1#- 2# SPDX-License-Identifier: BSD-2-Clause 3# 4# Copyright (c) 2021, 2023 The FreeBSD Foundation 5# Copyright (c) 2024 Mark Johnston <markj@FreeBSD.org> 6# 7# This software was developed by Mark Johnston under sponsorship from 8# the FreeBSD Foundation. 9# 10# This software was developed by Jake Freeland under sponsorship from 11# the FreeBSD Foundation. 12# 13 14# Tests to-do: 15# actions: users 16 17. $(atf_get_srcdir)/syslogd_test_common.sh 18 19atf_test_case "unix" "cleanup" 20unix_head() 21{ 22 atf_set descr "Messages are logged over UNIX transport" 23} 24unix_body() 25{ 26 local logfile="${PWD}/unix.log" 27 28 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 29 syslogd_start 30 31 syslogd_log -p user.debug -t unix -h "${SYSLOGD_LOCAL_SOCKET}" \ 32 "hello, world (unix)" 33 atf_check -s exit:0 -o match:"unix: hello, world \(unix\)" \ 34 tail -n 1 "${logfile}" 35} 36unix_cleanup() 37{ 38 syslogd_stop 39} 40 41atf_test_case "inet" "cleanup" 42inet_head() 43{ 44 atf_set descr "Messages are logged over INET transport" 45} 46inet_body() 47{ 48 local logfile="${PWD}/inet.log" 49 50 [ "$(sysctl -n kern.features.inet)" != "1" ] && 51 atf_skip "Kernel does not support INET" 52 53 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 54 syslogd_start 55 56 # We have INET transport; make sure we can use it. 57 syslogd_log -4 -p user.debug -t inet -h 127.0.0.1 -P "${SYSLOGD_UDP_PORT}" \ 58 "hello, world (v4)" 59 atf_check -s exit:0 -o match:"inet: hello, world \(v4\)" \ 60 tail -n 1 "${logfile}" 61} 62inet_cleanup() 63{ 64 syslogd_stop 65} 66 67atf_test_case "inet6" "cleanup" 68inet6_head() 69{ 70 atf_set descr "Messages are logged over INET6 transport" 71} 72inet6_body() 73{ 74 local logfile="${PWD}/inet6.log" 75 76 [ "$(sysctl -n kern.features.inet6)" != "1" ] && 77 atf_skip "Kernel does not support INET6" 78 79 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 80 syslogd_start 81 82 # We have INET6 transport; make sure we can use it. 83 syslogd_log -6 -p user.debug -t unix -h ::1 -P "${SYSLOGD_UDP_PORT}" \ 84 "hello, world (v6)" 85 atf_check -s exit:0 -o match:"unix: hello, world \(v6\)" \ 86 tail -n 1 "${logfile}" 87} 88inet6_cleanup() 89{ 90 syslogd_stop 91} 92 93atf_test_case "reload" "cleanup" 94reload_head() 95{ 96 atf_set descr "SIGHUP correctly refreshes configuration" 97} 98reload_body() 99{ 100 logfile="${PWD}/reload.log" 101 printf "user.debug\t/${logfile}\n" > "${SYSLOGD_CONFIG}" 102 syslogd_start 103 104 syslogd_log -p user.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 105 "pre-reload" 106 atf_check -s exit:0 -o match:"reload: pre-reload" tail -n 1 "${logfile}" 107 108 # Override the old rule. 109 truncate -s 0 "${logfile}" 110 printf "news.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 111 syslogd_reload 112 113 syslogd_log -p user.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 114 "post-reload user" 115 syslogd_log -p news.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 116 "post-reload news" 117 atf_check -s exit:0 -o not-match:"reload: post-reload user" cat ${logfile} 118 atf_check -s exit:0 -o match:"reload: post-reload news" cat ${logfile} 119} 120reload_cleanup() 121{ 122 syslogd_stop 123} 124 125atf_test_case "prog_filter" "cleanup" 126prog_filter_head() 127{ 128 atf_set descr "Messages are only received from programs in the filter" 129} 130prog_filter_body() 131{ 132 logfile="${PWD}/prog_filter.log" 133 printf "!prog1,prog2\nuser.