sendsyslog ioctl LIOCSFD documentation

Sun, 24 Sep 2017 10:26:32 -0700 

Hi,

After my talk about syslog at eurobsdcon, I was asked to add more
documentation how the syslogd(8) side of sendsyslog(9) works.

ok?

bluhm

Index: usr.sbin/syslogd/syslogd.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.248
diff -u -p -r1.248 syslogd.c
--- usr.sbin/syslogd/syslogd.c  17 Sep 2017 23:49:14 -0000      1.248
+++ usr.sbin/syslogd/syslogd.c  24 Sep 2017 17:14:00 -0000
@@ -566,6 +566,7 @@ main(int argc, char *argv[])
        if ((fd_klog = open(_PATH_KLOG, O_RDONLY, 0)) == -1) {
                log_warn("open %s", _PATH_KLOG);
        } else if (fd_sendsys != -1) {
+               /* Use /dev/klog to register sendsyslogd(2) receiver. */
                if (ioctl(fd_klog, LIOCSFD, &pair[1]) == -1)
                        log_warn("ioctl klog LIOCSFD sendsyslog");
        }
Index: lib/libc/sys/sendsyslog.2
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/lib/libc/sys/sendsyslog.2,v
retrieving revision 1.9
diff -u -p -r1.9 sendsyslog.2
--- lib/libc/sys/sendsyslog.2   18 Jul 2017 22:22:19 -0000      1.9
+++ lib/libc/sys/sendsyslog.2   24 Sep 2017 17:20:27 -0000
@@ -1,5 +1,6 @@
 .\"    $OpenBSD: sendsyslog.2,v 1.9 2017/07/18 22:22:19 bluhm Exp $
 .\"
+.\" Copyright (c) 2017 Alexander Bluhm <[email protected]>
 .\" Copyright (c) 2014 Theo de Raadt
 .\"
 .\" Permission to use, copy, modify, and distribute this software for any
@@ -54,6 +55,22 @@ fails, dropped messages are counted.
 When
 .Xr syslogd 8
 works again, a warning with the counter and error number is logged.
+.Pp
+To receive messages from the kernel,
+.Xr syslogd 8
+has to create a socket pair and register one end.
+This registration is done by opening the
+.Pa /dev/klog
+device and passing one file descriptor of the socket pair as argument
+to
+.Xr ioctl 2 Dv LIOCSFD
+invoked on the klog file descriptor.
+After that the messages can be be read from the other end of the
+socket pair.
+By utilizing
+.Pa /dev/klog
+the access to log messages is limited to processes that may open
+this device.
 .Sh RETURN VALUES
 .Rv -std
 .Sh ERRORS

Reply via email to