[syslog-ng]syslog-ng problem description(again)
Balazs Scheidler
bazsi@balabit.hu
Fri, 13 Apr 2001 10:05:45 +0200
> [pid 14144] bind(4, {sin_family=AF_UNIX,
> path=" /dev/log"},
> 110) = -1 EPERM (Operation not permitted)
>
> (Apr 12 19:02:24 db rsbac_adf_request_rc(): rsbac_get_attr() returned
> error -1017!
> Apr 12 19:02:24 db rsbac_adf_request(): request READ_WRITE_OPEN,
> caller_pid 15361, caller_prog_name syslog-ng, caller_uid 0, target-type
> IPC, tid ???-ID 134521299, attr sockaddr, value 3437575888, result
> NOT_GRANTED by RC)
>
> Two problems: why has the bind command 110 bytes path attribute, why not
> only "/dev/log".
Thanks for the report. I now applied a fix for the CVS which calculates the
runtime length of the required sockaddr_un structure instead of simply
passing sizeof(struct sockaddr_un), for those interested here's the patch.
It should be applied to the libol source tree.
Index: io.c
===================================================================
RCS file: /var/cvs/libol/src/io.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
@@ -927,7 +929,7 @@
}
unlink(un.sun_path);
errno = 0;
- if (bind(fd, (struct sockaddr *) &un, sizeof(struct sockaddr_un)) == -1) {
+ if (bind(fd, (struct sockaddr *) &un, sizeof(un) - sizeof(un.sun_path) + strlen(un.sun_path) + 1) == -1) {
werror("io.c: bind_unix_socket(): bind failed %z (%z)\n",
un.sun_path, strerror(errno));
return 0;
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1