source: trunk/src/sh_err_syslog.c@ 446

Last change on this file since 446 was 279, checked in by katerina, 15 years ago

Fix for tickets #200 to #206 (kernel check, login checks, bugfixes).

File size: 6.1 KB
RevLine 
[1]1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 2000 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20#include "config_xor.h"
21
22#include <syslog.h>
23#include <stdio.h>
24#include <string.h>
25
26#include "samhain.h"
27#include "sh_error.h"
28
29#undef FIL__
30#define FIL__ _("sh_err_syslog.c")
31
32typedef struct log_fac_struct {
[170]33 const char * name;
[1]34 int facility;
35} logfct;
36
37static logfct fct_tab[] = {
38#ifdef LOG_AUTH
39 { N_("LOG_AUTH"), LOG_AUTH },
40#endif
41#ifdef LOG_AUTHPRIV
42 { N_("LOG_AUTHPRIV"), LOG_AUTHPRIV },
43#endif
44#ifdef LOG_CRON
45 { N_("LOG_CRON"), LOG_CRON },
46#endif
47#ifdef LOG_DAEMON
48 { N_("LOG_DAEMON"), LOG_DAEMON },
49#endif
50#ifdef LOG_FTP
51 { N_("LOG_FTP"), LOG_FTP },
52#endif
53#ifdef LOG_KERN
54 { N_("LOG_KERN"), LOG_KERN },
55#endif
56#ifdef LOG_LOCAL0
57 { N_("LOG_LOCAL0"), LOG_LOCAL0 },
58#endif
59#ifdef LOG_LOCAL1
60 { N_("LOG_LOCAL1"), LOG_LOCAL1 },
61#endif
62#ifdef LOG_LOCAL2
63 { N_("LOG_LOCAL2"), LOG_LOCAL2 },
64#endif
65#ifdef LOG_LOCAL3
66 { N_("LOG_LOCAL3"), LOG_LOCAL3 },
67#endif
68#ifdef LOG_LOCAL4
69 { N_("LOG_LOCAL4"), LOG_LOCAL4 },
70#endif
71#ifdef LOG_LOCAL5
72 { N_("LOG_LOCAL5"), LOG_LOCAL5 },
73#endif
74#ifdef LOG_LOCAL6
75 { N_("LOG_LOCAL6"), LOG_LOCAL6 },
76#endif
77#ifdef LOG_LOCAL7
78 { N_("LOG_LOCAL7"), LOG_LOCAL7 },
79#endif
80#ifdef LOG_LPR
81 { N_("LOG_LPR"), LOG_LPR },
82#endif
83#ifdef LOG_MAIL
84 { N_("LOG_MAIL"), LOG_MAIL },
85#endif
86#ifdef LOG_NEWS
87 { N_("LOG_NEWS"), LOG_NEWS },
88#endif
89#ifdef LOG_SYSLOG
90 { N_("LOG_SYSLOG"), LOG_SYSLOG },
91#endif
92#ifdef LOG_USER
93 { N_("LOG_USER"), LOG_USER },
94#endif
95#ifdef LOG_UUCP
96 { N_("LOG_UUCP"), LOG_UUCP },
97#endif
98 { NULL, -1 }
99};
100
101#ifdef LOG_AUTHPRIV
102static int my_syslog_facility = LOG_AUTHPRIV;
103#else
104/*@-unrecog@*/
105static int my_syslog_facility = LOG_AUTH;
106/*@+unrecog@*/
107#endif
108
109
110/* set syslog facility
111 */
[22]112int sh_log_set_facility (const char * c)
[1]113{
114 int loop = 0;
115 SL_ENTER(_("sh_log_set_facility"));
116
117 if (c == NULL)
118 SL_RETURN(-1, _("sh_log_set_facility"));
119
120 while (fct_tab[loop].name != NULL)
121 {
122 if (0 == strcmp ( _(fct_tab[loop].name), c))
123 {
124 my_syslog_facility = fct_tab[loop].facility;
125 SL_RETURN(0, _("sh_log_set_facility"));
126 }
127 ++loop;
128 }
129
130 SL_RETURN(-1, _("sh_log_set_facility"));
131}
132
[279]133static int sh_stamp_priority = LOG_ERR;
[1]134
[279]135/* set priority for heartbeat messages
