See _\bs_\by_\bs_\bl_\bo_\bg_\b__\bb_\ba_\bd_\bp_\br_\bi for the list of supported syslog
priorities.
+ syslog_maxlen On many systems, syslog(3) has a relatively small log
+ buffer. IETF RFC 5424 states that syslog servers must
+ support messages of at least 480 bytes and should
+ support messages up to 2048 bytes. By default, s\bsu\bud\bdo\boe\ber\brs\bs
+ creates log messages up to 980 bytes which corresponds
+ to the historic BSD syslog implementation which used a
+ 1024 byte buffer to store the message, date, hostname
+ and program name. To prevent syslog messages from
+ being truncated, s\bsu\bud\bdo\boe\ber\brs\bs will split up log messages
+ that are larger than _\bs_\by_\bs_\bl_\bo_\bg_\b__\bm_\ba_\bx_\bl_\be_\bn bytes. When a
+ message is split, additional parts will include the
+ string ``(command continued)'' after the user name and
+ before the continued command line arguments.
+
+ This setting is only supported by version 1.8.19 or
+ higher.
+
sudoers_locale Locale to use when parsing the sudoers file, logging
commands, and sending email. Note that changing the
locale may affect how sudoers is interpreted. Defaults
N\bNo\bot\bte\bes\bs o\bon\bn l\blo\bog\bgg\bgi\bin\bng\bg v\bvi\bia\ba s\bsy\bys\bsl\blo\bog\bg
By default, s\bsu\bud\bdo\boe\ber\brs\bs logs messages via syslog(3). The _\bd_\ba_\bt_\be, _\bh_\bo_\bs_\bt_\bn_\ba_\bm_\be, and
- _\bp_\br_\bo_\bg_\bn_\ba_\bm_\be fields are added by the syslog daemon, not s\bsu\bud\bdo\boe\ber\brs\bs itself. As
- such, they may vary in format on different systems.
+ _\bp_\br_\bo_\bg_\bn_\ba_\bm_\be fields are added by the system's s\bsy\bys\bsl\blo\bog\bg() function, not s\bsu\bud\bdo\boe\ber\brs\bs
+ itself. As such, they may vary in format on different systems.
- On most systems, syslog(3) has a relatively small log buffer. To prevent
- the command line arguments from being truncated, s\bsu\bud\bdo\boe\ber\brs\bs will split up
- log messages that are larger than 960 characters (not including the date,
- hostname, and the string ``sudo''). When a message is split, additional
- parts will include the string ``(command continued)'' after the user name
- and before the continued command line arguments.
+ The maximum size of syslog messages varies from system to system. The
+ _\bs_\by_\bs_\bl_\bo_\bg_\b__\bm_\ba_\bx_\bl_\be_\bn setting can be used to change the maximum syslog message
+ size from the default value of 980 bytes. For more information, see the
+ description of _\bs_\by_\bs_\bl_\bo_\bg_\b__\bm_\ba_\bx_\bl_\be_\bn.
N\bNo\bot\bte\bes\bs o\bon\bn l\blo\bog\bgg\bgi\bin\bng\bg t\bto\bo a\ba f\bfi\bil\ble\be
If the _\bl_\bo_\bg_\bf_\bi_\bl_\be option is set, s\bsu\bud\bdo\boe\ber\brs\bs will log to a local file, such as
file distributed with s\bsu\bud\bdo\bo or https://www.sudo.ws/license.html for
complete details.
-Sudo 1.8.18 August 31, 2016 Sudo 1.8.18
+Sudo 1.8.18 October 18, 2016 Sudo 1.8.18
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.TH "SUDOERS" "5" "August 31, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "5" "October 18, 2016" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh
.if n .ad l
.SH "NAME"
\fIsyslog_badpri\fR
for the list of supported syslog priorities.
.TP 18n
+syslog_maxlen
+On many systems,
+syslog(3)
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+\fBsudoers\fR
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+\fBsudoers\fR
+will split up log messages that are larger than
+\fIsyslog_maxlen\fR
+bytes.
+When a message is split, additional parts will include the string
+\(Lq(command continued)\(Rq
+after the user name and before the continued command line arguments.
+.sp
+This setting is only supported by version 1.8.19 or higher.
+.TP 18n
sudoers_locale
Locale to use when parsing the sudoers file, logging commands, and
sending email.
\fIhostname\fR,
and
\fIprogname\fR
-fields are added by the syslog daemon, not
+fields are added by the system's
+\fBsyslog\fR()
+function, not
\fBsudoers\fR
itself.
As such, they may vary in format on different systems.
.PP
-On most systems,
-syslog(3)
-has a relatively small log buffer.
-To prevent the command line arguments from being truncated,
-\fBsudoers\fR
-will split up log messages that are larger than 960 characters
-(not including the date, hostname, and the string
-\(Lqsudo\(Rq).
-When a message is split, additional parts will include the string
-\(Lq(command continued)\(Rq
-after the user name and before the continued command line arguments.
+The maximum size of syslog messages varies from system to system.
+The
+\fIsyslog_maxlen\fR
+setting can be used to change the maximum syslog message size
+from the default value of 980 bytes.
+For more information, see the description of
+\fIsyslog_maxlen\fR.
.SS "Notes on logging to a file"
If the
\fIlogfile\fR
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.Dd August 31, 2016
+.Dd October 18, 2016
.Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
See
.Em syslog_badpri
for the list of supported syslog priorities.
+.It syslog_maxlen
+On many systems,
+.Xr syslog 3
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+.Nm
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+.Nm
+will split up log messages that are larger than
+.Em syslog_maxlen
+bytes.
+When a message is split, additional parts will include the string
+.Dq Pq command continued
+after the user name and before the continued command line arguments.
+.Pp
+This setting is only supported by version 1.8.19 or higher.
.It sudoers_locale
Locale to use when parsing the sudoers file, logging commands, and
sending email.
.Em hostname ,
and
.Em progname
-fields are added by the syslog daemon, not
-.Nm sudoers
+fields are added by the system's
+.Fn syslog
+function, not
+.Nm
itself.
As such, they may vary in format on different systems.
.Pp
-On most systems,
-.Xr syslog 3
-has a relatively small log buffer.
-To prevent the command line arguments from being truncated,
-.Nm
-will split up log messages that are larger than 960 characters
-(not including the date, hostname, and the string
-.Dq sudo ) .
-When a message is split, additional parts will include the string
-.Dq Pq command continued
-after the user name and before the continued command line arguments.
+The maximum size of syslog messages varies from system to system.
+The
+.Em syslog_maxlen
+setting can be used to change the maximum syslog message size
+from the default value of 980 bytes.
+For more information, see the description of
+.Em syslog_maxlen .
.Ss Notes on logging to a file
If the
.Em logfile
"match_group_by_gid", T_FLAG,
N_("Resolve groups in sudoers and match on the group ID, not the name"),
NULL,
+ }, {
+ "syslog_maxlen", T_UINT,
+ N_("Log entries larger than this value will be split into multiple syslog messages"),
+ NULL,
}, {
NULL, 0, NULL
}
#define def_ignore_logfile_errors (sudo_defs_table[I_IGNORE_LOGFILE_ERRORS].sd_un.flag)
#define I_MATCH_GROUP_BY_GID 98
#define def_match_group_by_gid (sudo_defs_table[I_MATCH_GROUP_BY_GID].sd_un.flag)
+#define I_SYSLOG_MAXLEN 99
+#define def_syslog_maxlen (sudo_defs_table[I_SYSLOG_MAXLEN].sd_un.uival)
enum def_tuple {
never,
match_group_by_gid
T_FLAG
"Resolve groups in sudoers and match on the group ID, not the name"
+syslog_maxlen
+ T_UINT
+ "Log entries larger than this value will be split into multiple syslog messages"
goto oom;
def_set_utmp = true;
def_pam_setcred = true;
+ def_syslog_maxlen = MAXSYSLOGLEN;
/* Reset the locale. */
if (!firsttime) {
static void
mysyslog(int pri, const char *fmt, ...)
{
- char buf[MAXSYSLOGLEN+1];
+ char *buf;
va_list ap;
debug_decl(mysyslog, SUDOERS_DEBUG_LOGGING)
va_start(ap, fmt);
openlog("sudo", 0, def_syslog);
- vsnprintf(buf, sizeof(buf), fmt, ap);
- syslog(pri, "%s", buf);
+ if (vasprintf(&buf, fmt, ap) == -1) {
+ sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+ } else {
+ syslog(pri, "%s", buf);
+ free(buf);
+ }
va_end(ap);
closelog();
debug_return;
/*
* Log a message to syslog, pre-pending the username and splitting the
- * message into parts if it is longer than MAXSYSLOGLEN.
+ * message into parts if it is longer than syslog_maxlen.
*/
static void
do_syslog(int pri, char *msg)
* Log the full line, breaking into multiple syslog(3) calls if necessary
*/
fmt = _("%8s : %s");
- maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
+ maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
for (p = msg; *p != '\0'; ) {
len = strlen(p);
if (len > maxlen) {
p += len;
}
fmt = _("%8s : (command continued) %s");
- maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
+ maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
}
sudoers_setlocale(oldlocale, NULL);
projects / sudo / commitdiff