From nightmar@lemming.acc.am  Sun Oct 25 10:38:03 1998
Received: from lemming.acc.am (jeday.r.am [194.67.210.11])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA03846
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 25 Oct 1998 10:37:49 -0800 (PST)
          (envelope-from nightmar@lemming.acc.am)
Received: (from nightmar@localhost)
	by lemming.acc.am (8.9.1/8.9.1) id XAA02639;
	Sun, 25 Oct 1998 23:39:12 +0400 (AMT)
Message-Id: <199810251939.XAA02639@lemming.acc.am>
Date: Sun, 25 Oct 1998 23:39:12 +0400 (AMT)
From: nightmar@acc.am
Reply-To: nightmar@acc.am
To: FreeBSD-gnats-submit@freebsd.org
Subject: syslogd doesn't allow !* option in the syslog.conf
X-Send-Pr-Version: 3.2

>Number:         8447
>Category:       bin
>Synopsis:       syslogd doesn't implement documented feature (!* for all programs)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 25 10:40:00 PST 1998
>Closed-Date:    Tue Dec 29 12:36:41 PST 1998
>Last-Modified:  Tue Dec 29 12:38:32 PST 1998
>Originator:     Gaspar Chilingarov AKA NightMare
>Release:        FreeBSD 2.2.6-RELEASE i386 , also in FreeBSD 3.0-SNAP
>Organization:
<Armenian Computer Centre 
		  http://www.acc.am/>
>Environment:
	Standard installation of 2.2.6-RELEASE box , no patches applied.
>Description:
 In syslog.conf(5) man written
 [-skip-]
     An asterisk (``*'') can be used to specify all facilities all levels or
     all programs.
 [-skip-]
 If you put the !* in config file after some filters (like !tcpd)
 you cannot force syslogd to write messages from any program to the specified file

>How-To-Repeat:

 Put in the /etc/syslog.conf file after other filters (for instance , ftpd )
 these lines :
 # you can place here any other programm 
 !ftpd
 *.* [tab] /dev/null
 #this lines allow you to log all messages in the system
 !*
 *.* [tab] root
 to log all messages in the system to the root's terminal.
 make killall -HUP syslogd
 Login as root. Make something , that will cause syslogd write a message to the log 
 (login from other terminal,for example).
 You must see a message from syslogd on your first terminal ... you doesn't see it.
>Fix:
 <
 Here is a little patch for a /usr/src/usr.sbin/syslogd/syslogd.c

 [cut]
 1156a1157,1160
 >                         if(*p == '*') {
 >                                 strcpy(prog, "*");
 >                                 continue;
 >                         }
 1158,1161d1161
 <                       if(!*p) {
 <                               strcpy(prog, "*");
 <                               continue;
 <                       }
 [cut]
 
 Just save it under some name (syslog.diff ) & run
 patch /usr/src/usr.sbin/syslogd/syslogd.c </path_to_patch_file/syslog.diff
 After that run 
 make 
 killall -9 syslogd
 make install
 /usr/sbin/syslogd
 >	

>Release-Note:
>Audit-Trail:

From: skynyrd@opus.cts.cwu.edu
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  Subject: Re: bin/8447: syslogd doesn't implement documented feature (!* for all programs)
Date: Sun, 27 Dec 1998 22:25:55 -0800 (PST)

 There is a discrepency between the documenation (syslog.conf(5)) and the 
 code in syslogd.c.
 
 From the man page:
 
    69        An asterisk (``*'') can be used to specify all facilities all levels or
    70        all programs.
   
 Where would you specify a program name in a syslog.conf file?  In a tag line, 
 which is described in the man page to be either of:
 
    #!prog 
    !prog
 
 So it would follow that an all-programs tag line would look like this:
 
   !*
 
 However, per the code in syslogd.c, the all-programs tag line must be:
 
   !
 
 since the "*" is only copied into prog when the first non-whitespace character following
 the '!' is the terminating '\0' (1273)
 
  1270                   if(*p=='!') {
  1271                           p++;
  1272                           while(isspace(*p)) p++;
  1273                           if(!*p) {
  1274                                   strcpy(prog, "*");
  1275                                   continue;
  1276                           }
  1277                           for(i = 0; i < NAME_MAX; i++) {
  1278                                   if(!isalnum(p[i]))
  1279                                           break;
  1280                                   prog[i] = p[i];
  1281                           }
  1282                           prog[i] = 0;
  1283                           continue;
  1284                   }
 
 The question is, should we fix the code to match the documentation, or fix the code to 
 match the documenation while still allowing the single-! all-program tag line.  Rather than
 risk breaking historical mystical BSD syslog.conf semantics I think it would be reasonable
 to simply change the expression on line 1273 to "if ( (!*p) || (*p == '*') )".
  
 
State-Changed-From-To: open->closed  
State-Changed-By: cwt 
State-Changed-When: Tue Dec 29 12:36:41 PST 1998 
State-Changed-Why:  
Suggested fix applied in v1.45 of syslogd.c. 
>Unformatted:
