Add syslog_maxlen to control the max size of syslog messages.

2025-09-02 07:15:27 +00:00 · 2016-10-18 15:51:47 -06:00
parent f632e0a63d
commit 44c2679f83
8 changed files with 110 additions and 42 deletions
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -1642,6 +1642,23 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                       See _s_y_s_l_o_g___b_a_d_p_r_i for the list of supported syslog
                       priorities.

+     syslog_maxlen     On many systems, syslog(3) has a relatively small log
+                       buffer.  IETF RFC 5424 states that syslog servers must
+                       support messages of at least 480 bytes and should
+                       support messages up to 2048 bytes.  By default, ssuuddooeerrss
+                       creates log messages up to 980 bytes which corresponds
+                       to the historic BSD syslog implementation which used a
+                       1024 byte buffer to store the message, date, hostname
+                       and program name.  To prevent syslog messages from
+                       being truncated, ssuuddooeerrss will split up log messages
+                       that are larger than _s_y_s_l_o_g___m_a_x_l_e_n bytes.  When a
+                       message is split, additional parts will include the
+                       string ``(command continued)'' after the user name and
+                       before the continued command line arguments.
+
+                       This setting is only supported by version 1.8.19 or
+                       higher.
+
     sudoers_locale    Locale to use when parsing the sudoers file, logging
                       commands, and sending email.  Note that changing the
                       locale may affect how sudoers is interpreted.  Defaults
@@ -2027,15 +2044,13 @@ LLOOGG FFOORRMMAATT

   NNootteess oonn llooggggiinngg vviiaa ssyysslloogg
     By default, ssuuddooeerrss logs messages via syslog(3).  The _d_a_t_e, _h_o_s_t_n_a_m_e, and
-     _p_r_o_g_n_a_m_e fields are added by the syslog daemon, not ssuuddooeerrss itself.  As
-     such, they may vary in format on different systems.
+     _p_r_o_g_n_a_m_e fields are added by the system's ssyysslloogg() function, not ssuuddooeerrss
+     itself.  As such, they may vary in format on different systems.

-     On most systems, syslog(3) has a relatively small log buffer.  To prevent
-     the command line arguments from being truncated, ssuuddooeerrss will split up
-     log messages that are larger than 960 characters (not including the date,
-     hostname, and the string ``sudo'').  When a message is split, additional
-     parts will include the string ``(command continued)'' after the user name
-     and before the continued command line arguments.
+     The maximum size of syslog messages varies from system to system.  The
+     _s_y_s_l_o_g___m_a_x_l_e_n setting can be used to change the maximum syslog message
+     size from the default value of 980 bytes.  For more information, see the
+     description of _s_y_s_l_o_g___m_a_x_l_e_n.

   NNootteess oonn llooggggiinngg ttoo aa ffiillee
     If the _l_o_g_f_i_l_e option is set, ssuuddooeerrss will log to a local file, such as
@@ -2592,4 +2607,4 @@ DDIISSCCLLAAIIMMEERR
     file distributed with ssuuddoo or https://www.sudo.ws/license.html for
     complete details.

