2 * Copyright (c) 2007-2011 Apple Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
24 #include <TargetConditionals.h>
34 #include <sys/socket.h>
35 #include <sys/sysctl.h>
36 #include <netinet/in.h>
37 #include <arpa/inet.h>
38 #include <mach/mach.h>
39 #include <servers/bootstrap.h>
40 #include <bootstrap_priv.h>
45 #include <asl_msg_list.h>
46 #include <asl_private.h>
49 #include <asl_store.h>
51 #include <asl_client.h>
52 #include "asl_common.h"
54 #define MOD_CASE_FOLD 'C'
56 #define MOD_SUBSTRING 'S'
57 #define MOD_PREFIX 'A'
58 #define MOD_SUFFIX 'Z'
59 #define MOD_NUMERIC 'N'
68 #define ASL_QUERY_OP_NOT 0x1000
70 #define QUERY_FLAG_SEARCH_REVERSE 0x00000001
72 #define FACILITY_CONSOLE "com.apple.console"
76 #define SEARCH_MATCH 1
78 #define PROC_NOT_FOUND -1
79 #define PROC_NOT_UNIQUE -2
84 #define forever for(;;)
86 #define SEND_FORMAT_LEGACY 0
87 #define SEND_FORMAT_ASL 1
89 #define FORMAT_RAW 0x00000100
90 #define FORMAT_LEGACY 0x00000200
91 #define FORMAT_STD 0x00000400
92 #define FORMAT_XML 0x00000800
93 #define COMPRESS_DUPS 0x00010000
95 #define EXPORT 0x00000100
97 #define ASL_FILTER_MASK_PACEWNID 0xff
98 #define ASL_FILTER_MASK_PACEWNI 0x7f
99 #define ASL_FILTER_MASK_PACEWN 0x3f
100 #define ASL_FILTER_MASK_PACEW 0x1f
101 #define ASL_FILTER_MASK_PACE 0x0f
102 #define ASL_FILTER_MASK_PAC 0x07
104 #define FETCH_BATCH 1024
105 #define MAX_RANDOM 8192
107 #define DB_SELECT_ASL 0
108 #define DB_SELECT_STORE 1
109 #define DB_SELECT_FILES 2
110 #define DB_SELECT_SYSLOGD 3
111 #define DB_SELECT_LEGACY 4
113 /* STD and BSD format messages start with 'DAY MMM DD HH:MM:SS ' timestamp */
114 #define STD_BSD_DATE_LEN 20
116 /* Max message size for direct watch */
117 #define MAX_DIRECT_SIZE 16384
119 /* Buffer for direct watch data */
120 #define DIRECT_BUF_SIZE 1024
122 static asl_file_list_t
*db_files
= NULL
;
123 static asl_store_t
*store
= NULL
;
124 static asl_file_t
*legacy
= NULL
;
125 static asl_file_t
*export
= NULL
;
126 static const char *sort_key
= NULL
;
127 static const char *sort_key_2
= NULL
;
128 static int sort_numeric
= 0;
129 static char *last_printmsg_str
= NULL
;
130 static int last_printmsg_count
= 0;
131 static const char *tfmt
= NULL
;
133 #if TARGET_OS_EMBEDDED
134 static uint32_t dbselect
= DB_SELECT_SYSLOGD
;
136 static uint32_t dbselect
= DB_SELECT_ASL
;
140 uint32_t notify_register_plain(const char *name
, int *out_token
);
142 //extern asl_msg_t *asl_msg_from_string(const char *buf);
143 //extern char *asl_list_to_string(asl_msg_list_t *list, uint32_t *outlen);
144 //extern asl_msg_list_t *asl_list_from_string(const char *buf);
145 //extern int asl_msg_cmp(asl_msg_t *a, asl_msg_t *b);
146 asl_msg_t
*_asl_server_control_query(void);
147 extern time_t asl_parse_time(const char *in
);
148 /* END PRIVATE API */
150 static mach_port_t asl_server_port
= MACH_PORT_NULL
;
152 static const char *myname
= "syslog";
155 asl_msg_list_t
*syslogd_query(asl_msg_list_t
*q
, uint64_t start
, int count
, int dir
, uint64_t *last
);
156 static void printmsg(FILE *f
, asl_msg_t
*msg
, char *fmt
, int pflags
);
161 fprintf(stderr
, "usage:\n");
162 fprintf(stderr
, "%s -s [-r host] [-l level] message...\n", myname
);
163 fprintf(stderr
, " send a message\n");
164 fprintf(stderr
, "\n");
165 fprintf(stderr
, "%s -s [-r host] -k key val [key val]...\n", myname
);
166 fprintf(stderr
, " send a message with the given keys and values\n");
167 fprintf(stderr
, "\n");
168 fprintf(stderr
, "%s -c process [filter]\n", myname
);
169 fprintf(stderr
, " get (set if filter is specified) syslog filter for process (pid or name)\n");
170 fprintf(stderr
, " level may be any combination of the characters \"p a c e w n i d\"\n");
171 fprintf(stderr
, " p = Emergency (\"Panic\")\n");
172 fprintf(stderr
, " a = Alert\n");
173 fprintf(stderr
, " c = Critical\n");
174 fprintf(stderr
, " e = Error\n");
175 fprintf(stderr
, " w = Warning\n");
176 fprintf(stderr
, " n = Notice\n");
177 fprintf(stderr
, " i = Info\n");
178 fprintf(stderr
, " d = Debug\n");
179 fprintf(stderr
, " a minus sign preceding a single letter means \"up to\" that level\n");
180 fprintf(stderr
, "\n");
181 fprintf(stderr
, "%s -config [params...]\n", myname
);
182 fprintf(stderr
, " without params, fetch and print syslogd parameters and statistics\n");
183 fprintf(stderr
, " otherwise, set or reset syslogd configuration parameters\n");
184 fprintf(stderr
, "\n");
185 fprintf(stderr
, "%s -module [name [action]]\n", myname
);
186 fprintf(stderr
, " with no name, prints configuration for all ASL output modules\n");
187 fprintf(stderr
, " with name and no action, prints configuration for named ASL output module\n");
188 fprintf(stderr
, " supported actions - module name required, use '*' (with single quotes) for all modules:\n");
189 fprintf(stderr
, " enable [01] enables (or disables with 0) named module\n");
190 fprintf(stderr
, " does not apply to com.apple.asl when '*' is used\n");
191 fprintf(stderr
, " checkpoint [file] checkpoints all files or specified file for named module\n");
192 fprintf(stderr
, "\n");
193 fprintf(stderr
, "%s [-f file...] [-d path...] [-x file] [-w [N]] [-F format] [-nocompress] [-u] [-sort key1 [key2]] [-nsort key1 [key2]] [-k key [[op] val]]... [-o -k key [[op] val]] ...]...\n", myname
);
194 fprintf(stderr
, " -f read named file[s], rather than standard log message store.\n");
195 fprintf(stderr
, " -d read all file in named directory path, rather than standard log message store.\n");
196 fprintf(stderr
, " -x export to named ASL format file, rather than printing\n");
197 fprintf(stderr
, " -w watch data store (^C to quit)\n");
198 fprintf(stderr
, " prints the last N matching lines (default 10) before waiting\n");
199 fprintf(stderr
, " \"-w all\" prints all matching lines before waiting\n");
200 fprintf(stderr
, " \"-w boot\" prints all matching lines since last system boot before waiting\n");
201 fprintf(stderr
, " -F output format may be \"std\", \"raw\", \"bsd\", or \"xml\"\n");
202 fprintf(stderr
, " format may also be a string containing variables of the form\n");
203 fprintf(stderr
, " $Key or $(Key) - use the latter for non-whitespace delimited variables\n");
204 fprintf(stderr
, " -T timestamp format may be \"sec\" (seconds), \"utc\" (UTC), or \"local\" (local timezone)\n");
205 fprintf(stderr
, " -E text encoding may be \"vis\", \"safe\", or \"none\"\n");
206 fprintf(stderr
, " -nodc no duplicate message compression\n");
207 fprintf(stderr
, " -u print timestamps using UTC (equivalent to \"-T utc\")\n");
208 fprintf(stderr
, " -sort sort messages using value for specified key1 (secondary sort by key2 if provided)\n");
209 fprintf(stderr
, " -nsort numeric sort messages using value for specified key1 (secondary sort by key2 if provided)\n");
210 fprintf(stderr
, " -k key/value match\n");
211 fprintf(stderr
, " if no operator or value is given, checks for the existence of the key\n");
212 fprintf(stderr
, " if no operator is given, default is \"%s\"\n", OP_EQ
);
213 fprintf(stderr
, " -B only process log messages since last system boot\n");
214 fprintf(stderr
, " -C alias for \"-k Facility com.apple.console\"\n");
215 fprintf(stderr
, " -o begins a new query\n");
216 fprintf(stderr
, " queries are \'OR\'ed together\n");
217 fprintf(stderr
, "operators are zero or more modifiers followed by a comparison\n");
218 fprintf(stderr
, " %s equal\n", OP_EQ
);
219 fprintf(stderr
, " %s not equal\n", OP_NE
);
220 fprintf(stderr
, " %s greater than\n", OP_GT
);
221 fprintf(stderr
, " %s greater or equal\n", OP_GE
);
222 fprintf(stderr
, " %s less than\n", OP_LT
);
223 fprintf(stderr
, " %s less or equal\n", OP_LE
);
224 fprintf(stderr
, "optional modifiers for operators\n");
225 fprintf(stderr
, " %c case-fold\n", MOD_CASE_FOLD
);
226 fprintf(stderr
, " %c regular expression\n", MOD_REGEX
);
227 fprintf(stderr
, " %c substring\n", MOD_SUBSTRING
);
228 fprintf(stderr
, " %c prefix\n", MOD_PREFIX
);
229 fprintf(stderr
, " %c suffix\n", MOD_SUFFIX
);
230 fprintf(stderr
, " %c numeric comparison\n", MOD_NUMERIC
);
234 notify_status_string(int status
)
236 if (status
== NOTIFY_STATUS_OK
) return "OK";
237 if (status
== NOTIFY_STATUS_INVALID_NAME
) return "Process not registered";
238 if (status
== NOTIFY_STATUS_NOT_AUTHORIZED
) return "Not authorized";
239 return "Operation failed";
243 asl_level_string(int level
)
245 if (level
== ASL_LEVEL_EMERG
) return ASL_STRING_EMERG
;
246 if (level
== ASL_LEVEL_ALERT
) return ASL_STRING_ALERT
;
247 if (level
== ASL_LEVEL_CRIT
) return ASL_STRING_CRIT
;
248 if (level
== ASL_LEVEL_ERR
) return ASL_STRING_ERR
;
249 if (level
== ASL_LEVEL_WARNING
) return ASL_STRING_WARNING
;
250 if (level
== ASL_LEVEL_NOTICE
) return ASL_STRING_NOTICE
;
251 if (level
== ASL_LEVEL_INFO
) return ASL_STRING_INFO
;
252 if (level
== ASL_LEVEL_DEBUG
) return ASL_STRING_DEBUG
;
257 module_control(int argc
, char *argv
[])
259 const char *val
= NULL
;
263 asl_msg_t
*ctl
= _asl_server_control_query();
266 fprintf(stderr
, "can't get status information from syslogd\n");
278 asl_out_module_t
*m
= asl_out_module_init();
279 asl_out_module_t
*x
= m
;
283 if ((argc
== 0) || (!strcmp(argv
[0], x
->name
)))
285 asl_msg_lookup(ctl
, x
->name
, &val
, NULL
);
287 if (first
== 0) printf("\n");
290 if (x
->name
== NULL
) printf("ASL out module has no name\n");
291 else printf("ASL out module: %s %s[current status: %s]\n", x
->name
, (x
->flags
& MODULE_FLAG_LOCAL
) ? "local " : "", (val
== NULL
) ? "unknown" : val
);
293 asl_out_module_print(stdout
, x
);
299 asl_msg_release(ctl
);
300 asl_out_module_free(m
);
304 /* name enable [val] */
305 /* name disable [val] */
306 if ((!strcmp(argv
[1], "enable")) || (!strcmp(argv
[1], "disable")))
313 if (!strcmp(argv
[1], "enable"))
315 if (argc
< 3) want
= 1;
316 else if (!strcmp(argv
[2], "1")) want
= 1;
317 else if (!strcmp(argv
[2], "0")) want
= 0;
320 printf("invalid value %s for %s %s - expecting 0 or 1\n", argv
[2], argv
[0], argv
[1]);
326 if (argc
< 3) want
= 0;
327 else if (!strcmp(argv
[2], "1")) want
= 0;
328 else if (!strcmp(argv
[2], "0")) want
= 1;
331 printf("invalid value %s for %s %s - expecting 0 or 1\n", argv
[2], argv
[0], argv
[1]);
336 asl_msg_lookup(ctl
, argv
[0], &val
, NULL
);
339 if (!strcmp(val
, "enabled")) status
= 1;
343 asl_msg_release(ctl
);
347 printf("internal error: want = -1\n");
353 printf("module %s is already %s\n", argv
[0], val
);
357 cm
= asl_msg_new(ASL_TYPE_MSG
);
358 asprintf(&str
, "@ %s enable %d", argv
[0], want
);
360 if ((cm
== NULL
) || (str
== NULL
))
362 fprintf(stderr
, "can't allocate memory - exiting\n");
366 ac
= asl_client_open(NULL
, NULL
, 0);
367 asl_client_set_filter(ac
, ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG
));
368 asl_msg_set_key_val(cm
, ASL_KEY_LEVEL
, "7");
369 asl_msg_set_key_val(cm
, ASL_KEY_OPTION
, "control");
370 asl_msg_set_key_val(cm
, ASL_KEY_MSG
, str
);
371 asl_client_send(ac
, cm
);
373 asl_client_release(ac
);
379 asl_msg_release(ctl
);
381 /* name checkpoint [file] */
382 if (!strcmp(argv
[1], "checkpoint"))
384 asl_msg_list_t
*q
= asl_msg_list_new();
385 asl_msg_t
*qm
= asl_msg_new(ASL_TYPE_QUERY
);
387 if ((q
== NULL
) || (qm
== NULL
))
389 fprintf(stderr
, "can't allocate memory - exiting\n");
393 asl_msg_list_append(q
, qm
);
396 asl_msg_set_key_val_op(qm
, ASL_KEY_OPTION
, "control", ASL_QUERY_OP_EQUAL
);
397 asprintf(&str
, "%s checkpoint%s%s", argv
[0], (argc
> 2) ? " " : "", (argc
> 2) ? argv
[2] : "");
398 asl_msg_set_key_val_op(qm
, "action", str
, ASL_QUERY_OP_EQUAL
);
400 asl_msg_list_t
*res
= syslogd_query((asl_msg_list_t
*)q
, 0, 0, 1, &last
);
402 asl_msg_list_release(res
);
406 printf("unknown module control: %s\n", argv
[1]);
411 procinfo(char *pname
, int *pid
, int *uid
)
414 int i
, status
, nprocs
;
416 struct kinfo_proc
*procs
, *newprocs
;
423 mib
[2] = KERN_PROC_ALL
;
427 status
= sysctl(mib
, miblen
, NULL
, &size
, NULL
, 0);
431 newprocs
= reallocf(procs
, size
);
432 if (newprocs
== NULL
)
434 if (procs
!= NULL
) free(procs
);
435 return PROC_NOT_FOUND
;
439 status
= sysctl(mib
, miblen
, procs
, &size
, NULL
, 0);
440 } while ((status
== -1) && (errno
== ENOMEM
));
444 if (procs
!= NULL
) free(procs
);
445 return PROC_NOT_FOUND
;
448 if (size
% sizeof(struct kinfo_proc
) != 0)
450 if (procs
!= NULL
) free(procs
);
451 return PROC_NOT_FOUND
;
454 if (procs
== NULL
) return PROC_NOT_FOUND
;
456 nprocs
= size
/ sizeof(struct kinfo_proc
);
460 /* Search for a pid */
461 for (i
= 0; i
< nprocs
; i
++)
463 if (*pid
== procs
[i
].kp_proc
.p_pid
)
465 *uid
= procs
[i
].kp_eproc
.e_ucred
.cr_uid
;
470 return PROC_NOT_FOUND
;
473 *pid
= PROC_NOT_FOUND
;
475 for (i
= 0; i
< nprocs
; i
++)
477 if (!strcmp(procs
[i
].kp_proc
.p_comm
, pname
))
479 if (*pid
!= PROC_NOT_FOUND
)
482 return PROC_NOT_UNIQUE
;
485 *pid
= procs
[i
].kp_proc
.p_pid
;
486 *uid
= procs
[i
].kp_eproc
.e_ucred
.cr_uid
;
491 if (*pid
== PROC_NOT_FOUND
) return PROC_NOT_FOUND
;
497 rcontrol_get_string(const char *name
, int *val
)
502 status
= notify_register_plain(name
, &t
);
503 if (status
!= NOTIFY_STATUS_OK
) return status
;
506 status
= notify_get_state(t
, &x
);
515 rcontrol_set_string(const char *name
, int filter
)
520 status
= notify_register_plain(name
, &t
);
521 if (status
!= NOTIFY_STATUS_OK
) return status
;
524 status
= notify_set_state(t
, x
);
525 notify_post(NOTIFY_RC
);
531 asl_string_to_filter(char *s
)
535 if (s
== NULL
) return 0;
536 if (s
[0] == '\0') return 0;
538 if ((s
[0] >= '0') && (s
[0] <= '9')) return ASL_FILTER_MASK(atoi(s
));
542 if ((s
[1] == 'P') || (s
[1] == 'p')) i
= ASL_LEVEL_EMERG
;
543 else if ((s
[1] == 'A') || (s
[1] == 'a')) i
= ASL_LEVEL_ALERT
;
544 else if ((s
[1] == 'C') || (s
[1] == 'c')) i
= ASL_LEVEL_CRIT
;
545 else if ((s
[1] == 'E') || (s
[1] == 'e')) i
= ASL_LEVEL_ERR
;
546 else if ((s
[1] == 'X') || (s
[1] == 'x')) i
= ASL_LEVEL_ERR
;
547 else if ((s
[1] == 'W') || (s
[1] == 'w')) i
= ASL_LEVEL_WARNING
;
548 else if ((s
[1] == 'N') || (s
[1] == 'n')) i
= ASL_LEVEL_NOTICE
;
549 else if ((s
[1] == 'I') || (s
[1] == 'i')) i
= ASL_LEVEL_INFO
;
550 else if ((s
[1] == 'D') || (s
[1] == 'd')) i
= ASL_LEVEL_DEBUG
;
551 else i
= atoi(s
+ 1);
552 f
= ASL_FILTER_MASK_UPTO(i
);
557 for (i
= 0; s
[i
] != '\0'; i
++)
559 if ((s
[i
] == 'P') || (s
[i
] == 'p')) f
|= ASL_FILTER_MASK_EMERG
;
560 else if ((s
[i
] == 'A') || (s
[i
] == 'a')) f
|= ASL_FILTER_MASK_ALERT
;
561 else if ((s
[i
] == 'C') || (s
[i
] == 'c')) f
|= ASL_FILTER_MASK_CRIT
;
562 else if ((s
[i
] == 'E') || (s
[i
] == 'e')) f
|= ASL_FILTER_MASK_ERR
;
563 else if ((s
[i
] == 'X') || (s
[i
] == 'x')) f
|= ASL_FILTER_MASK_ERR
;
564 else if ((s
[i
] == 'W') || (s
[i
] == 'w')) f
|= ASL_FILTER_MASK_WARNING
;
565 else if ((s
[i
] == 'N') || (s
[i
] == 'n')) f
|= ASL_FILTER_MASK_NOTICE
;
566 else if ((s
[i
] == 'I') || (s
[i
] == 'i')) f
|= ASL_FILTER_MASK_INFO
;
567 else if ((s
[i
] == 'D') || (s
[i
] == 'd')) f
|= ASL_FILTER_MASK_DEBUG
;
574 asl_filter_string(int f
)
576 static char str
[1024];
579 memset(str
, 0, sizeof(str
));
582 if ((f
== ASL_FILTER_MASK_PACEWNID
) != 0)
584 strcat(str
, "Emergency - Debug");
588 if ((f
== ASL_FILTER_MASK_PACEWNI
) != 0)
590 strcat(str
, "Emergency - Info");
594 if ((f
== ASL_FILTER_MASK_PACEWN
) != 0)
596 strcat(str
, "Emergency - Notice");
600 if ((f
== ASL_FILTER_MASK_PACEW
) != 0)
602 strcat(str
, "Emergency - Warning");
606 if ((f
== ASL_FILTER_MASK_PACE
) != 0)
608 strcat(str
, "Emergency - Error");
612 if ((f
== ASL_FILTER_MASK_PAC
) != 0)
614 strcat(str
, "Emergency - Critical");
618 if ((f
& ASL_FILTER_MASK_EMERG
) != 0)
620 strcat(str
, "Emergency");
624 if ((f
& ASL_FILTER_MASK_ALERT
) != 0)
626 if (i
> 0) strcat(str
, ", ");
627 strcat(str
, "Alert");
631 if ((f
& ASL_FILTER_MASK_CRIT
) != 0)
633 if (i
> 0) strcat(str
, ", ");
634 strcat(str
, "Critical");
638 if ((f
& ASL_FILTER_MASK_ERR
) != 0)
640 if (i
> 0) strcat(str
, ", ");
641 strcat(str
, "Error");
645 if ((f
& ASL_FILTER_MASK_WARNING
) != 0)
647 if (i
> 0) strcat(str
, ", ");
648 strcat(str
, "Warning");
652 if ((f
& ASL_FILTER_MASK_NOTICE
) != 0)
654 if (i
> 0) strcat(str
, ", ");
655 strcat(str
, "Notice");
659 if ((f
& ASL_FILTER_MASK_INFO
) != 0)
661 if (i
> 0) strcat(str
, ", ");
666 if ((f
& ASL_FILTER_MASK_DEBUG
) != 0)
668 if (i
> 0) strcat(str
, ", ");
669 strcat(str
, "Debug");
673 if (i
== 0) sprintf(str
, "Off");
679 rcontrol_name(pid_t pid
, uid_t uid
)
681 static char str
[1024];
683 if (pid
== RC_MASTER
) return NOTIFY_SYSTEM_MASTER
;
685 memset(str
, 0, sizeof(str
));
686 if (uid
== 0) snprintf(str
, sizeof(str
) - 1, "%s.%d", NOTIFY_PREFIX_SYSTEM
, pid
);
687 else snprintf(str
, sizeof(str
) - 1, "user.uid.%d.syslog.%d", uid
, pid
);
692 rcontrol_get(pid_t pid
, uid_t uid
)
700 status
= rcontrol_get_string(rcontrol_name(pid
, uid
), &filter
);
701 if (status
== NOTIFY_STATUS_OK
)
703 printf("Master filter mask: %s\n", asl_filter_string(filter
));
707 printf("Unable to determine master filter mask\n");
711 status
= rcontrol_get_string(rcontrol_name(pid
, uid
), &filter
);
712 if (status
== NOTIFY_STATUS_OK
)
714 printf("Process %d syslog filter mask: %s\n", pid
, asl_filter_string(filter
));
718 printf("Unable to determine syslog filter mask for pid %d\n", pid
);
723 rcontrol_set(pid_t pid
, uid_t uid
, int filter
)
728 rcname
= rcontrol_name(pid
, uid
);
732 status
= rcontrol_set_string(rcname
, filter
);
734 if (status
== NOTIFY_STATUS_OK
)
736 if (pid
== RC_MASTER
) status
= notify_post(NOTIFY_SYSTEM_MASTER
);
740 printf("Unable to set master syslog filter mask: %s\n", notify_status_string(status
));
744 status
= rcontrol_set_string(rcname
, filter
);
745 if (status
== NOTIFY_STATUS_OK
)
747 status
= notify_post(rcname
);
751 printf("Unable to set syslog filter mask for pid %d: %s\n", pid
, notify_status_string(status
));
756 rsend(asl_msg_t
*msg
, char *rhost
)
764 struct sockaddr_in dst
;
766 char myname
[MAXHOSTNAMELEN
+ 1];
768 if (msg
== NULL
) return 0;
770 h
= gethostbyname(rhost
);
771 if (h
== NULL
) return -1;
773 s
= socket(AF_INET
, SOCK_DGRAM
, IPPROTO_UDP
);
774 if (s
<= 0) return -1;
776 memset(&dst
, 0, sizeof(struct sockaddr_in
));
777 memcpy(&(dst
.sin_addr
.s_addr
), h
->h_addr_list
[0], 4);
778 dst
.sin_family
= AF_INET
;
780 dst
.sin_len
= sizeof(struct sockaddr_in
);
782 level
= ASL_LEVEL_DEBUG
;
784 val
= asl_msg_get_val_for_key(msg
, ASL_KEY_LEVEL
);
785 if (val
!= NULL
) level
= atoi(val
);
790 asprintf(×tr
, "%lu", tick
);
793 asl_msg_set_key_val(msg
, ASL_KEY_TIME
, timestr
);
797 if (gethostname(myname
, MAXHOSTNAMELEN
) == 0) asl_msg_set_key_val(msg
, ASL_KEY_HOST
, myname
);
800 str
= asl_msg_to_string((asl_msg_t
*)msg
, &len
);
801 if (str
== NULL
) return -1;
803 asprintf(&out
, "%10u %s\n", len
+1, str
);
805 if (out
== NULL
) return -1;
807 sendto(s
, out
, len
+12, 0, (const struct sockaddr
*)&dst
, sizeof(struct sockaddr_in
));
815 rlegacy(char *msg
, int level
, char *rhost
)
822 struct sockaddr_in dst
;
824 char myname
[MAXHOSTNAMELEN
+ 1];
826 if (msg
== NULL
) return 0;
828 h
= gethostbyname(rhost
);
829 if (h
== NULL
) return -1;
831 s
= socket(AF_INET
, SOCK_DGRAM
, IPPROTO_UDP
);
832 if (s
<= 0) return -1;
834 memset(&dst
, 0, sizeof(struct sockaddr_in
));
835 memcpy(&(dst
.sin_addr
.s_addr
), h
->h_addr_list
[0], 4);
836 dst
.sin_family
= AF_INET
;
838 dst
.sin_len
= sizeof(struct sockaddr_in
);
841 ltime
= ctime(&tick
);
844 gethostname(myname
, MAXHOSTNAMELEN
);
846 asprintf(&out
, "<%d>%s %s syslog[%d]: %s", level
, ltime
+4, myname
, getpid(), msg
);
848 sendto(s
, out
, len
, 0, (const struct sockaddr
*)&dst
, sizeof(struct sockaddr_in
));
860 if (s
== NULL
) return 0;
863 if ((s
[0] == '-') || (s
[0] == '+')) i
= 1;
865 if (s
[i
] == '\0') return 0;
867 for (; s
[i
] != '\0'; i
++)
869 if (!isdigit(s
[i
])) return 0;
876 asl_string_to_level(const char *s
)
878 if (s
== NULL
) return -1;
880 if ((s
[0] >= '0') && (s
[0] <= '7') && (s
[1] == '\0')) return atoi(s
);
882 if (!strncasecmp(s
, "em", 2)) return ASL_LEVEL_EMERG
;
883 else if (!strncasecmp(s
, "p", 1)) return ASL_LEVEL_EMERG
;
884 else if (!strncasecmp(s
, "a", 1)) return ASL_LEVEL_ALERT
;
885 else if (!strncasecmp(s
, "c", 1)) return ASL_LEVEL_CRIT
;
886 else if (!strncasecmp(s
, "er", 2)) return ASL_LEVEL_ERR
;
887 else if (!strncasecmp(s
, "x", 1)) return ASL_LEVEL_ERR
;
888 else if (!strncasecmp(s
, "w", 1)) return ASL_LEVEL_WARNING
;
889 else if (!strncasecmp(s
, "n", 1)) return ASL_LEVEL_NOTICE
;
890 else if (!strncasecmp(s
, "i", 1)) return ASL_LEVEL_INFO
;
891 else if (!strncasecmp(s
, "d", 1)) return ASL_LEVEL_DEBUG
;
897 asl_string_to_char_level(const char *s
)
899 if (s
== NULL
) return NULL
;
901 if ((s
[0] >= '0') && (s
[0] <= '7') && (s
[1] == '\0')) return s
;
903 if (!strncasecmp(s
, "em", 2)) return "0";
904 else if (!strncasecmp(s
, "p", 1)) return "0";
905 else if (!strncasecmp(s
, "a", 1)) return "1";
906 else if (!strncasecmp(s
, "c", 1)) return "2";
907 else if (!strncasecmp(s
, "er", 2)) return "3";
908 else if (!strncasecmp(s
, "x", 1)) return "3";
909 else if (!strncasecmp(s
, "w", 1)) return "4";
910 else if (!strncasecmp(s
, "n", 1)) return "5";
911 else if (!strncasecmp(s
, "i", 1)) return "6";
912 else if (!strncasecmp(s
, "d", 1)) return "7";
918 syslog_remote_control(int argc
, char *argv
[])
920 int pid
, uid
, status
, mask
;
922 if ((argc
< 3) || (argc
> 4))
924 fprintf(stderr
, "usage:\n");
925 fprintf(stderr
, "%s -c process [mask]\n", myname
);
926 fprintf(stderr
, " get (set if mask is specified) syslog filter mask for process (pid or name)\n");
927 fprintf(stderr
, " process may be pid or process name\n");
928 fprintf(stderr
, " use \"-c 0\" to get master syslog filter mask\n");
929 fprintf(stderr
, " use \"-c 0 off\" to disable master syslog filter mask\n");
930 fprintf(stderr
, "\n");
937 status
= PROC_NOT_FOUND
;
939 if ((!strcmp(argv
[2], "syslogd")) || (!strcmp(argv
[2], "syslog")))
941 fprintf(stderr
, "%s: does not have a filter mask\n", argv
[2]);
944 else if (_isanumber(argv
[2]) != 0)
947 status
= procinfo(NULL
, &pid
, &uid
);
951 status
= procinfo(argv
[2], &pid
, &uid
);
954 if (status
== PROC_NOT_FOUND
)
956 fprintf(stderr
, "%s: process not found\n", argv
[2]);
960 if (status
== PROC_NOT_UNIQUE
)
962 fprintf(stderr
, "%s: multiple processes found\n", argv
[2]);
963 fprintf(stderr
, "use pid to identify a process uniquely\n");
967 if (pid
== 0) pid
= RC_MASTER
;
971 if ((pid
== RC_MASTER
) && (!strcasecmp(argv
[3], "off"))) mask
= 0;
974 mask
= asl_string_to_filter(argv
[3]);
977 printf("unknown syslog mask: %s\n", argv
[3]);
982 rcontrol_set(pid
, uid
, mask
);
986 rcontrol_get(pid
, uid
);
993 syslog_send(int argc
, char *argv
[])
995 int i
, start
, kv
, len
, rfmt
, rlevel
;
998 char tmp
[64], *str
, *rhost
;
1002 rfmt
= SEND_FORMAT_LEGACY
;
1006 for (i
= 1; i
< argc
; i
++)
1008 if (!strcmp(argv
[i
], "-s")) start
= i
+1;
1009 else if (!strcmp(argv
[i
], "-k"))
1012 rfmt
= SEND_FORMAT_ASL
;
1014 else if (!strcmp(argv
[i
], "-r"))
1019 else if (!strcmp(argv
[i
], "-l"))
1021 rlevel
= asl_string_to_level(argv
[++i
]);
1024 fprintf(stderr
, "Unknown level: %s\n", argv
[i
]);
1031 asl
= asl_client_open(myname
, "syslog", 0);
1032 asl_client_set_filter(asl
, ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG
));
1034 m
= asl_msg_new(ASL_TYPE_MSG
);
1035 asl_msg_set_key_val(m
, ASL_KEY_SENDER
, myname
);
1037 sprintf(tmp
, "%d", rlevel
);
1038 asl_msg_set_key_val(m
, ASL_KEY_LEVEL
, tmp
);
1045 for (i
= start
; i
< argc
; i
++) len
+= (strlen(argv
[i
]) + 1);
1046 str
= calloc(len
+ 1, 1);
1047 if (str
== NULL
) return -1;
1049 for (i
= start
; i
< argc
; i
++)
1051 strcat(str
, argv
[i
]);
1052 if ((i
+1) < argc
) strcat(str
, " ");
1054 asl_msg_set_key_val(m
, ASL_KEY_MSG
, str
);
1058 for (i
= start
+ 1; i
< argc
; i
+= 2)
1060 if (!strcmp(argv
[i
], "-k")) i
++;
1061 asl_msg_set_key_val(m
, argv
[i
], argv
[i
+ 1]);
1062 if (!strcmp(argv
[i
], ASL_KEY_LEVEL
)) rlevel
= atoi(argv
[i
+ 1]);
1068 asl_client_send(asl
, m
);
1070 else if (rfmt
== SEND_FORMAT_ASL
)
1074 else if ((rfmt
== SEND_FORMAT_LEGACY
) && (str
!= NULL
))
1076 rlegacy(str
, rlevel
, rhost
);
1081 if (str
!= NULL
) free(str
);
1083 asl_client_release(asl
);
1089 syslog_config(int argc
, char *argv
[])
1097 const char *key
