newsyslog(8) patch for both size and time checks
Dmitry Morozovsky
marck at rinet.ru
Tue May 12 10:09:29 UTC 2009
Dear colleagues,
for now, if log is configured to be rotated in time manner, its size is not
checked, so /var/log may be DoSed by some service (in our case, it was mad DHCP
client which fills up our /var/log with dhcpd log; our newsyslog.conf line was
/var/log/dhcpd 640 5 5000 @T00 JC
The following simple patch should fix the problem. Any objection to commit
this?
Thanks.
Index: usr.sbin/newsyslog/newsyslog.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/newsyslog/newsyslog.c,v
retrieving revision 1.107.2.1
diff -u -r1.107.2.1 newsyslog.c
--- usr.sbin/newsyslog/newsyslog.c 8 Mar 2008 01:00:25 -0000 1.107.2.1
+++ usr.sbin/newsyslog/newsyslog.c 12 May 2009 09:48:00 -0000
@@ -466,7 +466,8 @@
printf("does not exist, skipped%s.\n", temp_reason);
}
} else {
- if (ent->flags & CE_TRIMAT && !force && !rotatereq) {
+ if ((ent->trsize < 0 || ent->fsize < ent->trsize) &&
+ ent->flags & CE_TRIMAT && !force && !rotatereq) {
diffsecs = ptimeget_diff(timenow, ent->trim_at);
if (diffsecs < 0.0) {
/* trim_at is some time in the future. */
--
Sincerely,
D.Marck [DM5020, MCK-RIPE, DM3-RIPN]
[ FreeBSD committer: marck at FreeBSD.org ]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck at rinet.ru ***
------------------------------------------------------------------------
More information about the freebsd-current
mailing list