1#- 2# SPDX-License-Identifier: BSD-2-Clause 3# 4# Copyright (c) 2021, 2023 The FreeBSD Foundation 5# Copyright (c) 2024 Mark Johnston <markj@FreeBSD.org> 6# 7# This software was developed by Mark Johnston under sponsorship from 8# the FreeBSD Foundation. 9# 10# This software was developed by Jake Freeland under sponsorship from 11# the FreeBSD Foundation. 12# 13 14# Tests to-do: 15# actions: users 16 17. $(atf_get_srcdir)/syslogd_test_common.sh 18 19atf_test_case "unix" "cleanup" 20unix_head() 21{ 22 atf_set descr "Messages are logged over UNIX transport" 23} 24unix_body() 25{ 26 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 27 syslogd_start 28 29 syslogd_log -p user.debug -t unix -h "${SYSLOGD_LOCAL_SOCKET}" \ 30 "hello, world (unix)" 31 syslogd_check_log "unix: hello, world \(unix\)" 32} 33unix_cleanup() 34{ 35 syslogd_stop 36} 37 38atf_test_case "inet" "cleanup" 39inet_head() 40{ 41 atf_set descr "Messages are logged over INET transport" 42} 43inet_body() 44{ 45 [ "$(sysctl -n kern.features.inet)" != "1" ] && 46 atf_skip "Kernel does not support INET" 47 48 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 49 syslogd_start 50 51 # We have INET transport; make sure we can use it. 52 syslogd_log -4 -p user.debug -t inet -h 127.0.0.1 -P "${SYSLOGD_UDP_PORT}" \ 53 "hello, world (v4)" 54 syslogd_check_log "inet: hello, world \(v4\)" 55} 56inet_cleanup() 57{ 58 syslogd_stop 59} 60 61atf_test_case "inet6" "cleanup" 62inet6_head() 63{ 64 atf_set descr "Messages are logged over INET6 transport" 65} 66inet6_body() 67{ 68 [ "$(sysctl -n kern.features.inet6)" != "1" ] && 69 atf_skip "Kernel does not support INET6" 70 71 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 72 syslogd_start 73 74 # We have INET6 transport; make sure we can use it. 75 syslogd_log -6 -p user.debug -t unix -h ::1 -P "${SYSLOGD_UDP_PORT}" \ 76 "hello, world (v6)" 77 syslogd_check_log "unix: hello, world \(v6\)" 78} 79inet6_cleanup() 80{ 81 syslogd_stop 82} 83 84atf_test_case "reload" "cleanup" 85reload_head() 86{ 87 atf_set descr "SIGHUP correctly refreshes configuration" 88} 89reload_body() 90{ 91 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 92 syslogd_start 93 94 syslogd_log -p user.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 95 "pre-reload" 96 syslogd_check_log "reload: pre-reload" 97 98 # Override the old rule. 99 printf "news.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 100 syslogd_reload 101 102 syslogd_log -p user.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 103 "post-reload user" 104 syslogd_log -p news.debug -t reload -h "${SYSLOGD_LOCAL_SOCKET}" \ 105 "post-reload news" 106 sleep 0.5 107 syslogd_check_log_nopoll "reload: post-reload news" 108 syslogd_check_log_nomatch "reload: post-reload user" 109} 110reload_cleanup() 111{ 112 syslogd_stop 113} 114 115atf_test_case "prog_filter" "cleanup" 116prog_filter_head() 117{ 118 atf_set descr "Messages are only received from programs in the filter" 119} 120prog_filter_body() 121{ 122 printf "!prog1,prog2\nuser.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 123 syslogd_start 124 125 syslogd_log -p user.debug -t "prog1" -h "${SYSLOGD_LOCAL_SOCKET}" \ 126 "hello this is prog1" 127 syslogd_check_log "prog1: hello this is prog1" 128 129 syslogd_log -p user.debug -t "prog2" -h "${SYSLOGD_LOCAL_SOCKET}" \ 130 "hello this is prog2" 131 syslogd_check_log "prog2: hello this is prog2" 132 133 syslogd_log -p user.debug -t "prog3" -h "${SYSLOGD_LOCAL_SOCKET}" \ 134 "hello this is prog3" 135 syslogd_check_log_nomatch "prog3: hello this is prog3" 136 137 # Override the old rule. 138 printf "!