From d6837823b0a002c9c8afb48caf3eeda5cb73f173 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 10 Sep 2013 19:16:48 +0200 Subject: BE: Log domain name to journald if available If the SSSD is compiled with journald support, then all sss_log() statements will include a new field called "SSSD_DOMAIN" that includes the domain name. Filtering only messages from the single domain is then as easy as: # journalctl SSSD_DOMAIN=foo.example.com --- src/providers/data_provider_be.c | 2 ++ src/util/server.c | 5 +++++ src/util/sss_log.c | 7 +++++++ src/util/util.h | 2 ++ 4 files changed, 16 insertions(+) diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 912b4191..ccd51b45 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -2891,6 +2891,8 @@ int main(int argc, const char *argv[]) return 2; } + setenv(SSS_DOM_ENV, be_domain, 1); + ret = die_if_parent_died(); if (ret != EOK) { /* This is not fatal, don't return */ diff --git a/src/util/server.c b/src/util/server.c index a33207b3..3dcfccaf 100644 --- a/src/util/server.c +++ b/src/util/server.c @@ -423,6 +423,11 @@ int server_setup(const char *name, int flags, setenv("_SSS_LOOPS", "NO", 0); + /* To make sure the domain cannot be set from the environment, unset the + * variable explicitly when setting up any server. Backends later set the + * value after reading domain from the configuration */ + unsetenv(SSS_DOM_ENV); + setup_signals(); /* we want default permissions on created files to be very strict, diff --git a/src/util/sss_log.c b/src/util/sss_log.c index 6b78c9d4..5be9e7f2 100644 --- a/src/util/sss_log.c +++ b/src/util/sss_log.c @@ -65,6 +65,7 @@ void sss_log(int priority, const char *format, ...) int syslog_priority; int ret; char *message; + const char *domain; va_start(ap, format); ret = vasprintf(&message, format, ap); @@ -75,8 +76,14 @@ void sss_log(int priority, const char *format, ...) return; } + domain = getenv(SSS_DOM_ENV); + if (domain == NULL) { + domain = ""; + } + syslog_priority = sss_to_syslog(priority); sd_journal_send("MESSAGE=%s", message, + "SSSD_DOMAIN=%s", domain, "PRIORITY=%i", syslog_priority, "SYSLOG_FACILITY=%i", LOG_FAC(LOG_DAEMON), "SYSLOG_IDENTIFIER=%s", debug_prg_name, diff --git a/src/util/util.h b/src/util/util.h index 18ec4176..20d230c1 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -72,6 +72,8 @@ int debug_get_level(int old_level); int debug_convert_old_level(int old_level); errno_t set_debug_file_from_fd(const int fd); +#define SSS_DOM_ENV "_SSS_DOM" + #define SSSDBG_FATAL_FAILURE 0x0010 /* level 0 */ #define SSSDBG_CRIT_FAILURE 0x0020 /* level 1 */ #define SSSDBG_OP_FAILURE 0x0040 /* level 2 */ -- cgit