bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New feature: syslog all pserver commands


From: Mark D. Baushke
Subject: Re: New feature: syslog all pserver commands
Date: Wed, 16 Jun 2004 15:49:03 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thomas Quinot <thomas@cuivre.fr.eu.org> writes:

> I sent the following proposal in early 2003, but never got any feedback,
> so I am resubmitting it:

Feedback below...

> « As operator of an anonymous CVS pserver, I found myself needing a log
>   of all actions performed on the server, and came up with the patch
>   below. I would like to offer it to the community, in the hope that
>   others will find it useful, and that eventually it gets integrated
>   in the mainstream CVS sources. »

A few points...

  - it is possible for a given host to have multiple cvs repositories.
    Therefore, you should probably be including the CVSROOT for any
    given syslog message().

  - it is possible for a given host to have a mixture of :pserver:
    and :ext: or other ways to access a client/server cvs. Therefore,
    you may wish to have the identity passed to openlog able to be
    configured in the CVSROOT/config file.

  - There is more than one interface to openlog() out there (sad, but
    true) and not all versionso of syslog() has LOG_AUTHPRIV as a
    facility.

You will probably end up needing to have something like a table setup
to let you configure the correct value based on what is on the system
and what is configured in a users CVSROOT/config file.

Something like this:

static const struct mysyslog_fac
{
    char *fullname;
    unsigned int facnum;
} facs[] =
{
#ifdef LOG_KERN
    { "kern", LOG_KERN },
#endif /* LOG_KERN */
#ifdef LOG_USER
    { "user", LOG_USER },
#endif /* LOG_USER */
#ifdef LOG_MAIL
    { "mail", LOG_MAIL },
#endif /* LOG_MAIL */
#ifdef LOG_DAEMON
    { "daemon", LOG_DAEMON },
#endif /* LOG_DAEMON */
#ifdef LOG_AUTH
    { "auth", LOG_AUTH },
#endif /* LOG_AUTH */
#ifdef LOG_SYSLOG
    { "syslog", LOG_SYSLOG },
#endif /* LOG_SYSLOG */
#ifdef LOG_LPR
    { "lpr", LOG_LPR },
#endif /* LOG_LPR */
#ifdef LOG_NEWS
    { "news", LOG_NEWS },
#endif /* LOG_NEWS */
#ifdef LOG_UUCP
    { "uucp", LOG_UUCP },
#endif /* LOG_UUCP */
#ifdef LOG_CRON
    { "cron", LOG_CRON },
#endif /* LOG_CRON */
    /* LOG_AUTHPRIV is defined on GNU/Linux, but not FreeeBSD or Solaris */
#ifdef LOG_AUTHPRIV
    { "authpriv", LOG_AUTHPRIV },
#endif /* LOG_AUTHPRIV */
    /* LOG_FTP is defined on GNU/Linux, but not FreeBSD or Solaris */
#ifdef LOG_FTP
    { "ftp", LOG_FTP },
#endif /* LOG_FTP */
#ifdef LOG_LOCAL0
    { "local0", LOG_LOCAL0 },
#endif /* LOG_LOCAL0 */
#ifdef LOG_LOCAL1
    { "local1", LOG_LOCAL1 },
#endif /* LOG_LOCAL1 */
#ifdef LOG_LOCAL2
    { "local2", LOG_LOCAL2 },
#endif /* LOG_LOCAL2 */
#ifdef LOG_LOCAL3
    { "local3", LOG_LOCAL3 },
#endif /* LOG_LOCAL3 */
#ifdef LOG_LOCAL4
    { "local4", LOG_LOCAL4 },
#endif /* LOG_LOCAL4 */
#ifdef LOG_LOCAL5
    { "local5", LOG_LOCAL5 },
#endif /* LOG_LOCAL5 */
#ifdef LOG_LOCAL6
    { "local6", LOG_LOCAL6 },
#endif /* LOG_LOCAL6 */
#ifdef LOG_LOCAL7
    { "local7", LOG_LOCAL7 },
#endif /* LOG_LOCAL7 */
    { NULL, 0 }
};

to setup the initial table. Then you would probably need to default to
LOG_AUTHPRIV only if that entry is in the table. If it is not, then you
may find that LOG_DAEMON exists on most platforms. If it is not, then
passing a zero (0) as the facility is about all you could do.

Some versions of syslog() have a length limit. You may wish to determine
a portable way in which to truncate or continue messages if all of the
arguments are needed.

I suspect you may also wish to know from which host the client is
connecting as an argument for the syslog() command...

All that said, you will also need documentation and (if possible) some
tests for sanity.sh ... although I will grant you that is more difficult
to handle as the syslog() may end up getting sent to a different server
depending on how your host is configured to log.

        -- Mark

> This updated patch applies to cvs 1.12.9.
> 
> Thomas.
> 
> diff -ur cvs-1.12.9/src/server.c cvs-1.12.9.patch/src/server.c
> --- cvs-1.12.9/src/server.c   Wed Jun  9 16:52:39 2004
> +++ cvs-1.12.9.patch/src/server.c     Wed Jun 16 12:22:23 2004
> @@ -8,6 +8,7 @@
>     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>     GNU General Public License for more details.  */
>  
> +#include <syslog.h>
>  #include "cvs.h"
>  #include "watch.h"
>  #include "edit.h"
> @@ -2681,6 +2682,43 @@
>  }
>  
>  
> +  
> +static void
> +log_command (cmd_name, argc, argv)
> +    char *cmd_name;
> +    int  argc;
> +    char **argv;
> +{
> +    static int log_opened = 0;
> +    int i, len;
> +    char *msg;
> +
> +    if (!argv)
> +      return;
> +
> +    if (!log_opened) {
> +      openlog ("cvspservd", LOG_PID, LOG_AUTHPRIV);
> +      log_opened = 1;
> +    }
> +
> +    for (len = 0, i = 0; i < argc; i++)
> +      len += strlen (argv[i]) + 1;
> +
> +    if (!(msg = malloc (len)))
> +      return;
> +
> +    *msg = '\0';
> +    for (i = 0; i < argc; i++) {
> +      if (i > 0)
> +        strcat (msg, " ");
> +      strcat (msg, argv[i]);
> +    }
> +
> +    syslog (LOG_INFO, "[%u] %s: %s", getppid (), cmd_name, msg);
> +    free (msg);
> +}
> +
> +
>  
>  static void
>  do_cvs_command (char *cmd_name, int (*command) (int, char **))
> @@ -2704,6 +2742,8 @@
>      int dev_null_fd = -1;
>  
>      int errs;
> +
> +    log_command (cmd_name, argument_count, argument_vector);
>  
>      TRACE (TRACE_FUNCTION, "do_cvs_command (%s)", cmd_name);
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFA0M5f3x41pRYZE/gRAvArAJ0QouM3KfoWg4krMZhIOHfHOnJvnQCgmeVk
ZJvH44S4iYaAv6JO9IoLC64=
=JFUF
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]