-prog1,prog2\nuser.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 139 syslogd_reload 140 141 syslogd_log -p user.debug -t "prog1" -h "${SYSLOGD_LOCAL_SOCKET}" \ 142 "hello this is prog1" 143 syslogd_check_log_nomatch "prog1: hello this is prog1" 144 145 syslogd_log -p user.debug -t "prog2" -h "${SYSLOGD_LOCAL_SOCKET}" \ 146 "hello this is prog2" 147 syslogd_check_log_nomatch "prog2: hello this is prog2" 148 149 syslogd_log -p user.debug -t "prog3" -h "${SYSLOGD_LOCAL_SOCKET}" \ 150 "hello this is prog3" 151 syslogd_check_log "prog3: hello this is prog3" 152} 153prog_filter_cleanup() 154{ 155 syslogd_stop 156} 157 158atf_test_case "host_filter" "cleanup" 159host_filter_head() 160{ 161 atf_set descr "Messages are only received from hostnames in the filter" 162} 163host_filter_body() 164{ 165 printf "+host1,host2\nuser.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 166 syslogd_start 167 168 syslogd_log -p user.debug -t "host1" -H "host1" \ 169 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host1" 170 syslogd_check_log "host1: hello this is host1" 171 syslogd_log -p user.debug -t "host2" -H "host2" \ 172 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host2" 173 syslogd_check_log "host2: hello this is host2" 174 syslogd_log -p user.debug -t "host3" -H "host3" \ 175 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host3" 176 syslogd_check_log_nomatch "host3: hello this is host3" 177 178 # Override the old rule. 179 printf "\-host1,host2\nuser.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 180 syslogd_reload 181 182 syslogd_log -p user.debug -t "host1" -H "host1" \ 183 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host1" 184 syslogd_check_log_nomatch "host1: hello this is host1" 185 syslogd_log -p user.debug -t "host2" -H "host2" \ 186 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host2" 187 syslogd_check_log_nomatch "host2: hello this is host2" 188 syslogd_log -p user.debug -t "host3" -H "host3" \ 189 -h "${SYSLOGD_LOCAL_SOCKET}" "hello this is host3" 190 syslogd_check_log "host3: hello this is host3" 191} 192host_filter_cleanup() 193{ 194 syslogd_stop 195} 196 197atf_test_case "prop_filter" "cleanup" 198prop_filter_head() 199{ 200 atf_set descr "Messages are received based on conditions in the propery based filter" 201} 202prop_filter_body() 203{ 204 printf ":msg,contains,\"FreeBSD\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \ 205 > "${SYSLOGD_CONFIG}" 206 syslogd_start 207 208 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 209 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 210 syslogd_check_log "prop1: FreeBSD" 211 syslogd_check_log_nomatch "prop2: freebsd" 212 213 printf ":msg,!contains,\"FreeBSD\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \ 214 > "${SYSLOGD_CONFIG}" 215 syslogd_reload 216 217 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 218 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 219 syslogd_check_log_nomatch "prop1: FreeBSD" 220 syslogd_check_log "prop2: freebsd" 221 222 printf ":msg,icase_contains,\"FreeBSD\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \ 223 > "${SYSLOGD_CONFIG}" 224 syslogd_reload 225 226 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 227 syslogd_check_log "prop1: FreeBSD" 228 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 229 syslogd_check_log "prop2: freebsd" 230 231 printf ":msg,!icase_contains,\"FreeBSD\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \ 232 > "${SYSLOGD_CONFIG}" 233 syslogd_reload 234 235 syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "FreeBSD" 236 syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "freebsd" 237 syslogd_log -p user.debug -t "prop3" -h "${SYSLOGD_LOCAL_SOCKET}" "Solaris" 238 syslogd_check_log_nomatch "prop1: FreeBSD" 239 syslogd_check_log_nomatch "prop2: freebsd" 240 syslogd_check_log "prop3: Solaris" 241} 242prop_filter_cleanup() 243{ 244 syslogd_stop 245} 246 247atf_test_case "host_action" "cleanup" 248host_action_head() 249{ 250 atf_set descr "Sends a message to a specified host" 251} 252host_action_body() 253{ 254 local addr="192.0.2.100" 255 256 atf_check ifconfig lo1 create 257 atf_check ifconfig lo1 inet "${addr}/24" 258 atf_check ifconfig lo1 up 259 260 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 261 syslogd_start -b "${addr}" 262 263 printf "user.debug\t@${addr}\n" > "${SYSLOGD_CONFIG}.2" 264 syslogd_start \ 265 -f "${SYSLOGD_CONFIG}.2" \ 266 -P "${SYSLOGD_PIDFILE}.2" \ 267 -p "${SYSLOGD_LOCAL_SOCKET}.2" \ 268 -S "${SYSLOGD_LOCAL_PRIVSOCKET}.2" 269 270 syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}.2" \ 271 "message from syslogd2" 272 syslogd_check_log "test: message from syslogd2" 273} 274host_action_cleanup() 275{ 276 syslogd_stop 277 syslogd_stop \ 278 "${SYSLOGD_PIDFILE}.2" \ 279 "${SYSLOGD_LOCAL_SOCKET}.2" \ 280 "${SYSLOGD_LOCAL_PRIVSOCKET}.2" 281 atf_check ifconfig lo1 destroy 282} 283 284atf_test_case "pipe_action" "cleanup" 285pipe_action_head() 286{ 287 atf_set descr "The pipe action evaluates provided command in sh(1)" 288} 289pipe_action_body() 290{ 291 printf "\"While I'm digging in the tunnel, the elves will often come to me \ 292 with solutions to my problem.\"\n-Saymore Crey" > testfile 293 294 printf "!pipe\nuser.debug\t| sed -i '' -e 's/Saymore Crey/Seymour Cray/g' \ 295 testfile\n" > "${SYSLOGD_CONFIG}" 296 syslogd_start 297 298 syslogd_log -p user.debug -t "pipe" -h "${SYSLOGD_LOCAL_SOCKET}" \ 299 "fix spelling error" 300 sleep 0.5 301 atf_check -o match:"Seymour Cray" cat testfile 302} 303pipe_action_cleanup() 304{ 305 syslogd_stop 306} 307 308atf_test_case "pipe_action_reload" "cleanup" 309pipe_action_reload_head() 310{ 311 atf_set descr "Pipe processes terminate gracefully on reload" 312} 313pipe_action_reload_body() 314{ 315 local pipecmd="${PWD}/pipe_cmd.sh" 316 317 cat <<__EOF__ > "${pipecmd}" 318#!/bin/sh 319echo START > ${SYSLOGD_LOGFILE} 320while read msg; do 321 echo \${msg} >> ${SYSLOGD_LOGFILE} 322done 323echo END >> ${SYSLOGD_LOGFILE} 324exit 0 325__EOF__ 326 chmod +x "${pipecmd}" 327 328 printf "!pipe\nuser.debug\t| %s\n" "${pipecmd}" > "${SYSLOGD_CONFIG}" 329 syslogd_start 330 331 syslogd_log -p user.debug -t "pipe" -h "${SYSLOGD_LOCAL_SOCKET}" "MSG" 332 atf_check pkill -HUP -F "${1:-${SYSLOGD_PIDFILE}}" 333 sleep 0.1 334 syslogd_check_log_nopoll "END" 335} 336pipe_action_reload_cleanup() 337{ 338 syslogd_stop 339} 340 341atf_test_case "jail_noinet" "cleanup" 342jail_noinet_head() 343{ 344 atf_set descr "syslogd -ss can be run in a jail without INET support" 345 atf_set require.user root 346} 347jail_noinet_body() 348{ 349 syslogd_mkjail syslogd_noinet 350 351 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 352 syslogd_start -j syslogd_noinet -s -s 353 354 syslogd_log -p user.debug -t "test" -h "${SYSLOGD_LOCAL_SOCKET}" \ 355 "hello, world" 356 syslogd_check_log "test: hello, world" 357} 358jail_noinet_cleanup() 359{ 360 syslogd_cleanup 361} 362 363# Create a pair of jails, connected by an epair. The idea is to run syslogd in 364# one jail (syslogd_allowed_peer), listening on 169.254.0.1, and logger(1) can 365# send messages from the other jail (syslogd_client) using source addrs 366# 169.254.0.2 or 169.254.0.3. 