syslogd: Ignore getaddrinfo() errors if -ss is specified

This can arise if the jail doesn't have networking configured, and if -ss is specified, syslogd won't listen on port 514 anyway. Add a regression test case for this as well. PR: 238006 MFC after: 1 month
2024-11-22 19:31:08 +01:00 · 2024-09-19 10:00:33 +00:00 · 2024-09-19 10:00:33 +00:00 · 5d045d556b
commit 5d045d556b
parent 1ae4951ba7
2 changed files with 41 additions and 1 deletions
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@ -548,6 +548,14 @@ addsock(const char *name, const char *serv, mode_t mode)
 	if (serv == NULL)
 		serv = "syslog";
 	error = getaddrinfo(name, serv, &hints, &res0);
+	if (error == EAI_NONAME && name == NULL && SecureMode > 1) {
+		/*
+		 * If we're in secure mode, we won't open inet sockets anyway.
+		 * This failure can arise legitimately when running in a jail
+		 * without networking.
+		 */
+		return;
+	}
 	if (error) {
 		asprintf(&msgbuf, "getaddrinfo failed for %s%s: %s",
 		    name == NULL ? "" : name, serv,
--- a/usr.sbin/syslogd/tests/syslogd_test.sh
+++ b/usr.sbin/syslogd/tests/syslogd_test.sh
@ -22,7 +22,13 @@ readonly SYSLOGD_LOCAL_PRIVSOCKET="${PWD}/logpriv.sock"
 # Start a private syslogd instance.
 syslogd_start()
 {
-    syslogd \
+    local jail
+
+    if [ "$1" = "-j" ]; then
+        jail="jexec $2"
+        shift 2
+    fi
+    $jail syslogd \
        -b ":${SYSLOGD_UDP_PORT}" \
        -C \
        -d \
@ -288,6 +294,31 @@ pipe_action_cleanup()
    syslogd_stop
 }

+atf_test_case "jail_noinet" "cleanup"
+jail_noinet_head()
+{
+    atf_set descr "syslogd -ss can be run in a jail without INET support"
+    atf_set require.user root
+}
+jail_noinet_body()
+{
+    local logfile
+
+    atf_check jail -c name=syslogd_noinet persist
+
+    logfile="${PWD}/jail_noinet.log"
+    printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}"
+    syslogd_start -j syslogd_noinet -ss
+
+    syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}" \
+        "hello, world"
+    atf_check -s exit:0 -o match:"test: hello, world" cat "${logfile}"
+}
+jail_noinet_cleanup()
+{
+    jail -r syslogd_noinet
+}
+
 atf_init_test_cases()
 {
    atf_add_test_case "basic"
@ -296,4 +327,5 @@ atf_init_test_cases()
    atf_add_test_case "host_filter"
    atf_add_test_case "prop_filter"
    atf_add_test_case "pipe_action"
+    atf_add_test_case "jail_noinet"
 }