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 134 syslogd_start 135 136 for i in 1 2 3; do 137 syslogd_log -p user.debug -t "prog${i}" -h "${SYSLOGD_LOCAL_SOCKET}" \ 138 "hello this is prog${i}" 139 done 140 atf_check -s exit:0 -o match:"prog1: hello this is prog1" cat "${logfile}" 141 atf_check -s exit:0 -o match:"prog2: hello this is prog2" cat "${logfile}" 142 atf_check -s exit:0 -o not-match:"prog3: hello this is prog3" cat "${logfile}" 143 144 # Override the old rule. 145 truncate -s 0 ${logfile} 146 printf "!-prog1,prog2\nuser.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 147 syslogd_reload 148 149 for i in 1 2 3; do 150 syslogd_log -p user.debug -t "prog${i}" -h "${SYSLOGD_LOCAL_SOCKET}" \ 151 "hello this is prog${i}" 152 done 153 atf_check -s exit:0 -o not-match:"prog1: hello this is prog1" cat "${logfile}" 154 atf_check -s exit:0 -o not-match:"prog2: hello this is prog2" cat "${logfile}" 155 atf_check -s exit:0 -o match:"prog3: hello this is prog3" cat "${logfile}" 156} 157prog_filter_cleanup() 158{ 159 syslogd_stop 160} 161 162atf_test_case "host_filter" "cleanup" 163host_filter_head() 164{ 165 atf_set descr "Messages are only received from hostnames in the filter" 166} 167host_filter_body() 168{ 169 logfile="${PWD}/host_filter.log" 170 printf "+host1,host2\nuser.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 171 syslogd_start 172 173 for i in 1 2 3; do 174 syslogd_log -p user.debug -t "host${i}" -H "host${i}" \ 175 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host${i}" 176 done 177 atf_check -s exit:0 -o match:"host1: hello this is host1" cat "${logfile}" 178 atf_check -s exit:0 -o match:"host2: hello this is host2" cat "${logfile}" 179 atf_check -s exit:0 -o not-match:"host3: hello this is host3" cat "${logfile}" 180 181 # Override the old rule. 182 truncate -s 0 ${logfile} 183 printf "\-host1,host2\nuser.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 184 syslogd_reload 185 186 for i in 1 2 3; do 187 syslogd_log -p user.debug -t "host${i}" -H "host${i}" \ 188 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host${i}" 189 done 190 atf_check -s exit:0 -o not-match:"host1: hello this is host1" cat "${logfile}" 191 atf_check -s exit:0 -o not-match:"host2: hello this is host2" cat "${logfile}" 192 atf_check -s exit:0 -o match:"host3: hello this is host3" cat "${logfile}" 193} 194host_filter_cleanup() 195{ 196 syslogd_stop 197} 198 199atf_test_case "prop_filter" "cleanup" 200prop_filter_head() 201{ 202 atf_set descr "Messages are received based on conditions in the propery based filter" 203} 204prop_filter_body() 205{ 206 logfile="${PWD}/prop_filter.log" 207 printf ":msg,contains,\"FreeBSD\"\nuser.debug\t${logfile}\n" \ 208 > "${SYSLOGD_CONFIG}" 209 syslogd_start 210 211 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 212 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 213 atf_check -s exit:0 -o match:"prop1: FreeBSD" cat "${logfile}" 214 atf_check -s exit:0 -o not-match:"prop2: freebsd" cat "${logfile}" 215 216 truncate -s 0 ${logfile} 217 printf ":msg,!contains,\"FreeBSD\"\nuser.debug\t${logfile}\n" \ 218 > "${SYSLOGD_CONFIG}" 219 syslogd_reload 220 221 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 222 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 223 atf_check -s exit:0 -o not-match:"prop1: FreeBSD" cat "${logfile}" 224 atf_check -s exit:0 -o match:"prop2: freebsd" cat "${logfile}" 225 226 truncate -s 0 ${logfile} 227 printf ":msg,icase_contains,\"FreeBSD\"\nuser.debug\t${logfile}\n" \ 228 > "${SYSLOGD_CONFIG}" 229 syslogd_reload 230 231 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 232 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 233 atf_check -s exit:0 -o match:"prop1: FreeBSD" cat "${logfile}" 234 atf_check -s exit:0 -o match:"prop2: freebsd" cat "${logfile}" 235 236 truncate -s 0 ${logfile} 237 printf ":msg,!icase_contains,\"FreeBSD\"\nuser.debug\t${logfile}\n" \ 238 > "${SYSLOGD_CONFIG}" 239 syslogd_reload 240 241 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 242 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 243 syslogd_log -p user.debug -t "prop3" -h "${SYSLOGD_LOCAL_SOCKET}" "Solaris" 244 atf_check -s exit:0 -o not-match:"prop1: FreeBSD" cat "${logfile}" 245 atf_check -s exit:0 -o not-match:"prop2: freebsd" cat "${logfile}" 246 atf_check -s exit:0 -o match:"prop3: Solaris" cat "${logfile}" 247} 248prop_filter_cleanup() 249{ 250 syslogd_stop 251} 252 253atf_test_case "host_action" "cleanup" 254host_action_head() 255{ 256 atf_set descr "Sends a message to a specified host" 257} 258host_action_body() 259{ 260 local addr="192.0.2.100" 261 local logfile="${PWD}/host_action.log" 262 263 atf_check ifconfig lo1 create 264 atf_check ifconfig lo1 inet "${addr}/24" 265 atf_check ifconfig lo1 up 266 267 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 268 syslogd_start -b "${addr}" 269 270 printf "user.debug\t@${addr}\n" > "${SYSLOGD_CONFIG}.2" 271 syslogd_start \ 272 -f "${SYSLOGD_CONFIG}.2" \ 273 -P "${SYSLOGD_PIDFILE}.2" \ 274 -p "${SYSLOGD_LOCAL_SOCKET}.2" \ 275 -S "${SYSLOGD_LOCAL_PRIVSOCKET}.2" 276 277 syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}.2" \ 278 "message from syslogd2" 279 atf_check -s exit:0 -o match:"test: message from syslogd2" \ 280 cat "${logfile}" 281} 282host_action_cleanup() 283{ 284 syslogd_stop 285 syslogd_stop \ 286 "${SYSLOGD_PIDFILE}.2" \ 287 "${SYSLOGD_LOCAL_SOCKET}.2" \ 288 "${SYSLOGD_LOCAL_PRIVSOCKET}.2" 289 atf_check ifconfig lo1 destroy 290} 291 292atf_test_case "pipe_action" "cleanup" 293pipe_action_head() 294{ 295 atf_set descr "The pipe action evaluates provided command in sh(1)" 296} 297pipe_action_body() 298{ 299 logfile="${PWD}/pipe_action.log" 300 printf "\"While I'm digging in the tunnel, the elves will often come to me \ 301 with solutions to my problem.\"\n-Saymore Crey" > ${logfile} 302 303 printf "!pipe\nuser.debug\t| sed -i '' -e 's/Saymore Crey/Seymour Cray/g' \ 304 ${logfile}\n" > "${SYSLOGD_CONFIG}" 305 syslogd_start 306 307 syslogd_log -p user.debug -t "pipe" -h "${SYSLOGD_LOCAL_SOCKET}" \ 308 "fix spelling error" 309 atf_check -s exit:0 -o match:"Seymour Cray" cat "${logfile}" 310} 311pipe_action_cleanup() 312{ 313 syslogd_stop 314} 315 316atf_test_case "jail_noinet" "cleanup" 317jail_noinet_head() 318{ 319 atf_set descr "syslogd -ss can be run in a jail without INET support" 320 atf_set require.user root 321} 322jail_noinet_body() 323{ 324 local logfile 325 326 syslogd_mkjail syslogd_noinet 327 328 logfile="${PWD}/jail_noinet.log" 329 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 330 syslogd_start -j syslogd_noinet -s -s 331 332 syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}" \ 333 "hello, world" 334 atf_check -s exit:0 -o match:"test: hello, world" cat "${logfile}" 335} 336jail_noinet_cleanup() 337{ 338 syslogd_cleanup 339} 340 341# Create a pair of jails, connected by an epair. The idea is to run syslogd in 342# one jail (syslogd_allowed_peer), listening on 169.254.0.1, and logger(1) can 343# send messages from the other jail (syslogd_client) using source addrs 344# 169.254.0.2 or 169.254.0.3. 