You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Kaspar Brand <ht...@velox.ch> on 2012/05/30 07:50:44 UTC
Re: svn commit: r1341905 - in /httpd/httpd/trunk: CHANGES configure.in
support/suexec.c
On 23.05.2012 17:42, jorton@apache.org wrote:
> Author: jorton
> Date: Wed May 23 15:42:33 2012
> New Revision: 1341905
>
> URL: http://svn.apache.org/viewvc?rev=1341905&view=rev
> Log:
> suexec: Add support for logging to syslog as an alternative to a
> logfile.
>
> * support/suexec.c (err_output) [AP_LOG_SYSLOG]: Log to syslog.
> (main): Close syslog fd if open, before execv. Add -V output
> for AP_LOG_SYSLOG.
[...]
> @@ -137,7 +146,14 @@ static void err_output(int is_error, con
>
> static void err_output(int is_error, const char *fmt, va_list ap)
> {
> -#ifdef AP_LOG_EXEC
> +#if defined(AP_LOG_SYSLOG)
> + if (!log_open) {
> + openlog("suexec", LOG_PID, LOG_DAEMON);
> + log_open = 1;
> + }
> +
> + vsyslog(is_error ? LOG_ERR : LOG_INFO, fmt, ap);
> +#elif defined(AP_LOG_EXEC)
> time_t timevar;
> struct tm *lt;
>
Wouldn't it be preferrable to use LOG_AUTH/LOG_AUTHPRIV instead?
suexec's log messages are mostly about authorization, and sometimes
include information which should probably be hidden from the eyes of
unprivileged users.
Kaspar
Re: svn commit: r1341905 - in /httpd/httpd/trunk: CHANGES
configure.in support/suexec.c
Posted by Joe Orton <jo...@redhat.com>.
On Wed, May 30, 2012 at 07:50:44AM +0200, Kaspar Brand wrote:
> Wouldn't it be preferrable to use LOG_AUTH/LOG_AUTHPRIV instead?
> suexec's log messages are mostly about authorization, and sometimes
> include information which should probably be hidden from the eyes of
> unprivileged users.
Good point, yes - thanks! Done in r1344712.
Regards, Joe