, *val
;
1101 asl_msg_t
*ctl
= _asl_server_control_query();
1104 fprintf(stderr
, "can't get status information from syslogd\n");
1108 for (x
= asl_msg_fetch(ctl
, 0, &key
, &val
, NULL
); x
!= IndexNull
; x
= asl_msg_fetch(ctl
, x
, &key
, &val
, NULL
))
1110 printf("%s %s\n", key
, val
);
1113 asl_msg_release(ctl
);
1120 fprintf(stderr
, "syslogd parameters may only be set by the superuser\n");
1124 str
= asl_string_new(0);
1125 asl_string_append(str
, "= ");
1127 for (i
= 2; i
< argc
; i
++)
1129 asl_string_append(str
, argv
[i
]);
1130 if ((i
+ 1) < argc
) asl_string_append(str
, " ");
1133 asl
= asl_client_open(myname
, "syslog", 0);
1135 m
= asl_msg_new(ASL_TYPE_MSG
);
1136 asl_msg_set_key_val(m
, ASL_KEY_LEVEL
, ASL_STRING_NOTICE
);
1137 asl_msg_set_key_val(m
, ASL_KEY_OPTION
, ASL_OPT_CONTROL
);
1138 asl_msg_set_key_val(m
, ASL_KEY_SENDER
, myname
);
1139 asl_msg_set_key_val(m
, ASL_KEY_MSG
, asl_string_bytes(str
));
1141 asl_client_send(asl
, m
);
1143 asl_string_release(str
);
1145 asl_client_release(asl
);
1151 syslog_control(int argc
, char *argv
[])
1162 fprintf(stderr
, "syslog control limited to use by superuser\n");
1166 str
= asl_string_new(0);
1167 asl_string_append(str
, "@ ");
1169 for (i
= 2; i
< argc
; i
++)
1171 asl_string_append(str
, argv
[i
]);
1172 if ((i
+ 1) < argc
) asl_string_append(str
, " ");
1175 asl
= asl_client_open(myname
, "syslog", 0);
1177 m
= asl_msg_new(ASL_TYPE_MSG
);
1178 asl_msg_set_key_val(m
, ASL_KEY_LEVEL
, ASL_STRING_NOTICE
);
1179 asl_msg_set_key_val(m
, ASL_KEY_OPTION
, ASL_OPT_CONTROL
);
1180 asl_msg_set_key_val(m
, ASL_KEY_SENDER
, myname
);
1181 asl_msg_set_key_val(m
, ASL_KEY_MSG
, asl_string_bytes(str
));
1183 asl_client_send(asl
, m
);
1185 asl_string_release(str
);
1187 asl_client_release(asl
);
1193 print_xml_header(FILE *f
)
1195 if (f
== NULL
) return;
1197 fprintf(f
, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
1198 fprintf(f
, "<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n");
1199 fprintf(f
, "<plist version=\"1.0\">\n");
1200 fprintf(f
, "<array>\n");
1204 print_xml_trailer(FILE *f
)
1206 if (f
== NULL
) return;
1208 fprintf(f
, "</array>\n");
1209 fprintf(f
, "</plist>\n");
1213 printmsg(FILE *f
, asl_msg_t
*msg
, char *fmt
, int pflags
)
1217 uint32_t encode
, len
, status
;
1225 status
= asl_file_save(export
, msg
, &xid
);
1226 if (status
!= ASL_STATUS_OK
)
1228 fprintf(stderr
, "export file write failed: %s\n", asl_core_error(status
));
1229 asl_file_close(export
);
1237 encode
= pflags
& 0x0000000f;
1239 mf
= ASL_MSG_FMT_RAW
;
1240 if (fmt
!= NULL
) mf
= (const char *)fmt
;
1241 else if (pflags
& FORMAT_STD
) mf
= ASL_MSG_FMT_STD
;
1242 else if (pflags
& FORMAT_LEGACY
) mf
= ASL_MSG_FMT_BSD
;
1243 else if (pflags
& FORMAT_XML
) mf
= ASL_MSG_FMT_XML
;
1246 str
= asl_format_message((asl_msg_t
*)msg
, mf
, tfmt
, encode
, &len
);
1247 if (str
== NULL
) return;
1249 if (pflags
& COMPRESS_DUPS
)
1251 if (last_printmsg_str
!= NULL
)
1253 if (!strcmp(str
+ STD_BSD_DATE_LEN
, last_printmsg_str
+ STD_BSD_DATE_LEN
))
1255 last_printmsg_count
++;
1260 if (last_printmsg_count
> 0)
1262 fprintf(f
, "--- last message repeated %d time%s ---\n", last_printmsg_count
, (last_printmsg_count
== 1) ? "" : "s");
1265 free(last_printmsg_str
);
1266 last_printmsg_str
= str
;
1267 last_printmsg_count
= 0;
1269 fprintf(f
, "%s", str
);
1274 last_printmsg_str
= str
;
1275 last_printmsg_count
= 0;
1277 fprintf(f
, "%s", str
);
1282 fprintf(f
, "%s", str
);
1288 store_query(asl_msg_list_t
*q
, uint64_t start
, int count
, int dir
, uint64_t *last
)
1292 uint32_t status
= asl_store_open_read(NULL
, &store
);
1293 if (status
!= 0) return NULL
;
1296 return asl_store_match(store
, q
, last
, start
, count
, 0, dir
);
1300 file_query(asl_msg_list_t
*q
, uint64_t start
, int count
, int dir
, uint64_t *last
)
1302 return asl_file_list_match(db_files
, q
, last
, start
, count
, 0, dir
);;
1306 legacy_query(asl_msg_list_t
*q
, uint64_t start
, int count
, int dir
, uint64_t *last
)
1308 return asl_file_match(legacy
, q
, last
, start
, count
, 0, dir
);
1312 syslogd_query(asl_msg_list_t
*q
, uint64_t start
, int count
, int dir
, uint64_t *last
)
1316 uint32_t len
, reslen
, status
;
1318 kern_return_t kstatus
;
1321 if (asl_server_port
== MACH_PORT_NULL
)
1323 kstatus
= bootstrap_look_up2(bootstrap_port
, ASL_SERVICE_NAME
, &asl_server_port
, 0, BOOTSTRAP_PRIVILEGED_SERVER
);
1324 if (kstatus
!= KERN_SUCCESS
)
1326 fprintf(stderr
, "query failed: can't contact syslogd\n");
1332 str
= asl_msg_list_to_string(q
, &len
);
1334 kstatus
= vm_allocate(mach_task_self(), (vm_address_t
*)&vmstr
, len
, TRUE
);
1335 if (kstatus
!= KERN_SUCCESS
)
1341 memmove(vmstr
, str
, len
);
1348 if (dir
< 0) flags
= QUERY_FLAG_SEARCH_REVERSE
;
1350 kstatus
= _asl_server_query_2(asl_server_port
, (caddr_t
)vmstr
, len
, start
, count
, flags
, (caddr_t
*)&res
, &reslen
, last
, (int *)&status
);
1352 if (res
== NULL
) return NULL
;
1353 l
= asl_msg_list_from_string(res
);
1354 vm_deallocate(mach_task_self(), (vm_address_t
)res
, reslen
);
1359 filter_and_print(asl_msg_t
*msg
, asl_msg_list_t
*ql
, FILE *f
, char *pfmt
, int pflags
)
1361 int i
, do_match
, did_match
;
1363 if (msg
== NULL
) return;
1366 if (ql
== NULL
) do_match
= 0;
1367 else if (ql
->count
== 0) do_match
= 0;
1375 for (i
= 0; (i
< ql
->count
) && (did_match
== 0); i
++)
1377 did_match
= asl_msg_cmp(ql
->msg
[i
], (asl_msg_t
*)msg
);
1381 if (did_match
!= 0) printmsg(f
, msg
, pfmt
, pflags
);
1384 #if TARGET_OS_EMBEDDED
1386 syslogd_direct_watch(FILE *f
, char *pfmt
, int pflags
, asl_msg_list_t
*ql
)
1388 struct sockaddr_in address
;
1389 int i
, bytes
, sock
, stream
, status
;
1392 socklen_t addresslength
;
1393 char *str
, buf
[DIRECT_BUF_SIZE
];
1396 if (asl_server_port
== MACH_PORT_NULL
)
1398 status
= bootstrap_look_up(bootstrap_port
, ASL_SERVICE_NAME
, &asl_server_port
);
1399 if (status
!= KERN_SUCCESS
)
1401 fprintf(stderr
, "query failed: can't contact syslogd\n");
1406 addresslength
= sizeof(address
);
1407 sock
= socket(AF_INET