345allowed_peer_test_setup() 346{ 347 syslogd_check_req epair 348 349 local epair 350 351 syslogd_mkjail syslogd_allowed_peer vnet 352 syslogd_mkjail syslogd_client vnet 353 354 atf_check -o save:epair ifconfig epair create 355 epair=$(cat epair) 356 epair=${epair%%a} 357 358 atf_check ifconfig ${epair}a vnet syslogd_allowed_peer 359 atf_check ifconfig ${epair}b vnet syslogd_client 360 atf_check jexec syslogd_allowed_peer ifconfig ${epair}a inet 169.254.0.1/16 361 atf_check jexec syslogd_allowed_peer ifconfig lo0 inet 127.0.0.1/8 362 atf_check jexec syslogd_client ifconfig ${epair}b inet 169.254.0.2/16 363 atf_check jexec syslogd_client ifconfig ${epair}b alias 169.254.0.3/16 364 atf_check jexec syslogd_client ifconfig lo0 inet 127.0.0.1/8 365} 366 367allowed_peer_test_cleanup() 368{ 369 syslogd_cleanup 370} 371 372atf_test_case allowed_peer "cleanup" 373allowed_peer_head() 374{ 375 atf_set descr "syslogd -a works" 376 atf_set require.user root 377} 378allowed_peer_body() 379{ 380 local logfile 381 382 allowed_peer_test_setup 383 384 logfile="${PWD}/jail.log" 385 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 386 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32' 387 388 # Make sure that a message from 169.254.0.2:514 is logged. 389 atf_check jexec syslogd_client \ 390 logger -p user.debug -t test1 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 391 atf_check -o match:"test1: hello, world" cat "${logfile}" 392 # ... but not a message from port 515. 393 atf_check -o ignore jexec syslogd_client \ 394 logger -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 395 atf_check -o not-match:"test2: hello, world" cat "${logfile}" 396 atf_check -o ignore jexec syslogd_client \ 397 logger -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.3:515 "hello, world" 398 atf_check -o not-match:"test2: hello, world" cat "${logfile}" 399 400 syslogd_stop 401 402 # Now make sure that we can filter by port. 403 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32:515' 404 405 atf_check jexec syslogd_client \ 406 logger -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 407 atf_check -o not-match:"test3: hello, world" cat "${logfile}" 408 atf_check jexec syslogd_client \ 409 logger -p user.debug -t test4 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 410 atf_check -o match:"test4: hello, world" cat "${logfile}" 411 412 syslogd_stop 413} 414allowed_peer_cleanup() 415{ 416 allowed_peer_test_cleanup 417} 418 419atf_test_case allowed_peer_forwarding "cleanup" 420allowed_peer_forwarding_head() 421{ 422 atf_set descr "syslogd forwards messages from its listening port" 423 atf_set require.user root 424} 425allowed_peer_forwarding_body() 426{ 427 local logfile 428 429 allowed_peer_test_setup 430 431 printf "user.debug\t@169.254.0.1\n" > client_config 432 printf "mark.debug\t@169.254.0.1:515\n" >> client_config 433 syslogd_start -j syslogd_client -b 169.254.0.2:514 -f ${PWD}/client_config 434 435 logfile="${PWD}/jail.log" 436 printf "+169.254.0.2\nuser.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 437 syslogd_start -j syslogd_allowed_peer -P ${SYSLOGD_PIDFILE}.2 \ 438 -b 169.254.0.1:514 -a 169.254.0.2/32 439 440 # A message forwarded to 169.254.0.1:514 should be logged, but one 441 # forwarded to 169.254.0.1:515 should not. 442 atf_check jexec syslogd_client \ 443 logger -h 169.254.0.2 -p user.debug -t test1 "hello, world" 444 atf_check jexec syslogd_client \ 445 logger -h 169.254.0.2 -p mark.debug -t test2 "hello, world" 446 447 atf_check -o match:"test1: hello, world" cat "${logfile}" 448 atf_check -o not-match:"test2: hello, world" cat "${logfile}" 449} 450allowed_peer_forwarding_cleanup() 451{ 452 allowed_peer_test_cleanup 453} 454 455atf_test_case allowed_peer_wildcard "cleanup" 456allowed_peer_wildcard_head() 457{ 458 atf_set descr "syslogd -a works with port wildcards" 459 atf_set require.user root 460} 461allowed_peer_wildcard_body() 462{ 463 local logfile 464 465 allowed_peer_test_setup 466 467 logfile="${PWD}/jail.log" 468 printf "user.debug\t${logfile}\n" > "${SYSLOGD_CONFIG}" 469 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32:*' 470 471 # Make sure that a message from 169.254.0.2:514 is logged. 