-Sudo 1.8.18                     August 31, 2016                    Sudo 1.8.18
+Sudo 1.8.18                    October 18, 2016                    Sudo 1.8.18
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -21,7 +21,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.TH "SUDOERS" "5" "August 31, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "5" "October 18, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -3367,6 +3367,28 @@ See
 \fIsyslog_badpri\fR
 for the list of supported syslog priorities.
 .TP 18n
+syslog_maxlen
+On many systems,
+syslog(3)
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+\fBsudoers\fR
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+\fBsudoers\fR
+will split up log messages that are larger than
+\fIsyslog_maxlen\fR
+bytes.
+When a message is split, additional parts will include the string
+\(Lq(command continued)\(Rq
+after the user name and before the continued command line arguments.
+.sp
+This setting is only supported by version 1.8.19 or higher.
+.TP 18n
 sudoers_locale
 Locale to use when parsing the sudoers file, logging commands, and
 sending email.
@@ -4121,22 +4143,20 @@ The
 \fIhostname\fR,
 and
 \fIprogname\fR
-fields are added by the syslog daemon, not
+fields are added by the system's
+\fBsyslog\fR()
+function, not
 \fBsudoers\fR
 itself.
 As such, they may vary in format on different systems.
 .PP
-On most systems,
-syslog(3)
-has a relatively small log buffer.
-To prevent the command line arguments from being truncated,
-\fBsudoers\fR
-will split up log messages that are larger than 960 characters
-(not including the date, hostname, and the string
-\(Lqsudo\(Rq).
-When a message is split, additional parts will include the string
-\(Lq(command continued)\(Rq
-after the user name and before the continued command line arguments.
+The maximum size of syslog messages varies from system to system.
+The
+\fIsyslog_maxlen\fR
+setting can be used to change the maximum syslog message size
+from the default value of 980 bytes.
+For more information, see the description of
+\fIsyslog_maxlen\fR.
 .SS "Notes on logging to a file"
 If the
 \fIlogfile\fR
--- a/doc/sudoers.mdoc.in
+++ b/doc/sudoers.mdoc.in
@@ -19,7 +19,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd August 31, 2016
+.Dd October 18, 2016
 .Dt SUDOERS @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -3145,6 +3145,27 @@ Defaults to
 See
 .Em syslog_badpri
 for the list of supported syslog priorities.
+.It syslog_maxlen
+On many systems,
+.Xr syslog 3
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+.Nm
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+.Nm
+will split up log messages that are larger than
+.Em syslog_maxlen
+bytes.
+When a message is split, additional parts will include the string
+.Dq Pq command continued
+after the user name and before the continued command line arguments.
+.Pp
+This setting is only supported by version 1.8.19 or higher.
 .It sudoers_locale
 Locale to use when parsing the sudoers file, logging commands, and
 sending email.
@@ -3824,22 +3845,20 @@ The
 .Em hostname ,
 and
 .Em progname
-fields are added by the syslog daemon, not
-.Nm sudoers
+fields are added by the system's
+.Fn syslog
+function, not
+.Nm
 itself.
 As such, they may vary in format on different systems.
 .Pp
-On most systems,
-.Xr syslog 3
-has a relatively small log buffer.
-To prevent the command line arguments from being truncated,
-.Nm
-will split up log messages that are larger than 960 characters
-(not including the date, hostname, and the string
-.Dq sudo ) .
-When a message is split, additional parts will include the string
-.Dq Pq command continued
-after the user name and before the continued command line arguments.
+The maximum size of syslog messages varies from system to system.
+The
+.Em syslog_maxlen
+setting can be used to change the maximum syslog message size
+from the default value of 980 bytes.
+For more information, see the description of
+.Em syslog_maxlen .
 .Ss Notes on logging to a file
 If the
 .Em logfile
--- a/plugins/sudoers/def_data.c
+++ b/plugins/sudoers/def_data.c
@@ -418,6 +418,10 @@ struct sudo_defs_types sudo_defs_table[] = {
 	"match_group_by_gid", T_FLAG,
 	N_("Resolve groups in sudoers and match on the group ID, not the name"),
 	NULL,
+    }, {
+	"syslog_maxlen", T_UINT,
+	N_("Log entries larger than this value will be split into multiple syslog messages"),
+	NULL,
    }, {
 	NULL, 0, NULL
    }
--- a/plugins/sudoers/def_data.h
+++ b/plugins/sudoers/def_data.h
@@ -196,6 +196,8 @@
 #define def_ignore_logfile_errors (sudo_defs_table[I_IGNORE_LOGFILE_ERRORS].sd_un.flag)
 #define I_MATCH_GROUP_BY_GID    98
 #define def_match_group_by_gid  (sudo_defs_table[I_MATCH_GROUP_BY_GID].sd_un.flag)
+#define I_SYSLOG_MAXLEN         99
+#define def_syslog_maxlen       (sudo_defs_table[I_SYSLOG_MAXLEN].sd_un.uival)

 enum def_tuple {
 	never,
--- a/plugins/sudoers/def_data.in
+++ b/plugins/sudoers/def_data.in
@@ -310,3 +310,6 @@ ignore_logfile_errors
 match_group_by_gid
 	T_FLAG
 	"Resolve groups in sudoers and match on the group ID, not the name"
+syslog_maxlen
+	T_UINT
+	"Log entries larger than this value will be split into multiple syslog messages"
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -559,6 +559,7 @@ init_defaults(void)
 	goto oom;
    def_set_utmp = true;
    def_pam_setcred = true;
+    def_syslog_maxlen = MAXSYSLOGLEN;

    /* Reset the locale. */
    if (!firsttime) {
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -72,14 +72,18 @@ static char *new_logline(const char *, int);
 static void
 mysyslog(int pri, const char *fmt, ...)
 {
-    char buf[MAXSYSLOGLEN+1];
+    char *buf;
    va_list ap;
    debug_decl(mysyslog, SUDOERS_DEBUG_LOGGING)

    va_start(ap, fmt);
    openlog("sudo", 0, def_syslog);
-    vsnprintf(buf, sizeof(buf), fmt, ap);
+    if (vasprintf(&buf, fmt, ap) == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    } else {
 	syslog(pri, "%s", buf);
+	free(buf);
+    }
    va_end(ap);
    closelog();
    debug_return;
@@ -87,7 +91,7 @@ mysyslog(int pri, const char *fmt, ...)

 /*
 * Log a message to syslog, pre-pending the username and splitting the
- * message into parts if it is longer than MAXSYSLOGLEN.
+ * message into parts if it is longer than syslog_maxlen.
 */
 static void
 do_syslog(int pri, char *msg)
@@ -104,7 +108,7 @@ do_syslog(int pri, char *msg)
     * Log the full line, breaking into multiple syslog(3) calls if necessary
     */
    fmt = _("%8s : %s");
-    maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
+    maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
    for (p = msg; *p != '\0'; ) {
 	len = strlen(p);
 	if (len > maxlen) {
@@ -132,7 +136,7 @@ do_syslog(int pri, char *msg)
 	    p += len;
 	}
 	fmt = _("%8s : (command continued) %s");
-	maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
+	maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
    }

    sudoers_setlocale(oldlocale, NULL);