Bug #9856
pkcs11_tpm.so.1 changes syslog facility
100%
Description
This problem appeared to me with sendmail on a recent OI version. With sendmail, there are two long-running processes. The client logged to the LOG_MAIL syslog facility, with output appearing in /var/log/syslog . However, the MTA logged to the LOG_DAEMON syslog facility, with output appearing in /var/adm/messages .
The sendmail source only calls openlog() with the LOG_MAIL facility. Something else must be calling openlog() with the LOG_DAEMON facility. This turned out to be the pkcs11_tpm.so.1 shared library. The code in usr/src/lib/pkcs11/pkcs11_tpm/common/apiutil.c is like this:
void loginit() { if (!enabled) { enabled = 1; openlog("tpmtoken", LOG_PID | LOG_NDELAY, LOG_DAEMON); (void) setlogmask(LOG_UPTO(LOG_DEBUG)); logit(LOG_DEBUG, "Logging enabled %d enabled", enabled); } } void logterm() { closelog(); enabled = 0; } /*ARGSUSED*/ void logit(int type, char *fmt, ...) { #ifdef DEBUG va_list pvar; char buffer[BUFSIZ]; if (enabled) { if (type <= logging) { va_start(pvar, fmt); (void) vsnprintf(buffer, sizeof (buffer), fmt, pvar); va_end(pvar); syslog(type, buffer); } } #else return; #endif /* DEBUG */ }
As is evident to all, the body of the logit() function is only included when DEBUG is defined. However, there's no similar treatment for the loginit() or logterm() functions. This omission means that loginit() will call openlog whenever it's invoked, but will not call syslog() .
Updated by Electric Monk over 2 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
git commit 42e00f035d368f958a26818f8991759a087b374d
commit 42e00f035d368f958a26818f8991759a087b374d Author: Gary Mills <gary_mills@fastmail.fm> Date: 2018-09-28T17:16:32.000Z 9856 pkcs11_tpm.so.1 changes syslog facility Reviewed by: Jason King <jason.brian.king@gmail.com> Reviewed by: Andy Fiddaman <omnios@citrus-it.net> Approved by: Dan McDonald <danmcd@joyent.com>