, SOCK_STREAM
, 0);
1408 port
= (arc4random() % (IPPORT_HILASTAUTO
- IPPORT_HIFIRSTAUTO
)) + IPPORT_HIFIRSTAUTO
;
1410 memset(&address
, 0, addresslength
);
1411 address
.sin_addr
.s_addr
= htonl(INADDR_LOOPBACK
);
1412 address
.sin_family
= AF_INET
;
1413 address
.sin_port
= htons(port
);
1415 status
= bind(sock
, (struct sockaddr
*)&address
, sizeof(address
));
1417 for (i
= 0; (i
< MAX_RANDOM
) && (status
< 0); i
++)
1419 port
= (arc4random() % (IPPORT_HILASTAUTO
- IPPORT_HIFIRSTAUTO
)) + IPPORT_HIFIRSTAUTO
;
1420 address
.sin_port
= htons(port
);
1422 status
= bind(sock
, (struct sockaddr
*)&address
, sizeof(address
));
1427 fprintf(stderr
, "query failed: can't find a port to connect to syslogd\n");
1433 if (listen(sock
, 1) == -1)
1440 _asl_server_register_direct_watch(asl_server_port
, i
);
1442 stream
= accept(sock
, (struct sockaddr
*)&address
, &addresslength
);
1453 bytes
= recvfrom(stream
, &n
, sizeof(n
), 0, NULL
, NULL
);
1456 fprintf(stderr
, "\nrecvfrom (message length) returned %d (errno %d) - exiting\n", bytes
, errno
);
1459 else inlen
= ntohl(n
);
1461 if (inlen
== 0) continue;
1464 if (inlen
<= DIRECT_BUF_SIZE
)
1470 str
= calloc(1, inlen
+ 1);
1473 fprintf(stderr
, "\ncan't allocate memory - exiting\n");
1484 bytes
= recvfrom(stream
, str
+ n
, inlen
- n
, 0, NULL
, NULL
);
1487 fprintf(stderr
, "\nrecvfrom (message body) returned %d (errno %d) at length %d of %d - exiting\n", bytes
, errno
, n
, inlen
);
1495 fprintf(stderr
, "\ntruncated message: expected %d bytes received %d bytes\n", inlen
, n
);
1501 msg
= asl_msg_from_string(str
);
1502 if (str
!= buf
) free(str
);
1503 filter_and_print(msg
, ql
, f
, pfmt
, pflags
);
1504 asl_msg_release(msg
);
1510 address
.sin_addr
.s_addr
= 0;
1515 sort_compare_key(asl_msg_t
*a
, asl_msg_t
*b
, const char *key
)
1517 const char *va
, *vb
;
1520 if (key
== NULL
) return 0;
1522 va
= asl_msg_get_val_for_key(a
, key
);
1523 vb
= asl_msg_get_val_for_key(b
, key
);
1525 if (va
== NULL
) return -1;
1526 if (vb
== NULL
) return 1;
1528 if (sort_numeric
== 1)
1532 if (na
< nb
) return -1;
1533 if (na
> nb
) return 1;
1537 return strcmp(va
, vb
);
1541 sort_compare(const void *ap
, const void *bp
)
1546 if (sort_key
== NULL
) return 0;
1548 a
= (asl_msg_t
*)ap
;
1549 b
= (asl_msg_t
*)bp
;
1551 cmp
= sort_compare_key(a
, b
, sort_key
);
1552 if ((cmp
== 0) && (sort_key_2
!= NULL
)) cmp
= sort_compare_key(a
, b
, sort_key_2
);
1558 search_once(FILE *f
, char *pfmt
, int pflags
, asl_msg_list_t
*ql
, uint64_t qmin
, uint64_t *cmax
, uint32_t count
, uint32_t batch
, int dir
, uint32_t tail
)
1560 asl_msg_list_t
*res
;
1563 if (pflags
& FORMAT_XML
) print_xml_header(f
);
1571 if (batch
== 0) more
= 0;
1573 if ((dbselect
== DB_SELECT_ASL
) || (dbselect
== DB_SELECT_STORE
)) res
= store_query(ql
, qmin
, batch
, dir
, cmax
);
1574 else if (dbselect
== DB_SELECT_FILES
) res
= file_query(ql
, qmin
, batch
, dir
, cmax
);
1575 else if (dbselect
== DB_SELECT_SYSLOGD
) res
= syslogd_query(ql
, qmin
, batch
, dir
, cmax
);
1576 else if (dbselect
== DB_SELECT_LEGACY
) res
= legacy_query(ql
, qmin
, batch
, dir
, cmax
);
1578 if ((dir
>= 0) && (*cmax
> qmin
)) qmin
= *cmax
+ 1;
1579 else if ((dir
< 0) && (*cmax
< qmin
)) qmin
= *cmax
- 1;
1587 if ((batch
> 0) && (res
->count
< batch
)) more
= 0;
1588 total
+= res
->count
;
1589 if ((count
> 0) && (total
>= count
)) more
= 0;
1594 i
= res
->count
- tail
;
1599 if (sort_key
!= NULL
)
1601 qsort(res
->msg
, res
->count
, sizeof(asl_msg_t
*), sort_compare
);
1604 if ((f
!= NULL
) || (export
!= NULL
))
1606 for (; i
< res
->count
; i
++) printmsg(f
, res
->msg
[i
], pfmt
, pflags
);
1609 asl_msg_list_release(res
);
1613 if ((pflags
& COMPRESS_DUPS
) && (last_printmsg_count
> 0))
1615 fprintf(f
, "--- last message repeated %d time%s ---\n", last_printmsg_count
, (last_printmsg_count
== 1) ? "" : "s");
1616 free(last_printmsg_str
);
1617 last_printmsg_str
= NULL
;
1618 last_printmsg_count
= 0;
1621 if (pflags
& FORMAT_XML
) print_xml_trailer(f
);
1629 op
= ASL_QUERY_OP_NULL
;
1631 if (o
== NULL
) return op
;
1633 for (i
= 0; o
[i
] != '\0'; i
++)
1635 if (o
[i
] == MOD_CASE_FOLD
) op
|= ASL_QUERY_OP_CASEFOLD
;
1636 else if (o
[i
] == MOD_REGEX
) op
|= ASL_QUERY_OP_REGEX
;
1637 else if (o
[i
] == MOD_NUMERIC
) op
|= ASL_QUERY_OP_NUMERIC
;
1638 else if (o
[i
] == MOD_SUBSTRING
) op
|= ASL_QUERY_OP_SUBSTRING
;
1639 else if (o
[i
] == MOD_PREFIX
) op
|= ASL_QUERY_OP_PREFIX
;
1640 else if (o
[i
] == MOD_SUFFIX
) op
|= ASL_QUERY_OP_SUFFIX
;
1642 else if (!strncasecmp(o
+i
, OP_EQ
, sizeof(OP_EQ
)))
1644 op
|= ASL_QUERY_OP_EQUAL
;
1645 i
+= (sizeof(OP_EQ
) - 2);
1647 else if (!strncasecmp(o
+i
, OP_NE
, sizeof(OP_NE
)))
1649 op
|= ASL_QUERY_OP_NOT_EQUAL
;
1650 i
+= (sizeof(OP_NE
) - 2);
1652 else if (!strncasecmp(o
+i
, OP_GT
, sizeof(OP_GT
)))
1654 op
|= ASL_QUERY_OP_GREATER
;
1655 i
+= (sizeof(OP_GT
) - 2);
1657 else if (!strncasecmp(o
+i
, OP_GE
, sizeof(OP_GE
)))
1659 op
|= ASL_QUERY_OP_GREATER_EQUAL
;
1660 i
+= (sizeof(OP_GE
) - 2);
1662 else if (!strncasecmp(o
+i
, OP_LT
, sizeof(OP_LT
)))
1664 op
|= ASL_QUERY_OP_LESS
;
1665 i
+= (sizeof(OP_LT
) - 2);
1667 else if (!strncasecmp(o
+i
, OP_LE
, sizeof(OP_LE
)))
1669 op
|= ASL_QUERY_OP_LESS_EQUAL
;
1670 i
+= (sizeof(OP_LE
) - 2);
1674 fprintf(stderr
, "invalid option: %s\n", o
);
1680 if (op
& ASL_QUERY_OP_NUMERIC
)
1682 if (op
& ASL_QUERY_OP_CASEFOLD
)
1684 fprintf(stderr
, "warning: case fold modifier has no effect with numeric comparisons\n");
1685 op
&= ~ASL_QUERY_OP_CASEFOLD
;
1688 if (op
& ASL_QUERY_OP_REGEX
)
1690 fprintf(stderr
, "warning: regex modifier has no effect with numeric comparisons\n");
1691 op
&= ~ASL_QUERY_OP_REGEX
;
1694 if (op
& ASL_QUERY_OP_SUBSTRING
)
1696 fprintf(stderr
, "warning: substring modifier has no effect with numeric comparisons\n");
1697 op
&= ~ASL_QUERY_OP_SUBSTRING
;
1700 if (op
& ASL_QUERY_OP_PREFIX
)
1702 fprintf(stderr
, "warning: prefix modifier has no effect with numeric comparisons\n");
1703 op
&= ~ASL_QUERY_OP_PREFIX
;
1706 if (op
& ASL_QUERY_OP_SUFFIX
)
1708 fprintf(stderr
