|
|
f4f2f7 |
diff -up rsyslog-8.2102.0/runtime/cfsysline.c.orig rsyslog-8.2102.0/runtime/cfsysline.c
|
|
|
f4f2f7 |
--- rsyslog-8.2102.0/runtime/cfsysline.c.orig 2021-08-04 07:16:02.663163106 +0200
|
|
|
f4f2f7 |
+++ rsyslog-8.2102.0/runtime/cfsysline.c 2021-08-04 07:18:05.952490008 +0200
|
|
|
f4f2f7 |
@@ -353,13 +353,8 @@ static rsRetVal doGetGID(uchar **pp, rsR
|
|
|
f4f2f7 |
assert(*pp != NULL);
|
|
|
f4f2f7 |
|
|
|
f4f2f7 |
if(getSubString(pp, (char*) szName, sizeof(szName), ' ') != 0) {
|
|
|
f4f2f7 |
- if(loadConf->globals.abortOnIDResolutionFail) {
|
|
|
f4f2f7 |
- fprintf(stderr, "could not extract group name: %s\n", (char*)szName);
|
|
|
f4f2f7 |
- exit(1); /* good exit */
|
|
|
f4f2f7 |
- } else {
|
|
|
f4f2f7 |
- LogError(0, RS_RET_NOT_FOUND, "could not extract group name");
|
|
|
f4f2f7 |
- ABORT_FINALIZE(RS_RET_NOT_FOUND);
|
|
|
f4f2f7 |
- }
|
|
|
f4f2f7 |
+ LogError(0, RS_RET_NOT_FOUND, "could not extract group name");
|
|
|
f4f2f7 |
+ ABORT_FINALIZE(RS_RET_NOT_FOUND);
|
|
|
f4f2f7 |
}
|
|
|
f4f2f7 |
|
|
|
f4f2f7 |
do {
|
|
|
f4f2f7 |
@@ -380,10 +375,6 @@ static rsRetVal doGetGID(uchar **pp, rsR
|
|
|
f4f2f7 |
LogError(0, RS_RET_NOT_FOUND, "ID for group '%s' could not be found", szName);
|
|
|
f4f2f7 |
}
|
|
|
f4f2f7 |
iRet = RS_RET_NOT_FOUND;
|
|
|
f4f2f7 |
- if(loadConf->globals.abortOnIDResolutionFail) {
|
|
|
f4f2f7 |
- fprintf(stderr, "ID for group '%s' could not be found or error\n", szName);
|
|
|
f4f2f7 |
- exit(1); /* good exit */
|
|
|
f4f2f7 |
- }
|
|
|
f4f2f7 |
} else {
|
|
|
f4f2f7 |
if(pSetHdlr == NULL) {
|
|
|
f4f2f7 |
/* we should set value directly to var */
|
|
|
f4f2f7 |
@@ -418,25 +409,15 @@ static rsRetVal doGetUID(uchar **pp, rsR
|
|
|
f4f2f7 |
assert(*pp != NULL);
|
|
|
f4f2f7 |
|
|
|
f4f2f7 |
if(getSubString(pp, (char*) szName, sizeof(szName), ' ') != 0) {
|
|
|
f4f2f7 |
- if(loadConf->globals.abortOnIDResolutionFail) {
|
|
|
f4f2f7 |
- fprintf(stderr, "could not extract user name: %s\n", (char*)szName);
|
|
|
f4f2f7 |
- exit(1); /* good exit */
|
|
|
f4f2f7 |
- } else {
|
|
|
f4f2f7 |
- LogError(0, RS_RET_NOT_FOUND, "could not extract user name");
|
|
|
f4f2f7 |
- ABORT_FINALIZE(RS_RET_NOT_FOUND);
|
|
|
f4f2f7 |
- }
|
|
|
f4f2f7 |
+ LogError(0, RS_RET_NOT_FOUND, "could not extract user name");
|
|
|
f4f2f7 |
+ ABORT_FINALIZE(RS_RET_NOT_FOUND);
|
|
|
f4f2f7 |
}
|
|
|
f4f2f7 |
|
|
|
f4f2f7 |
getpwnam_r((char*)szName, &pwBuf, stringBuf, sizeof(stringBuf), &ppwBuf);
|
|
|
f4f2f7 |
|
|
|
f4f2f7 |
if(ppwBuf == NULL) {
|
|
|
f4f2f7 |
- if(loadConf->globals.abortOnIDResolutionFail) {
|
|
|
f4f2f7 |
- fprintf(stderr, "ID for user '%s' could not be found or error\n", (char*)szName);
|
|
|
f4f2f7 |
- exit(1); /* good exit */
|
|
|
f4f2f7 |
- } else {
|
|
|
f4f2f7 |
- LogError(0, RS_RET_NOT_FOUND, "ID for user '%s' could not be found or error", (char*)szName);
|
|
|
f4f2f7 |
- iRet = RS_RET_NOT_FOUND;
|
|
|
f4f2f7 |
- }
|
|
|
f4f2f7 |
+ LogError(0, RS_RET_NOT_FOUND, "ID for user '%s' could not be found or error", (char*)szName);
|
|
|
f4f2f7 |
+ iRet = RS_RET_NOT_FOUND;
|
|
|
f4f2f7 |
} else {
|
|
|
f4f2f7 |
if(pSetHdlr == NULL) {
|
|
|
f4f2f7 |