472 atf_check jexec syslogd_client \ 473 logger -p user.debug -t test1 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 474 atf_check -o match:"test1: hello, world" cat "${logfile}" 475 # ... as is a message from 169.254.0.2:515, allowed by the wildcard. 476 atf_check jexec syslogd_client \ 477 logger -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 478 atf_check -o match:"test2: hello, world" cat "${logfile}" 479 # ... but not a message from 169.254.0.3. 480 atf_check -o ignore jexec syslogd_client \ 481 logger -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.3:514 "hello, world" 482 atf_check -o not-match:"test3: hello, world" cat "${logfile}" 483 atf_check -o ignore jexec syslogd_client \ 484 logger -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.3:515 "hello, world" 485 atf_check -o not-match:"test3: hello, world" cat "${logfile}" 486 487 syslogd_stop 488} 489allowed_peer_wildcard_cleanup() 490{ 491 allowed_peer_test_cleanup 492} 493 494atf_test_case "forward" "cleanup" 495forward_head() 496{ 497 atf_set descr "syslogd forwards messages to a remote host" 498 atf_set require.user root 499} 500forward_body() 501{ 502 syslogd_check_req epair 503 504 local epair logfile 505 506 atf_check -o save:epair ifconfig epair create 507 epair=$(cat epair) 508 epair=${epair%%a} 509 510 syslogd_mkjail syslogd_server vnet 511 atf_check ifconfig ${epair}a vnet syslogd_server 512 atf_check jexec syslogd_server ifconfig ${epair}a inet 169.254.0.1/16 513 atf_check jexec syslogd_server ifconfig ${epair}a alias 169.254.0.2/16 514 atf_check jexec syslogd_server ifconfig lo0 inet 127.0.0.1/8 515 516 syslogd_mkjail syslogd_client vnet 517 atf_check ifconfig ${epair}b vnet syslogd_client 518 atf_check jexec syslogd_client ifconfig ${epair}b inet 169.254.0.3/16 519 atf_check jexec syslogd_client ifconfig lo0 inet 127.0.0.1/8 520 521 cat <<__EOF__ > ./client_config 522user.debug @169.254.0.1 523mail.debug @169.254.0.2 524ftp.debug @169.254.0.1 525__EOF__ 526 527 logfile="${PWD}/jail.log" 528 cat <<__EOF__ > ./server_config 529user.debug ${logfile} 530mail.debug ${logfile} 531ftp.debug ${logfile} 532__EOF__ 533 534 syslogd_start -j syslogd_server -f ${PWD}/server_config -b 169.254.0.1 -b 169.254.0.2 535 syslogd_start -j syslogd_client -f ${PWD}/client_config -P ${SYSLOGD_PIDFILE}.2 536 537 atf_check jexec syslogd_client \ 538 logger -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p user.debug -t test1 "hello, world" 539 atf_check jexec syslogd_client \ 540 logger -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p mail.debug -t test2 "you've got mail" 541 atf_check jexec syslogd_client \ 542 logger -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p ftp.debug -t test3 "transfer complete" 543 544 atf_check -o match:"test1: hello, world" cat "${logfile}" 545 atf_check -o match:"test2: you've got mail" cat "${logfile}" 546 atf_check -o match:"test3: transfer complete" cat "${logfile}" 547} 548forward_cleanup() 549{ 550 syslogd_cleanup 551} 552 553atf_init_test_cases() 554{ 555 atf_add_test_case "unix" 556 atf_add_test_case "inet" 557 atf_add_test_case "inet6" 558 atf_add_test_case "reload" 559 atf_add_test_case "prog_filter" 560 atf_add_test_case "host_filter" 561 atf_add_test_case "prop_filter" 562 atf_add_test_case "host_action" 563 atf_add_test_case "pipe_action" 564 atf_add_test_case "jail_noinet" 565 atf_add_test_case "allowed_peer" 566 atf_add_test_case "allowed_peer_forwarding" 567 atf_add_test_case "allowed_peer_wildcard" 568 atf_add_test_case "forward" 569} 570