Hi,
I have received complaints from a customer that the "last message
repeated" feature of syslogd(8) makes their log auditing difficult.
FreeBSD has -c and -cc to disable it, but our -c is already taken.
Add -r to suppress the summary line for pipe and remote loghost,
as they are most commonly used for automated log processing. With
-rr the "last message repeated" can be disabled completely.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.8
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.8,v
retrieving revision 1.53
diff -u -p -r1.53 syslogd.8
--- usr.sbin/syslogd/syslogd.8 2 Jan 2017 15:58:02 -0000 1.53
+++ usr.sbin/syslogd/syslogd.8 16 Apr 2017 20:01:04 -0000
@@ -39,7 +39,7 @@
.Sh SYNOPSIS
.Nm syslogd
.Bk -words
-.Op Fl 46dFhnuVZ
+.Op Fl 46dFhnruVZ
.Op Fl a Ar path
.Op Fl C Ar CAfile
.Op Fl c Ar cert_file
@@ -129,6 +129,10 @@ the symbolic local host name.
Specify the pathname of an alternate log socket to be used instead;
the default is
.Pa /dev/log .
+.It Fl r
+Suppress the message repeated summary and print every line immediately.
+If given once, only message piped to another program or forwarded
+to a remote loghost are affected.
.It Fl S Ar listen_address
Create a TLS listen socket for receiving encrypted messages and
bind it to the specified address.
Index: usr.sbin/syslogd/syslogd.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.241
diff -u -p -r1.241 syslogd.c
--- usr.sbin/syslogd/syslogd.c 7 Apr 2017 15:36:16 -0000 1.241
+++ usr.sbin/syslogd/syslogd.c 16 Apr 2017 20:14:30 -0000
@@ -209,6 +209,7 @@ int Initialized = 0; /* set when we have
int MarkInterval = 20 * 60; /* interval between marks in seconds */
int MarkSeq = 0; /* mark sequence number */
int PrivChild = 0; /* Exec the privileged parent process */
+int Repeat = 0; /* 0 msg repeated, 1 in files only, 2 never */
int SecureMode = 1; /* when true, speak only unix domain socks */
int NoDNS = 0; /* when true, refrain from doing DNS lookups */
int ZuluTime = 0; /* display date and time in UTC ISO format */
@@ -369,8 +370,8 @@ main(int argc, char *argv[])
tls_hostport = tls_host = NULL;
nbind = nlisten = 0;
- while ((ch = getopt(argc, argv, "46a:C:c:dFf:hK:k:m:nP:p:S:s:T:U:uVZ"))
- != -1)
+ while ((ch = getopt(argc, argv,
+ "46a:C:c:dFf:hK:k:m:nP:p:rS:s:T:U:uVZ")) != -1) {
switch (ch) {
case '4': /* disable IPv6 */
Family = PF_INET;
@@ -425,6 +426,9 @@ main(int argc, char *argv[])
case 'p': /* path */
path_unix[0] = optarg;
break;
+ case 'r':
+ Repeat++;
+ break;
case 'S': /* allow tls and listen on address */
tls_hostport = optarg;
if ((p = strdup(optarg)) == NULL)
@@ -455,6 +459,7 @@ main(int argc, char *argv[])
default:
usage();
}
+ }
if (argc != optind)
usage();
@@ -1766,7 +1771,10 @@ logline(int pri, int flags, char *from,
/*
* suppress duplicate lines to this file
*/
- if ((flags & MARK) == 0 && msglen == f->f_prevlen &&
+ if ((Repeat == 0 || (Repeat == 1 &&
+ (f->f_type != F_PIPE && f->f_type != F_FORWUDP &&
+ f->f_type != F_FORWTCP && f->f_type != F_FORWTLS))) &&
+ (flags & MARK) == 0 && msglen == f->f_prevlen &&
!strcmp(msg, f->f_prevline) &&
!strcmp(from, f->f_prevhost)) {
strlcpy(f->f_lasttime, timestamp,
