[syslog-ng] user-bound UDP socket

Balazs Scheidler bazsi at balabit.hu
Fri Feb 9 10:24:06 CET 2007


On Fri, 2007-02-09 at 03:01 +0000, Bryan Henderson wrote:
> Here's a patch that adds an option to the UDP source to specify the
> file descriptor of an already bound UDP socket, in lieu of having
> syslog-ng create and bind the socket.
> 
> This makes it possible to run syslog-ng without the privilege required
> to bind to reserved UDP port numbers (such as the standard syslog port
> number).  I exec syslog-ng with no privileges at all, except write
> permission to the log files.
> 
> Aside from the config file processing, all the patch does is skip the
> call to afsocket_open_socket() if the user supplied a file descriptor,
> and move the settings of the nonblock and close-on-exec options from
> afsocket_open_socket() to afsocket_setup_socket().

I am somewhat reluctant to include such a patch, so you need external
tools to actually set the fd up, and it does not handle reloads.

I would rather use some kind of dynamic capability management. (e.g. a
minimal set of syslog-ng would run as root, while the actual message
processing would happen in a restricted part. (e.g. have a parent with
root privileges, and fork/drop privileges after configuration init was
successful) This way it would be possible to reload the configuration:
HUP the parent, kill/refork the child. (not to mention that chroot might
also work then)

-- 
Bazsi



More information about the syslog-ng mailing list