/* we should set value directly to var */
|
|
|
f4f2f7 |
diff -up rsyslog-8.2102.0/runtime/glbl.c.orig rsyslog-8.2102.0/runtime/glbl.c
|
|
|
f4f2f7 |
--- rsyslog-8.2102.0/runtime/glbl.c.orig 2021-08-04 07:18:19.301633677 +0200
|
|
|
f4f2f7 |
+++ rsyslog-8.2102.0/runtime/glbl.c 2021-08-04 07:19:02.409019106 +0200
|
|
|
f4f2f7 |
@@ -210,7 +210,6 @@ static struct cnfparamdescr cnfparamdesc
|
|
|
f4f2f7 |
{ "environment", eCmdHdlrArray, 0 },
|
|
|
f4f2f7 |
{ "processinternalmessages", eCmdHdlrBinary, 0 },
|
|
|
f4f2f7 |
{ "umask", eCmdHdlrFileCreateMode, 0 },
|
|
|
f4f2f7 |
- { "security.abortonidresolutionfail", eCmdHdlrBinary, 0 },
|
|
|
f4f2f7 |
{ "internal.developeronly.options", eCmdHdlrInt, 0 },
|
|
|
f4f2f7 |
{ "internalmsg.ratelimit.interval", eCmdHdlrPositiveInt, 0 },
|
|
|
f4f2f7 |
{ "internalmsg.ratelimit.burst", eCmdHdlrPositiveInt, 0 },
|
|
|
f4f2f7 |
@@ -1443,8 +1442,6 @@ glblDoneLoadCnf(void)
|
|
|
f4f2f7 |
glblInputTimeoutShutdown = (int) cnfparamvals[i].val.d.n;
|
|
|
f4f2f7 |
} else if(!strcmp(paramblk.descr[i].name, "privdrop.group.keepsupplemental")) {
|
|
|
f4f2f7 |
loadConf->globals.gidDropPrivKeepSupplemental = (int) cnfparamvals[i].val.d.n;
|
|
|
f4f2f7 |
- } else if(!strcmp(paramblk.descr[i].name, "security.abortonidresolutionfail")) {
|
|
|
f4f2f7 |
- loadConf->globals.abortOnIDResolutionFail = (int) cnfparamvals[i].val.d.n;
|
|
|
f4f2f7 |
} else if(!strcmp(paramblk.descr[i].name, "net.acladdhostnameonfail")) {
|
|
|
f4f2f7 |
*(net.pACLAddHostnameOnFail) = (int) cnfparamvals[i].val.d.n;
|
|
|
f4f2f7 |
} else if(!strcmp(paramblk.descr[i].name, "net.aclresolvehostname")) {
|
|
|
f4f2f7 |
diff -up rsyslog-8.2102.0/runtime/rsconf.c.orig rsyslog-8.2102.0/runtime/rsconf.c
|
|
|
f4f2f7 |
--- rsyslog-8.2102.0/runtime/rsconf.c.orig 2021-08-04 07:19:13.103104854 +0200
|
|
|
f4f2f7 |
+++ rsyslog-8.2102.0/runtime/rsconf.c 2021-08-04 07:19:44.635357684 +0200
|
|
|
f4f2f7 |
@@ -156,7 +156,6 @@ static void cnfSetDefaults(rsconf_t *pTh
|
|
|
f4f2f7 |
pThis->globals.maxErrMsgToStderr = -1;
|
|
|
f4f2f7 |
pThis->globals.umask = -1;
|
|
|
f4f2f7 |
pThis->globals.gidDropPrivKeepSupplemental = 0;
|
|
|
f4f2f7 |
- pThis->globals.abortOnIDResolutionFail = 1;
|
|
|
f4f2f7 |
pThis->templates.root = NULL;
|
|
|
f4f2f7 |
pThis->templates.last = NULL;
|
|
|
f4f2f7 |
pThis->templates.lastStatic = NULL;
|
|
|
f4f2f7 |
diff -up rsyslog-8.2102.0/runtime/rsconf.h.orig rsyslog-8.2102.0/runtime/rsconf.h
|
|
|
f4f2f7 |
--- rsyslog-8.2102.0/runtime/rsconf.h.orig 2021-08-04 07:20:15.848607958 +0200
|
|
|
f4f2f7 |
+++ rsyslog-8.2102.0/runtime/rsconf.h 2021-08-04 07:20:42.782823920 +0200
|
|
|
f4f2f7 |
@@ -73,7 +73,6 @@ struct globals_s {
|
|
|
f4f2f7 |
int uidDropPriv; /* user-id to which priveleges should be dropped to */
|
|
|
f4f2f7 |
int gidDropPriv; /* group-id to which priveleges should be dropped to */
|
|
|
f4f2f7 |
int gidDropPrivKeepSupplemental; /* keep supplemental groups when dropping? */
|
|
|
f4f2f7 |
- int abortOnIDResolutionFail;
|
|
|
f4f2f7 |
int umask; /* umask to use */
|
|
|
f4f2f7 |
uchar *pszConfDAGFile; /* name of config DAG file, non-NULL means generate one */
|
|
|
f4f2f7 |
|