
                            &funixmaxsize, optarg);
                        break;
-               case 's':               /* no network mode */
+               case 's':               /* no network listen mode */
                        SecureMode++;
                        break;
+               case 'S':               /* no network at all mode */
+                       NoNetMode++;
+                       break;
                case '?':
                default:
                        usage();
@@ -448,7 +452,7 @@
        extern char *__progname;
 
        (void)fprintf(stderr,
-"usage: %s [-f conffile] [-m markinterval] [-p logpath1] [-p logpath2 ..]\n",
+"usage: %s [-dsS] [-f conffile] [-m markinterval] [-P logpathfile] [-p logpath1] [-p logpath2 ..]\n",
            __progname);
        exit(1);
 }
@@ -1337,6 +1341,9 @@
        struct addrinfo hints, *res, *r;
        int error, maxs, *s, *socks;
 
+       if(NoNetMode)
+               return(NULL);
+
        memset(&hints, 0, sizeof(hints));
        hints.ai_flags = AI_PASSIVE;
        hints.ai_family = af;