Re: [Testers wanted] /dev/console cleanups

Tue, 18 Nov 2008 13:34:43 -0800 

Hello Carlos, others,

* Ed Schouten <[EMAIL PROTECTED]> wrote:
> About the /dev/console issues: Robert Watson and I discussed this some
> time ago on IRC and what I did in HEAD (not RELENG_7) was that I changed
> TIOCCONS not to take a look at the permissions of /dev/console, but we
> changed it to use priv_check(). This means that right now you can only
> call TIOCCONS as root. I can't really understand why the problem exists
> on RELENG_7.
> 
> About making xconsole setuid: I've read the messages you mentioned, but
> I think we could just alter console to call TIOCCONS and just drop
> privileges. An even better solution would be to just get rid of TIOCCONS
> and invent a better solution to capture syslog messages. I can't really
> understand why we want to abuse TTY's to do this.
> 
> So I can't say we're working on this, but at least I can confirm the
> issue.

One solution would be to let xconsole just display /var/log/messages.
There shouldn't be a valid reason to let syslogd print messages to
/dev/console and capture them again using TIOCCONS. We could just
instruct xconsole to read its data from the log files.

If you save the attached patch as /usr/ports/x11/xconsole/files/
patch-xconsole.c (create directory first) and recompile xconsole, it
will use the log file.

I'll discuss this with others to decide if we should take such an
approach.

-- 
 Ed Schouten <[EMAIL PROTECTED]>
 WWW: http://80386.nl/

--- xconsole.c
+++ xconsole.c
@@ -145,6 +145,11 @@
     {"-saveLines",	"*saveLines",		XrmoptionSepArg,	NULL},
 };
 
+#ifdef __FreeBSD__
+#define USE_FILE
+#define FILE_NAME "/var/log/messages"
+#endif
+
 #ifdef ultrix
 #define USE_FILE
 #define FILE_NAME "/dev/xcons"
@@ -252,7 +257,7 @@
 	if (!strcmp (app_resources.file, "console"))
 	{
 	    /* must be owner and have read/write permission */
-#if !defined(__NetBSD__) && !defined(__OpenBSD__) && !defined(Lynx) && !defined(__UNIXOS2__)
+#if !defined(__FreeBSD__) && !defined(__NetBSD__) && !defined(__OpenBSD__) && !defined(Lynx) && !defined(__UNIXOS2__)
 	    struct stat sbuf;
 # if !defined (linux)
 	    if (!stat("/dev/console", &sbuf) &&
@@ -266,9 +271,11 @@
 		if (!stat(FILE_NAME, &sbuf))
 # endif
 		input = fopen (FILE_NAME, "r");
-# ifdef __UNIXOS2__
 		if (input)
 		{
+		    struct stat sbuf;
+
+# ifdef __UNIXOS2__
 		    ULONG arg = 1,arglen;
 		    APIRET rc;
 		    if ((rc=DosDevIOCtl(fileno(input), 0x76,0x4d,
@@ -278,8 +285,11 @@
 			fclose(input);
 			input = 0;
 		    }
-		}
 # endif
+
+		    if (!fstat(fileno(input), &sbuf) && S_ISREG(sbuf.st_mode))
+			regularFile = TRUE;
+		}
 #endif
 		
 #ifdef USE_PTY

Attachment: pgpt0FzOtlKLm.pgp
Description: PGP signature

Reply via email to