[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Domesticating applications, OpenBSD style

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 19:35 UTC (Wed) by plundra (guest, #51099)
In reply to: Domesticating applications, OpenBSD style by dlang
Parent article: Domesticating applications, OpenBSD style

On a related note, since OpenBSD 5.6 syslog(3) uses the new syscall sendsyslog(2), no longer requiring opening /dev/log which helps when you're in a chroot or out of fds.

to post comments

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 20:01 UTC (Wed) by dlang (guest, #313) [Link] (2 responses)

how does it deliver the message? (the man page just says it delivers it directly to syslogd) does it use /dev/log but just not count it as an open file? send it over localhost? something else?

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 21:38 UTC (Wed) by plundra (guest, #51099) [Link] (1 responses)

Never looked into the details before, but as I understand it, when syslogd is started a fd is set in the kernel via an ioctl (LIOCSFD), that sendsyslog then uses, if set.

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 22:21 UTC (Wed) by dlang (guest, #313) [Link]

so it's effectively a backdoor around fd limits.

writing to /dev/log with chroot is actually better because the syslog daemon can create a /dev/log in each sandbox and tell which one was written to (as well as gathering metadata across the unix socket, something that I assume is lost when you are just writing to a magic fd)


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds