[syslog-ng] [PATCH (3.4) 5/5] system-source: Add Linux 3.5+ /dev/kmsg support

Gergely Nagy algernon at balabit.hu
Sat Oct 13 17:20:21 CEST 2012 

When on Linux, and /dev/kmsg is seekable, use that over /proc/kmsg,
using indented-multiline and the linux-kmsg format.

Signed-off-by: Gergely Nagy <algernon at balabit.hu>
---
 modules/system-source/system-source.c |   25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/modules/system-source/system-source.c b/modules/system-source/system-source.c
index 929a5f8..8ad75b4 100644
--- a/modules/system-source/system-source.c
+++ b/modules/system-source/system-source.c
@@ -27,6 +27,7 @@
 #include "messages.h"
 #include "plugin.h"
 
+#include <fcntl.h>
 #include <sys/utsname.h>
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -48,7 +49,7 @@ system_sysblock_add_unix_dgram(GString *sysblock, const gchar *path,
 static void
 system_sysblock_add_file(GString *sysblock, const gchar *path,
                          gint follow_freq, const gchar *prg_override,
-                         const gchar *flags)
+                         const gchar *flags, const gchar *format)
 {
   g_string_append_printf(sysblock, "file(\"%s\"", path);
   if (follow_freq >= 0)
@@ -57,6 +58,8 @@ system_sysblock_add_file(GString *sysblock, const gchar *path,
     g_string_append_printf(sysblock, " program-override(\"%s\")", prg_override);
   if (flags)
     g_string_append_printf(sysblock, " flags(%s)", flags);
+  if (format)
+    g_string_append_printf(sysblock, " format(%s)", format);
   g_string_append(sysblock, ");\n");
 }
 
@@ -108,6 +111,9 @@ system_generate_system(CfgLexer *lexer, gint type, const gchar *name,
   if (strcmp(u.sysname, "Linux") == 0)
     {
       char *log = "/dev/log";
+      gchar *kmsg = "/proc/kmsg";
+      int fd;
+      gchar *format = NULL;
 
       if (getenv("LISTEN_FDS") != NULL)
         {
@@ -121,7 +127,18 @@ system_generate_system(CfgLexer *lexer, gint type, const gchar *name,
         }
 
       system_sysblock_add_unix_dgram(sysblock, log, NULL);
-      system_sysblock_add_file(sysblock, "/proc/kmsg", -1, "kernel", "kernel");
+
+      if ((fd = open("/dev/kmsg", O_RDONLY)) != -1)
+        {
+          if (lseek (fd, 0, SEEK_END) != -1)
+            {
+              kmsg = "/dev/kmsg";
+              format = "linux-kmsg";
+            }
+          close (fd);
+        }
+
+      system_sysblock_add_file(sysblock, kmsg, -1, "kernel", "kernel", format);
     }
   else if (strcmp(u.sysname, "SunOS") == 0)
     {
@@ -138,12 +155,12 @@ system_generate_system(CfgLexer *lexer, gint type, const gchar *name,
     {
       system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL);
       system_sysblock_add_unix_dgram(sysblock, "/var/run/logpriv", "0600");
-      system_sysblock_add_file(sysblock, "/dev/klog", 0, "kernel", "no-parse");
+      system_sysblock_add_file(sysblock, "/dev/klog", 0, "kernel", "no-parse", NULL);
     }
   else if (strcmp(u.sysname, "GNU/kFreeBSD") == 0)
     {
       system_sysblock_add_unix_dgram(sysblock, "/var/run/log", NULL);
-      system_sysblock_add_file(sysblock, "/dev/klog", 0, "kernel", NULL);
+      system_sysblock_add_file(sysblock, "/dev/klog", 0, "kernel", NULL, NULL);
     }
   else if (strcmp(u.sysname, "HP-UX") == 0)
     {
-- 
1.7.10.4

More information about the syslog-ng mailing list