syslogd closing all udp is a tiny bit aggressiv

Thu, 06 Feb 2020 08:47:37 -0800 

Hello,

Syslogd is supposed to reload the configuration on HUP, and does it well
but for one case.

If the demon does not have any endpoint it will close the FD opened *at start*

line 587
/*
* If generic UDP file descriptors are used neither
* for receiving nor for sending, close them.  Then
* there is no useless *.514 in netstat.
*/
if (fd_udp != -1 && !send_udp) {
close(fd_udp);
fd_udp = -1;
}

If for exemple there s a wrong endpoint in the config file, like
local1.warn @badhost
and no other the daemon will close  fd_udp.


when reloading the conf, if badhost suddenly resolved.
===================================================================
RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.262
diff -u -p -r1.262 syslogd.c
--- syslogd.c   5 Jul 2019 13:23:27 -0000       1.262
+++ syslogd.c   6 Feb 2020 16:28:34 -0000
@@ -2762,6 +2762,7 @@ cfline(char *line, char *progblock, char
                        switch (f->f_un.f_forw.f_addr.ss_family) {
                        case AF_INET:
                                send_udp = 1;
+                               if ( fd_udp == -1 ) log_warnx("bad
oops cannot reload because new feature");
                                f->f_file = fd_udp;
                                break;
                        case AF_INET6:


send_udp is back to 1 but fd_udp is dead, RIP fd_udp !

logline: pri 053, flags 0x4, from current, msg syslogd[62371]: bad
hostname "@badhost "
// reload with a badhost in /etc/hosts for the sake of testing
logline: pri 053, flags 0x4, from current, msg syslogd[20219]: bad
oops cannot reload because new feature
Logging to FORWUDP @badhost
logline: pri 053, flags 0x4, from current, msg syslogd[62371]: sendto
"@totalcrap": Bad file descriptor


One easy fix would be to not close the FD ... or change the man

if (socket_bind("udp", NULL, "syslog", SecureMode,
    &fd_udp, &fd_udp6) == -1)
log_warnx("socket bind * failed");

could be called in init when send_udp is set to 1, but it will crush
the udp6 one

I often have the wrong idea about the right fix, so please tell me !

For example i wonder if the udp socket could be put in the enpoint
struct,and open/close
when the enpoint state is valid/invalid.

Best, and thanks for all the work.

* this is tested on 6.6, with current version of syslogd * using cvs
-q up -Pd -CA as learned *

-- 
--
---------------------------------------------------------------------------------------------------------------------
Knowing is not enough; we must apply. Willing is not enough; we must do

Reply via email to