add `log syslog facility' to use a different syslog(3) facility

Was requested ages ago by Karl Jeacle, now that there is some better support for configuring the logging there's no excuse to add this. It helps with filtering from syslog.d / syslog.conf.
2023-08-07 09:34:19 +00:00 · 2023-08-07 09:34:19 +00:00 · 9abba172b6
parent 3a93c90445
commit 9abba172b6
6 changed files with 66 additions and 2 deletions
--- a/config.c
+++ b/config.c
@ -21,6 +21,7 @@
 #include <fcntl.h>
 #include <limits.h>
 #include <string.h>
+#include <syslog.h>

 #include <openssl/pem.h>

@ -45,6 +46,7 @@ config_new(void)

 	conf->prefork = 3;
 	conf->log_syslog = 1;
+	conf->log_facility = LOG_DAEMON;
 	conf->log_format = LOG_FORMAT_LEGACY;

 #ifdef __OpenBSD__
@ -152,6 +154,7 @@ config_purge(struct conf *conf)
 	conf->use_privsep_crypto = use_privsep_crypto;
 	conf->protos = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3;
 	conf->log_syslog = 1;
+	conf->log_facility = LOG_DAEMON;
 	conf->log_format = log_format;
 	init_mime(&conf->mime);
 	TAILQ_INIT(&conf->fcgi);
--- a/gmid.c
+++ b/gmid.c
@ -411,6 +411,9 @@ main_send_logfd(struct conf *conf)
 	if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_ACCESS, -1, fd,
 	    NULL, 0) == -1)
 		return -1;
+	if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_FACILITY, -1, -1,
+	    &conf->log_facility, sizeof(conf->log_facility)) == -1)
+		return -1;
 	if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_SYSLOG, -1, -1,
 	    &conf->log_syslog, sizeof(conf->log_syslog)) == -1)
 		return -1;
--- a/gmid.conf.5
+++ b/gmid.conf.5
@ -190,6 +190,18 @@ Log to syslog.
 It is enabled by default, use the
 .Ic off
 argument to disable.
+.It Ic syslog facility Ar facility
+Log to
+.Xr syslog 3
+using specified
+.Ar facility .
+Available facilities are as follows: daemon, ftp, local0 through local7 and
+user.
+These are case insensitive and can be prefixed with
+.Sq LOG_ .
+Not all level may be available on all operating systems.
+The default facility is
+.Ev LOG_DAEMON .
 .El
 .It Ic prefork Ar number
 Run the specified number of server processes.
--- a/gmid.h
+++ b/gmid.h
@ -249,6 +249,7 @@ struct conf {
 	int		 prefork;
 	int		 reload;
 	int		 log_syslog;
+	int		 log_facility;
 	char		*log_access;
 	enum log_format	 log_format;
 	int		 use_privsep_crypto;
@ -332,6 +333,7 @@ enum imsg_type {
 	IMSG_LOG_REQUEST,
 	IMSG_LOG_ACCESS,
 	IMSG_LOG_SYSLOG,
+	IMSG_LOG_FACILITY,

 	IMSG_RECONF_START,
 	IMSG_RECONF_LOG_FMT,
--- a/logger.c
+++ b/logger.c
@ -39,6 +39,7 @@

 static int logfd = -1;
 static int log_to_syslog = 1;
+static int facility = LOG_DAEMON;

 static void logger_init(struct privsep *, struct privsep_proc *, void *);
 static void logger_shutdown(void);
@ -75,6 +76,11 @@ static int
 logger_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
 {
 	switch (imsg->hdr.type) {
+	case IMSG_LOG_FACILITY:
+		if (IMSG_DATA_SIZE(imsg) != sizeof(facility))
+			fatal("corrupted IMSG_LOG_SYSLOG");
+		memcpy(&facility, imsg->data, sizeof(facility));
+		break;
 	case IMSG_LOG_SYSLOG:
 		if (IMSG_DATA_SIZE(imsg) != sizeof(log_to_syslog))
 			fatal("corrupted IMSG_LOG_SYSLOG");
@ -111,7 +117,7 @@ logger_dispatch_server(int fd, struct privsep_proc *p, struct imsg *imsg)
 		if (logfd != -1)
 			dprintf(logfd, "%s\n", msg);
 		if (log_to_syslog)
-			syslog(LOG_DAEMON | LOG_NOTICE, "%s", msg);
+			syslog(facility | LOG_NOTICE, "%s", msg);
 		break;
 	default:
 		return -1;
--- a/parse.y
+++ b/parse.y
@ -32,6 +32,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <syslog.h>

 #include "log.h"

@ -126,7 +127,7 @@ typedef struct {
 %token	BLOCK
 %token	CA CERT CHROOT CLIENT COMBINED COMMON CONDENSED
 %token	DEFAULT
-%token	FASTCGI FOR_HOST
+%token	FACILITY FASTCGI FOR_HOST
 %token	INCLUDE INDEX IPV6
 %token	KEY
 %token	LANG LEGACY LISTEN LOCATION LOG
@ -276,6 +277,42 @@ logopt		: ACCESS string		{
 		| STYLE LEGACY		{
 			conf->log_format = LOG_FORMAT_LEGACY;
 		}
+		| SYSLOG FACILITY string {
+			const char *str = $3;
+
+			conf->log_syslog = 1;
+
+			if (!strncasecmp(str, "LOG_", 4))
+				str += 4;
+
+			if (!strcasecmp(str, "daemon"))
+				conf->log_facility = LOG_DAEMON;
+#ifdef LOG_FTP
+			else if (!strcasecmp(str, "ftp"))
+				conf->log_facility = LOG_FTP;
+#endif
+			else if (!strcasecmp(str, "local1"))
+				conf->log_facility = LOG_LOCAL1;
+			else if (!strcasecmp(str, "local2"))
+				conf->log_facility = LOG_LOCAL2;
+			else if (!strcasecmp(str, "local3"))
+				conf->log_facility = LOG_LOCAL3;
+			else if (!strcasecmp(str, "local4"))
+				conf->log_facility = LOG_LOCAL4;
+			else if (!strcasecmp(str, "local5"))
+				conf->log_facility = LOG_LOCAL5;
+			else if (!strcasecmp(str, "local6"))
+				conf->log_facility = LOG_LOCAL6;
+			else if (!strcasecmp(str, "local7"))
+				conf->log_facility = LOG_LOCAL7;
+			else if (!strcasecmp(str, "user"))
+				conf->log_facility = LOG_USER;
+			else
+				yywarn("unknown syslog facility `%s'",
+				    $3);
+
+			free($3);
+		}
 		| SYSLOG OFF		{
 			conf->log_syslog = 0;
 		}
@ -621,6 +658,7 @@ static const struct keyword {
 	{"common", COMMON},
 	{"condensed", CONDENSED},
 	{"default", DEFAULT},
+	{"facility", FACILITY},
 	{"fastcgi", FASTCGI},
 	{"for-host", FOR_HOST},
 	{"include", INCLUDE},