, "warning: suffix modifier has no effect with numeric comparisons\n");
1709 op
&= ~ASL_QUERY_OP_SUFFIX
;
1713 if (op
& ASL_QUERY_OP_REGEX
)
1715 if (op
& ASL_QUERY_OP_SUBSTRING
)
1717 fprintf(stderr
, "warning: substring modifier has no effect with regular expression comparisons\n");
1718 op
&= ~ASL_QUERY_OP_SUBSTRING
;
1721 if (op
& ASL_QUERY_OP_PREFIX
)
1723 fprintf(stderr
, "warning: prefix modifier has no effect with regular expression comparisons\n");
1724 op
&= ~ASL_QUERY_OP_PREFIX
;
1727 if (op
& ASL_QUERY_OP_SUFFIX
)
1729 fprintf(stderr
, "warning: suffix modifier has no effect with regular expression comparisons\n");
1730 op
&= ~ASL_QUERY_OP_SUFFIX
;
1738 add_op(asl_msg_t
*q
, char *key
, char *op
, char *val
, uint32_t flags
)
1743 if (key
== NULL
) return -1;
1744 if (q
== NULL
) return -1;
1747 if (strcmp(key
, ASL_KEY_TIME
) == 0)
1749 qval
= (const char *)val
;
1751 else if ((strcmp(key
, ASL_KEY_LEVEL
) == 0) && (_isanumber(val
) == 0))
1753 /* Convert level strings to numeric values */
1754 qval
= asl_string_to_char_level(val
);
1757 fprintf(stderr
, "invalid value for \"Level\"key: %s\n", val
);
1762 o
= ASL_QUERY_OP_NULL
;
1763 if (val
== NULL
) o
= ASL_QUERY_OP_TRUE
;
1768 if (o
== ASL_QUERY_OP_NULL
) return -1;
1771 fprintf(stderr
, "no value supplied for operator %s %s\n", key
, op
);
1775 if ((qval
== NULL
) && (o
& ASL_QUERY_OP_NUMERIC
) && (_isanumber(val
) == 0))
1777 fprintf(stderr
, "non-numeric value supplied for numeric operator %s %s %s\n", key
, op
, val
);
1783 if (qval
!= NULL
) asl_msg_set_key_val_op(q
, key
, qval
, o
);
1784 else asl_msg_set_key_val_op(q
, key
, val
, o
);
1790 add_db_file(const char *name
)
1795 if (dbselect
== DB_SELECT_LEGACY
)
1797 fprintf(stderr
, "syslog can only read one legacy format database\n");
1798 fprintf(stderr
, "can't combine legacy and non-legacy databases in a single search\n");
1802 /* shouldn't happen */
1803 if (name
== NULL
) return DB_SELECT_ASL
;
1806 status
= asl_file_open_read(name
, &s
);
1807 if (status
!= ASL_STATUS_OK
)
1809 fprintf(stderr
, "data store file %s open failed: %s \n", name
, asl_core_error(status
));
1815 fprintf(stderr
, "data store file %s open failed\n", name
);
1819 if (s
->flags
& ASL_FILE_FLAG_LEGACY_STORE
)
1821 if (db_files
!= NULL
)
1823 fprintf(stderr
, "syslog can only read a single legacy format database\n");
1824 fprintf(stderr
, "can't combine legacy and non-legacy databases in a single search\n");
1829 return DB_SELECT_LEGACY
;
1832 db_files
= asl_file_list_add(db_files
, s
);
1833 return DB_SELECT_FILES
;
1837 add_db_dir(const char *name
)
1840 struct dirent
*dent
;
1846 * Try opening as a data store
1848 status
= asl_store_open_read(name
, &store
);
1851 if (name
== NULL
) return DB_SELECT_ASL
;
1852 if (!strcmp(name
, PATH_ASL_STORE
)) return DB_SELECT_ASL
;
1853 return DB_SELECT_STORE
;
1857 * Open all readable files
1862 fprintf(stderr
, "%s: %s\n", name
, strerror(errno
));
1866 while ((dent
= readdir(dp
)) != NULL
)
1868 if (dent
->d_name
[0] == '.') continue;
1871 asprintf(&path
, "%s/%s", name
, dent
->d_name
);
1874 * asl_file_open_read will fail if path is NULL,
1875 * if the file is not an ASL store file,
1876 * or if it isn't readable.
1879 status
= asl_file_open_read(path
, &s
);
1880 if (path
!= NULL
) free(path
);
1881 if ((status
!= ASL_STATUS_OK
) || (s
== NULL
)) continue;
1883 db_files
= asl_file_list_add(db_files
, s
);
1888 return DB_SELECT_FILES
;
1892 main(int argc
, char *argv
[])
1895 int i
, j
, n
, watch
, status
, pflags
, iamroot
, user_tflag
, export_preserve_id
, saw_dash_d
, since_boot
;
1896 int notify_file
, notify_token
;
1897 asl_msg_list_t
*qlist
;
1900 const char *exportname
;
1901 uint32_t flags
, tail_count
, batch
, encode
;
1902 uint64_t qmin
, cmax
;
1910 batch
= FETCH_BATCH
;
1911 pflags
= FORMAT_STD
| COMPRESS_DUPS
;
1912 encode
= ASL_ENCODE_SAFE
;
1915 export_preserve_id
= 0;
1919 i
= asl_store_location();
1920 if (i
== ASL_STORE_LOCATION_MEMORY
) dbselect
= DB_SELECT_SYSLOGD
;
1922 if (getuid() == 0) iamroot
= 1;
1924 for (i
= 1; i
< argc
; i
++)
1926 if ((!strcmp(argv
[i
], "-help")) || (!strcmp(argv
[i
], "--help")))
1932 if ((!strcmp(argv
[i
], "-time")) || (!strcmp(argv
[i
], "--time")))
1935 printf("%llu\n", qmin
);
1939 if ((!strcmp(argv
[i
], "-config")) || (!strcmp(argv
[i
], "--config")))
1941 syslog_config(argc
, argv
);
1945 if ((!strcmp(argv
[i
], "-control")) || (!strcmp(argv
[i
], "--control")))
1947 syslog_control(argc
, argv
);
1951 if ((!strcmp(argv
[i
], "-module")) || (!strcmp(argv
[i
], "--module")))
1953 module_control(argc
, argv
);
1957 if (!strcmp(argv
[i
], "-s"))
1959 syslog_send(argc
, argv
);
1963 if (!strcmp(argv
[i
], "-c"))
1965 syslog_remote_control(argc
, argv
);
1970 qlist
= asl_msg_list_new();
1971 if (qlist
== NULL
) exit(1);
1975 for (i
= 1; i
< argc
; i
++)
1977 if (!strcmp(argv
[i
], "-f"))
1981 for (j
= i
+ 1; j
< argc
; j
++)
1983 if (!strcmp(argv
[j
], "-"))
1985 dbselect
= DB_SELECT_SYSLOGD
;
1989 else if (argv
[j
][0] == '-')
1995 dbselect
= add_db_file(argv
[j
]);
2001 else if (!strcmp(argv
[i
], "-d"))
2005 if (saw_dash_d
< argc
)
2007 for (j
= saw_dash_d
; j
< argc
; j
++)
2009 if (!strcmp(argv
[j
], "store"))
2011 dbselect
= add_db_dir(PATH_ASL_STORE
);
2014 else if (!strcmp(argv
[j
], "archive"))
2016 dbselect
= add_db_dir(PATH_ASL_ARCHIVE
);
2019 else if (argv
[j
][0] == '-')
2025 dbselect
= add_db_dir(argv
[j
]);
2032 fprintf(stderr
, "missing directory name following -d flag\n");
2036 else if (!strcmp(argv
[i
], "-b"))
2038 batch
= atoi(argv
[++i
]);
2040 else if (!strcmp(argv
[i
], "-B"))
2044 else if (!strcmp(argv
[i
], "-w"))
2048 if (((i
+ 1) < argc
) && (argv
[i
+ 1][0] != '-'))
2051 if (!strcmp(argv
[i
], "all"))
2053 tail_count
= (uint32_t)-1;
2055 else if (!strcmp(argv
[i
], "boot"))
2061 tail_count
= atoi(argv
[i
]);
2065 else if (!strcmp(argv
[i
], "-sort"))
2067 if (((i
+ 1) < argc
) && (argv
[i
+ 1][0] != '-'))
2072 if (((i
+ 1) < argc
) && (argv
[i
+ 1][0] != '-'))
2075 sort_key_2
= argv
[i
];
2080 sort_key
= ASL_KEY_MSG_ID
;
