[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-inetutils] tests/syslogd.sh and /tmp
|
From: |
Mats Erik Andersson |
|
Subject: |
Re: [bug-inetutils] tests/syslogd.sh and /tmp |
|
Date: |
Fri, 20 Jan 2012 23:53:16 +0100 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
torsdag den 19 januari 2012 klockan 10:34 skrev Simon Josefsson detta:
> Mats Erik Andersson <address@hidden> writes:
>
> > 1. Replace $(( )) by `expr `.
>
> There is a trick in the autoconf manual to detect whether $(( )) works
> and use it. But maybe it is simpler and more readable to just use expr
> instead, it is a well known shell programming idiom.
I have now a pending patch of "tests/syslogd.sh" that covers this and
other issues not mentioned so for, also for variable length TMPDIR.
The code should work with SVR4 Bourne shell. The book by Peter Seebach
gave important advice. Thus the code should pass on Solaris 10 and 9.
Extraction of strings:
$ count=5
$ str=0123456789
$ expr X"$str" : X"\(.\{0,$count\}\)"
01234
This is portable to SVR3, possibly to V7! Thus helping me to satisfy NixOS.
> > 2. logger(1) needs a rooted path "/this/starts/at/the/bottom".
> > This rules out the "cd"-technique as viable work around.
>
> Why is this? I'm assuming it is because the --host flag is overloaded to
> also support Unix sockets. However, perhaps a better solution would be
> to implement the -u socket that my BSD logger tool uses for logging to a
> Unix socket. Then the --host flag would be entirely dedicated to
> hostnames. There would also be better compatibility with existing
> 'logger' on many people's systems.
This is complex. syslogd is in fact executing `chroot("/")', via
the call `waitdaemon(0, 0, 30)'. Thus every UNIX socket name must
stay rooted at "/", be it relative to a chroot, or not.
You are correct in the observation that our logger also make this quirk.
In fact, the failure to follow the widespread use of "-u" has been and
remains one strong reason that the Debian package maintainer is not
including our logger even as "/usr/bin/iu-logger". Now that logger(1)
from util-linux has acquired INET sockets in its very most recent release,
our utility must be fully compliant to stand the slightest of chances.
As I mentioned, I have better portable and decidedly more robust version
of "tests/syslogd.sh" in writing. It defends against white space paths
and other attack mechanisms. Of course it stays based on our present
implementation of syslogd(8) and logger(1), not the desireable modification
of logger(1).
Regards,
Mats
Re: [bug-inetutils] tests/syslogd.sh and /tmp, Ludovic Courtès, 2012/01/18
Re: [bug-inetutils] tests/syslogd.sh and /tmp, Simon Josefsson, 2012/01/19
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/19
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Simon Josefsson, 2012/01/19
- Re: [bug-inetutils] tests/syslogd.sh and /tmp,
Mats Erik Andersson <=
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Ludovic Courtès, 2012/01/22
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/22
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/25
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Ludovic Courtès, 2012/01/25
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/25
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/26
- Re: [bug-inetutils] tests/syslogd.sh and /tmp, Mats Erik Andersson, 2012/01/27