Add SyslogIdentityTag

When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message.  The tag can be
configured by setting SyslogIdentityTag and defaults to none.  Setting
it to "foo" will cause logs to be tagged as "Tor-foo".  Closes: #17194.
This commit is contained in:
Peter Palfrader 2015-09-30 17:54:56 +02:00 committed by Nick Mathewson
parent 0d43a54d1c
commit 1cf0d82280
6 changed files with 25 additions and 5 deletions

7
changes/bug17194 Normal file
View File

@ -0,0 +1,7 @@
o Minor feature:
- When logging to syslog, allow a tag to be added to the syslog
identity ("Tor"), i.e. the string prepended to every log message.
The tag can be configured by setting SyslogIdentityTag and defaults
to none. Setting it to "foo" will cause logs to be tagged as
"Tor-foo".

View File

@ -580,6 +580,10 @@ GENERAL OPTIONS
If 1, Tor will overwrite logs at startup and in response to a HUP signal, If 1, Tor will overwrite logs at startup and in response to a HUP signal,
instead of appending to them. (Default: 0) instead of appending to them. (Default: 0)
[[SyslogIdentityTag]] **SyslogIdentityTag** __tag__::
When logging to syslog, adds a tag to the syslog identity such that
log entries are marked with "Tor-__tag__". (Default: none)
[[SafeLogging]] **SafeLogging** **0**|**1**|**relay**:: [[SafeLogging]] **SafeLogging** **0**|**1**|**relay**::
Tor can scrub potentially sensitive strings from log messages (e.g. Tor can scrub potentially sensitive strings from log messages (e.g.
addresses) by replacing them with the string [scrubbed]. This way logs can addresses) by replacing them with the string [scrubbed]. This way logs can

View File

@ -1099,12 +1099,19 @@ add_file_log(const log_severity_list_t *severity, const char *filename,
* Add a log handler to send messages to they system log facility. * Add a log handler to send messages to they system log facility.
*/ */
int int
add_syslog_log(const log_severity_list_t *severity) add_syslog_log(const log_severity_list_t *severity, const char* syslog_identity_tag)
{ {
logfile_t *lf; logfile_t *lf;
if (syslog_count++ == 0) if (syslog_count++ == 0) {
/* This is the first syslog. */ /* This is the first syslog. */
openlog("Tor", LOG_PID | LOG_NDELAY, LOGFACILITY); static char buf[256];
if (syslog_identity_tag) {
tor_snprintf(buf, sizeof(buf), "Tor-%s", syslog_identity_tag);
} else {
tor_snprintf(buf, sizeof(buf), "Tor");
}
openlog(buf, LOG_PID | LOG_NDELAY, LOGFACILITY);
}
lf = tor_malloc_zero(sizeof(logfile_t)); lf = tor_malloc_zero(sizeof(logfile_t));
lf->fd = -1; lf->fd = -1;

View File

@ -135,7 +135,7 @@ void add_stream_log(const log_severity_list_t *severity, const char *name,
int add_file_log(const log_severity_list_t *severity, const char *filename, int add_file_log(const log_severity_list_t *severity, const char *filename,
const int truncate); const int truncate);
#ifdef HAVE_SYSLOG_H #ifdef HAVE_SYSLOG_H
int add_syslog_log(const log_severity_list_t *severity); int add_syslog_log(const log_severity_list_t *severity, const char* syslog_identity_tag);
#endif #endif
int add_callback_log(const log_severity_list_t *severity, log_callback cb); int add_callback_log(const log_severity_list_t *severity, log_callback cb);
void logs_set_domain_logging(int enabled); void logs_set_domain_logging(int enabled);

View File

@ -312,6 +312,7 @@ static config_var_t option_vars_[] = {
V(LogMessageDomains, BOOL, "0"), V(LogMessageDomains, BOOL, "0"),
V(LogTimeGranularity, MSEC_INTERVAL, "1 second"), V(LogTimeGranularity, MSEC_INTERVAL, "1 second"),
V(TruncateLogFile, BOOL, "0"), V(TruncateLogFile, BOOL, "0"),
V(SyslogIdentityTag, STRING, NULL),
V(LongLivedPorts, CSV, V(LongLivedPorts, CSV,
"21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"), "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
VAR("MapAddress", LINELIST, AddressMap, NULL), VAR("MapAddress", LINELIST, AddressMap, NULL),
@ -4937,7 +4938,7 @@ options_init_logs(const or_options_t *old_options, or_options_t *options,
!strcasecmp(smartlist_get(elts,0), "syslog")) { !strcasecmp(smartlist_get(elts,0), "syslog")) {
#ifdef HAVE_SYSLOG_H #ifdef HAVE_SYSLOG_H
if (!validate_only) { if (!validate_only) {
add_syslog_log(severity); add_syslog_log(severity, options->SyslogIdentityTag);
} }
#else #else
log_warn(LD_CONFIG, "Syslog is not supported on this system. Sorry."); log_warn(LD_CONFIG, "Syslog is not supported on this system. Sorry.");

View File

@ -3424,6 +3424,7 @@ typedef struct {
* each log message occurs? */ * each log message occurs? */
int TruncateLogFile; /**< Boolean: Should we truncate the log file int TruncateLogFile; /**< Boolean: Should we truncate the log file
before we start writing? */ before we start writing? */
char *SyslogIdentityTag; /**< Identity tag to add for syslog logging. */
char *DebugLogFile; /**< Where to send verbose log messages. */ char *DebugLogFile; /**< Where to send verbose log messages. */
char *DataDirectory; /**< OR only: where to store long-term data. */ char *DataDirectory; /**< OR only: where to store long-term data. */