2085 else if (!strcmp(argv
[i
], "-nsort"))
2087 if (((i
+ 1) < argc
) && (argv
[i
+ 1][0] != '-'))
2092 if (((i
+ 1) < argc
) && (argv
[i
+ 1][0] != '-'))
2095 sort_key_2
= argv
[i
];
2100 sort_key
= ASL_KEY_MSG_ID
;
2106 else if (!strcmp(argv
[i
], "-u"))
2111 else if ((!strcmp(argv
[i
], "-x")) || (!strcmp(argv
[i
], "-X")))
2113 if ((i
+ 1) >= argc
)
2115 asl_msg_list_release(qlist
);
2120 if (!strcmp(argv
[i
], "-x")) export_preserve_id
= 1;
2122 exportname
= argv
[++i
];
2124 else if (!strcmp(argv
[i
], "-E"))
2126 if ((i
+ 1) >= argc
)
2128 asl_msg_list_release(qlist
);
2135 if (!strcmp(argv
[i
], "vis")) encode
= ASL_ENCODE_ASL
;
2136 else if (!strcmp(argv
[i
], "safe")) encode
= ASL_ENCODE_SAFE
;
2137 else if (!strcmp(argv
[i
], "xml")) encode
= ASL_ENCODE_XML
;
2138 else if (!strcmp(argv
[i
], "none")) encode
= ASL_ENCODE_NONE
;
2139 else if ((argv
[i
][0] >= '0') && (argv
[i
][0] <= '9') && (argv
[i
][1] == '\0')) encode
= atoi(argv
[i
]);
2141 else if (!strcmp(argv
[i
], "-F"))
2143 if ((i
+ 1) >= argc
)
2145 asl_msg_list_release(qlist
);
2152 if (!strcmp(argv
[i
], "raw"))
2154 pflags
= FORMAT_RAW
;
2155 if (user_tflag
== 0) tfmt
= "sec";
2157 else if (!strcmp(argv
[i
], "std"))
2159 pflags
= FORMAT_STD
| COMPRESS_DUPS
;
2161 else if (!strcmp(argv
[i
], "bsd"))
2163 pflags
= FORMAT_LEGACY
| COMPRESS_DUPS
;
2165 else if (!strcmp(argv
[i
], "xml"))
2167 pflags
= FORMAT_XML
;
2168 encode
= ASL_ENCODE_XML
;
2176 else if (!strcmp(argv
[i
], "-T"))
2178 if ((i
+ 1) >= argc
)
2180 asl_msg_list_release(qlist
);
2189 else if (!strcmp(argv
[i
], "-nodc"))
2191 pflags
= pflags
& ~COMPRESS_DUPS
;
2193 else if (!strcmp(argv
[i
], "-o"))
2199 asl_msg_list_append(qlist
, cq
);
2200 asl_msg_release(cq
);
2204 else if (!strcmp(argv
[i
], "-n"))
2206 flags
= ASL_QUERY_OP_NOT
;
2208 else if (!strcmp(argv
[i
], "-C"))
2212 asl_msg_list_append(qlist
, cq
);
2213 asl_msg_release(cq
);
2218 cq
= asl_msg_new(ASL_TYPE_QUERY
);
2219 status
= add_op(cq
, ASL_KEY_FACILITY
, OP_EQ
, FACILITY_CONSOLE
, flags
);
2220 asl_msg_list_append(qlist
, cq
);
2221 asl_msg_release(cq
);
2226 asl_msg_list_release(qlist
);
2230 else if (!strcmp(argv
[i
], "-k"))
2233 for (n
= i
; n
< argc
; n
++)
2235 if (!strcmp(argv
[n
], "-o")) break;
2236 if (!strcmp(argv
[n
], "-n")) break;
2237 if (!strcmp(argv
[n
], "-k")) break;
2240 fprintf(stderr
, "invalid sequence: -k");
2241 for (j
= i
; j
<= n
; j
++) fprintf(stderr
, " %s", argv
[j
]);
2242 fprintf(stderr
, "\n");
2255 if (cq
== NULL
) cq
= asl_msg_new(ASL_TYPE_QUERY
);
2258 if (n
== 1) status
= add_op(cq
, argv
[i
], NULL
, NULL
, flags
);
2259 else if (n
== 2) status
= add_op(cq
, argv
[i
], OP_EQ
, argv
[i
+1], flags
);
2260 else status
= add_op(cq
, argv
[i
], argv
[i
+1], argv
[i
+2], flags
);
2265 asl_msg_list_release(qlist
);
2273 fprintf(stderr
, "syslog: unknown option \"%s\"\n", argv
[i
]);
2274 fprintf(stderr
, "run \"syslog -help\" for usage\n");
2281 asl_msg_list_append(qlist
, cq
);
2282 asl_msg_release(cq
);
2291 * Catch and report some cases where watch (-w) doesn't work
2295 if (sort_key
!= NULL
)
2297 fprintf(stderr
, "Warning: -w flag has no effect with -sort flag\n");
2301 if (dbselect
== DB_SELECT_FILES
)
2303 if (saw_dash_d
== 0)
2305 fprintf(stderr
, "Warning: -w flag not supported for a set of one or more files\n");
2309 fprintf(stderr
, "Warning: directory \"%s\" is not an ASL data store\n", argv
[saw_dash_d
]);
2310 fprintf(stderr
, " -w flag not supported for a set of one or more files\n");
2317 if (exportname
!= NULL
)
2321 fprintf(stderr
, "Warning: -w flag has no effect with -x export flag\n");
2325 status
= asl_file_open_write(exportname
, 0644, -1, -1, &export
);
2326 if (status
!= ASL_STATUS_OK
)
2328 asl_msg_list_release(qlist
);
2329 fprintf(stderr
, "export file open failed: %s\n", asl_core_error(status
));
2334 * allow the string cache to be unlimited to maximize string dup compression
2335 * preserve message IDs
2337 export
->flags
= ASL_FILE_FLAG_UNLIMITED_CACHE
;
2338 if (export_preserve_id
!= 0) export
->flags
|= ASL_FILE_FLAG_PRESERVE_MSG_ID
;
2349 /* set starting point */
2350 if (since_boot
== 1)
2352 /* search back for last "BOOT_TIME (ut_type == 2) record */
2356 bt
= asl_msg_list_new();
2359 fprintf(stderr
, "\ncan't allocate memory - exiting\n");
2363 bq
= asl_msg_new(ASL_TYPE_QUERY
);
2366 fprintf(stderr
, "\ncan't allocate memory - exiting\n");
2370 asl_msg_list_append(bt
, bq
);
2371 asl_msg_release(bq
);
2373 asl_msg_set_key_val_op(bq
, "ut_type", "2", ASL_QUERY_OP_EQUAL
);
2375 search_once(NULL
, NULL
, 0, (asl_msg_list_t
*)bt
, -1, &qmin
, 1, 1, -1, 0);
2376 asl_msg_list_release(bt
);
2378 if (qmin
> 0) qmin
--;
2381 else if (watch
== 1)
2383 /* go back tail_count records from last record */
2385 search_once(NULL
, NULL
, 0, qlist
, qmin
, &cmax
, 1, 1, -1, 0);
2387 if (cmax
>= tail_count
) qmin
= cmax
- tail_count
;
2393 if ((watch
== 1) && (dbselect
== DB_SELECT_ASL
))
2395 status
= notify_register_file_descriptor("com.apple.system.logger.message", ¬ify_file
, 0, ¬ify_token
);
2396 if (status
!= NOTIFY_STATUS_OK
) notify_token
= -1;
2399 /* output should be line buffered */
2400 if (outfile
!= NULL
) setlinebuf(outfile
);
2402 search_once(outfile
, pfmt
, pflags
, qlist
, qmin
+ 1, &cmax
, 0, 0, 1, tail_count
);
2406 if (dbselect
== DB_SELECT_SYSLOGD
)
2408 #if TARGET_OS_EMBEDDED
2409 syslogd_direct_watch(outfile
, pfmt
, pflags
, qlist
);
2411 fprintf(stderr
, "Warning: -w flag cannot be used when querying syslogd directly\n");
2415 else if (notify_token
== -1)
2420 if (cmax
> qmin
) qmin
= cmax
;
2421 search_once(outfile
, pfmt
, pflags
, qlist
, qmin
+ 1, &cmax
, 0, batch
, 1, 0);
2426 while (read(notify_file
, &i
, 4) == 4)
2428 if (cmax
> qmin
) qmin
= cmax
;
2429 search_once(outfile
, pfmt
, pflags
, qlist
, qmin
+ 1, &cmax
, 0, batch
, 1, 0);
2434 if (db_files
!= NULL
) asl_file_list_close(db_files
);
2435 if (store
!= NULL
) asl_store_release(store
);
2436 if (export
!= NULL
) asl_file_release(export
);
2438 asl_msg_list_release(qlist
);
projects / apple / syslog.git / blob