The sysklogd package, unfortunately, does not have a lot of development activity. There has not been a new version released since 2001-03-11 (wow). The development team has been making changes (very minimal) to the CVS tree, and seems to be content with distribution maintainers managing the patches themselves. On that note, I think it's time Gentoo ramped up its version to get the latest code. Here's what I did: - Made a diff off of sysklogd CVS getting us to version 1.4.2 affectively. - Removed mips patch (it's in the official tree now.) - Converted 2.6-headers patch to querymod patch, it's real name, and stripped it down to the necessities. - Added 3 security patches from CAEN/OWL. - Made everything place nicely together. This takes care of a whole bunch of minor security fixes to 1.4.1 and a lot of header fixes. We still need the SO_BSDCOMPAT patch, unfortunately. I am hoping that this also solves the ppc64 issues described in Bug 88099. I don't have ppc64 to test on, so I am CC'ing the people involved in that bug so they can try this. Enclosed are the new patch files and a patch against the latest ebuild. If this is well-received, I'll update the init scripts to support the drop priv and bind address patches from CAEN/OWL. There's quite a few fixes in 1.4.2, so I'll include the list here (from CVS/CHANGES): . Dmitry V. Levin <ldv@altlinux.org> - Close file descriptor in FindSymbolFile() in ksym.c in order not to leak file descriptors. . Solar Designer <solar@openwall.com> - improve crunch_list() - Prevent potential buffer overflow in reading messages from the kernel log ringbuffer. - Ensure that "len" is not placed in a register, and that the endtty() signal handler is not installed too early which could cause a segmentation fault or worse. . Steve Grubb <linux_4ever@yahoo.com> - fix memory calculation in crunch_list() . Martin Schulze <joey@infodrom.org> - klogd will reconnect to the logger (mostly syslogd) after it went away - On heavily loaded system syslog will not spit out error messages anymore when recvfrom() results in EAGAIN - Makefile improvements - Local copy of module.h - Improved sysklogd.8 - Always log with syslogd's timezone and locale - Remove trailing newline when forwarding messages . Jon Burgess <Jon_Burgess@eur.3com.com> - Moved the installation of the signal handler up a little bit so it guaranteed to be available when the child is forked, hence, fixing a race condition. This used to create problems with UML and fast machines. . Greg Trounson <gregt@maths.otago.ac.nz> - Improved README.linux . Ulf H
The sysklogd package, unfortunately, does not have a lot of development activity. There has not been a new version released since 2001-03-11 (wow). The development team has been making changes (very minimal) to the CVS tree, and seems to be content with distribution maintainers managing the patches themselves. On that note, I think it's time Gentoo ramped up its version to get the latest code. Here's what I did: - Made a diff off of sysklogd CVS getting us to version 1.4.2 affectively. - Removed mips patch (it's in the official tree now.) - Converted 2.6-headers patch to querymod patch, it's real name, and stripped it down to the necessities. - Added 3 security patches from CAEN/OWL. - Made everything place nicely together. This takes care of a whole bunch of minor security fixes to 1.4.1 and a lot of header fixes. We still need the SO_BSDCOMPAT patch, unfortunately. I am hoping that this also solves the ppc64 issues described in Bug 88099. I don't have ppc64 to test on, so I am CC'ing the people involved in that bug so they can try this. Enclosed are the new patch files and a patch against the latest ebuild. If this is well-received, I'll update the init scripts to support the drop priv and bind address patches from CAEN/OWL. There's quite a few fixes in 1.4.2, so I'll include the list here (from CVS/CHANGES): . Dmitry V. Levin <ldv@altlinux.org> - Close file descriptor in FindSymbolFile() in ksym.c in order not to leak file descriptors. . Solar Designer <solar@openwall.com> - improve crunch_list() - Prevent potential buffer overflow in reading messages from the kernel log ringbuffer. - Ensure that "len" is not placed in a register, and that the endtty() signal handler is not installed too early which could cause a segmentation fault or worse. . Steve Grubb <linux_4ever@yahoo.com> - fix memory calculation in crunch_list() . Martin Schulze <joey@infodrom.org> - klogd will reconnect to the logger (mostly syslogd) after it went away - On heavily loaded system syslog will not spit out error messages anymore when recvfrom() results in EAGAIN - Makefile improvements - Local copy of module.h - Improved sysklogd.8 - Always log with syslogd's timezone and locale - Remove trailing newline when forwarding messages . Jon Burgess <Jon_Burgess@eur.3com.com> - Moved the installation of the signal handler up a little bit so it guaranteed to be available when the child is forked, hence, fixing a race condition. This used to create problems with UML and fast machines. . Greg Trounson <gregt@maths.otago.ac.nz> - Improved README.linux . Ulf Härnhammar <Ulf.Harnhammar.9485@student.uu.se> - Bondary check for fscanf() in InitKsyms() and CheckMapVersion() . Colin Phipps <cph@cph.demon.co.uk> - Don't block on the network socket in case of package los . Dirk Mueller <mueller@kde.org> - Don't crash when filesize limit is reached (e.g. without LFS)
Created attachment 70905 [details, diff] sysklogd-1.4.1-cvs-20051017.patch
Created attachment 70906 [details, diff] sysklogd-1.4.1-caen-owl-syslogd-bind.diff
Created attachment 70907 [details, diff] sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff
Created attachment 70908 [details, diff] sysklogd-1.4.1-caen-owl-klogd-drop-root.diff
Created attachment 70909 [details, diff] sysklogd-1.4.1-querymod.patch
Created attachment 70910 [details, diff] sysklogd-1.4.1-querymod.patch
Created attachment 70912 [details, diff] sysklogd-1.4.1-r11.ebuild.diff Attachment had the wrong name.
This updated ebuild solved a build error with linux-headers2.6.11-r2 during my GCC 3.3 -> GCC 3.4 migration for me. It should be added to the tree.
Ok, I finally decided to just go an add the new ebuild and patches to CVS. Please provide feedback.
No complaints, bug is closed.