136 */
137int sh_log_set_stamp_priority (const char * c)
138{
139 int retval = 0;
140
141 if (0 == strcmp(c, _("LOG_DEBUG"))) { sh_stamp_priority = LOG_DEBUG; }
142 else if (0 == strcmp(c, _("LOG_INFO"))) { sh_stamp_priority = LOG_INFO; }
143 else if (0 == strcmp(c, _("LOG_NOTICE"))) { sh_stamp_priority = LOG_NOTICE;}
144 else if (0 == strcmp(c, _("LOG_WARNING"))) { sh_stamp_priority = LOG_WARNING;}
145 else if (0 == strcmp(c, _("LOG_ERR"))) { sh_stamp_priority = LOG_ERR; }
146 else if (0 == strcmp(c, _("LOG_CRIT"))) { sh_stamp_priority = LOG_CRIT; }
147 else if (0 == strcmp(c, _("LOG_ALERT"))) { sh_stamp_priority = LOG_ALERT; }
148#ifdef LOG_EMERG
149 else if (0 == strcmp(c, _("LOG_EMERG"))) { sh_stamp_priority = LOG_EMERG; }
150#endif
151 else { retval = -1; }
152
153 return retval;
154}
155
[1]156/* syslog error message
157 */
158int sh_log_syslog (int severity, /*@null@*/char *errmsg)
159{
160 int priority;
161 size_t len;
162 size_t i;
163 char store;
164 char * p;
165
166 static int init = 0;
167
168 SL_ENTER(_("sh_log_syslog"));
169
170 ASSERT_RET((errmsg != NULL), _("errmsg != NULL"), 0);
171
172 /*@-unrecog@*/
173 if (severity == SH_ERR_ALL) priority = LOG_DEBUG;
174 else if (severity == SH_ERR_INFO) priority = LOG_INFO;
175 else if (severity == SH_ERR_NOTICE) priority = LOG_NOTICE;
176 else if (severity == SH_ERR_WARN) priority = LOG_WARNING;
[279]177 else if (severity == SH_ERR_STAMP) priority = sh_stamp_priority;
[1]178 else if (severity == SH_ERR_ERR) priority = LOG_ERR;
179 else if (severity == SH_ERR_SEVERE) priority = LOG_CRIT;
180 else if (severity == SH_ERR_FATAL) priority = LOG_ALERT;
181 else priority = LOG_DEBUG;
182 /*@+unrecog@*/
183
184#ifndef LOG_PID
185#define LOG_PID 0
186#endif
187
188 if (init == 0)
189 {
190 /*@-unrecog@*/
191 openlog (sh.prg_name, LOG_PID, my_syslog_facility);
192 /*@+unrecog@*/
193 init = 1;
194 }
195
196 /* --- Limit the message size. ---
197 */
198 len = sl_strlen(errmsg);
199 if (len < 960)
200 {
201 /*@-unrecog@*/
202 syslog (priority, "%s", errmsg);
203 /*@+unrecog@*/
204 }
205 else
206 {
207 i = 960;
208 p = errmsg;
209
210 while (i < len)
211 {
212 store = errmsg[i];
213 errmsg[i] = '\0';
214 /*@-unrecog@*/
215 syslog (priority, "%s", p);
216 /*@+unrecog@*/
217 errmsg[i] = store;
218 p = &errmsg[i];
219 i += 960;
220 }
221 if (i != len)
222 {
223 /*@-unrecog@*/
224 syslog (priority, "%s", p);
225 /*@+unrecog@*/
226 }
227 }
228
229 /* Solaris does not recover if a closeall() closes the
230 * syslog file descriptor, so close it here.
231 */
232 /*@-unrecog@*/
233 closelog();
234 /*@+unrecog@*/
235 init = 0;
236 SL_RETURN(0, _("sh_log_syslog"));
237}
238
239
240
Note: See TracBrowser for help on using the repository browser.