NetBSD Problem Report #39136

From apb@cequrux.com  Sat Jul 12 08:00:06 2008
Return-Path: <apb@cequrux.com>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id 070C163B9AA
	for <gnats-bugs@gnats.NetBSD.org>; Sat, 12 Jul 2008 08:00:05 +0000 (UTC)
Message-Id: <20080712075216.D962AE93086@apb-laptoy.apb.alt.za>
Date: Sat, 12 Jul 2008 07:52:16 +0000 (UTC)
From: apb@cequrux.com
To: gnats-bugs@gnats.NetBSD.org
Subject: syslogd confusion between output files and configuration lines
X-Send-Pr-Version: 3.95

>Number:         39136
>Category:       bin
>Synopsis:       syslogd confusion between output files and configuration lines
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jul 12 08:05:00 +0000 2008
>Originator:     Alan Barrett
>Release:        NetBSD 4.99.69
>Organization:
Not much
>Environment:
System: NetBSD 4.99.69
Architecture: i386
Machine: i386
>Description:
    If multiple lines in the syslog.conf fil refer to the same output
    fiel, syslogd does the wrong thing, such as sending the same
    output multiple times, or incorrectly accounting for the idle time.

>How-To-Repeat:

    Configure /etc/syslog.conf as follows:

	# Next three lines come from NetBSD's default syslog.conf file
	*.err;kern.*;auth.notice;authpriv.none;mail.crit /dev/console
	*.info;auth,authpriv,cron,ftp,kern,lpr,mail.none /var/log/messages
	kern.debug                                       /var/log/messages
	# Next three lines send *.debug messages from the "logger" program
	# to /var/log/messages, supplementing the "*.err" above.
	!+logger
	*.debug                                          /var/log/messages
	!*
	# Next lines send "mark" messages to console and file.
	mark.info                                        /dev/console
	mark.info                                        /var/log/messages

    Observe that "mark" messages appear on /dev/console and in
    /var/log/messages every 20 minutes, despite the following code in
    src/usr.sbin/syslogd/syslogd.c:

	/* don't output marks to recently written files */
	if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
		continue;

    Run the following commands:

	for level in debug err ; do
	    logger -t logger -p user.${level} -t "test message ($level)"
	done

    Observe that the message at level "err" appears twice in
    /var/log/messages.

>Fix:
    Each entry in syslogd's "struct filed *Files" data structure
    keeps information derived from a single line in the configuration
    file (such as rules about how to match a message against the
    configuration line), as well as information about the output file
    (such as the open file sescriptor, and the time of the most recent
    output).

    These two types of information shuold be separated into two data
    structures, with the ability for multiple lines in the configuration
    file to refer to a single output file.  Matching of messages against
    rules should use one data structure, while timeout handling and
    duplicate suppression uses the other data structure.

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.