367allowed_peer_test_setup() 368{ 369 syslogd_check_req epair 370 371 local epair 372 373 syslogd_mkjail syslogd_allowed_peer vnet 374 syslogd_mkjail syslogd_client vnet 375 376 atf_check -o save:epair ifconfig epair create 377 epair=$(cat epair) 378 epair=${epair%%a} 379 380 atf_check ifconfig ${epair}a vnet syslogd_allowed_peer 381 atf_check ifconfig ${epair}b vnet syslogd_client 382 atf_check jexec syslogd_allowed_peer ifconfig ${epair}a inet 169.254.0.1/16 383 atf_check jexec syslogd_client ifconfig ${epair}b inet 169.254.0.2/16 384 atf_check jexec syslogd_client ifconfig ${epair}b alias 169.254.0.3/16 385} 386 387allowed_peer_test_cleanup() 388{ 389 syslogd_cleanup 390} 391 392atf_test_case allowed_peer "cleanup" 393allowed_peer_head() 394{ 395 atf_set descr "syslogd -a works" 396 atf_set require.user root 397} 398allowed_peer_body() 399{ 400 allowed_peer_test_setup 401 402 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 403 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32' 404 405 # Make sure that a message from 169.254.0.2:514 is logged. 406 syslogd_log_jail syslogd_client \ 407 -p user.debug -t test1 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 408 syslogd_check_log "test1: hello, world" 409 410 # ... but not a message from port 515. 411 syslogd_log_jail syslogd_client \ 412 -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 413 sleep 0.5 414 syslogd_check_log_nomatch "test2: hello, world" 415 syslogd_log_jail syslogd_client \ 416 -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.3:515 "hello, world" 417 sleep 0.5 418 syslogd_check_log_nomatch "test2: hello, world" 419 420 syslogd_stop 421 422 # Now make sure that we can filter by port. 423 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32:515' 424 425 syslogd_log_jail syslogd_client \ 426 -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 427 syslogd_check_log_nomatch "test3: hello, world" 428 syslogd_log_jail syslogd_client \ 429 -p user.debug -t test4 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 430 syslogd_check_log "test4: hello, world" 431 432 syslogd_stop 433} 434allowed_peer_cleanup() 435{ 436 allowed_peer_test_cleanup 437} 438 439atf_test_case allowed_peer_forwarding "cleanup" 440allowed_peer_forwarding_head() 441{ 442 atf_set descr "syslogd forwards messages from its listening port" 443 atf_set require.user root 444} 445allowed_peer_forwarding_body() 446{ 447 allowed_peer_test_setup 448 449 printf "user.debug\t@169.254.0.1\n" > client_config 450 printf "mark.debug\t@169.254.0.1:515\n" >> client_config 451 syslogd_start -j syslogd_client -b 169.254.0.2:514 -f ${PWD}/client_config 452 453 printf "+169.254.0.2\nuser.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 454 syslogd_start -j syslogd_allowed_peer -P ${SYSLOGD_PIDFILE}.2 \ 455 -b 169.254.0.1:514 -a 169.254.0.2/32 -p ${PWD}/peer 456 457 # A message forwarded to 169.254.0.1:514 should be logged, but one 458 # forwarded to 169.254.0.1:515 should not. 459 syslogd_log_jail syslogd_client \ 460 -h 169.254.0.2 -p user.debug -t test1 "hello, world" 461 syslogd_log_jail syslogd_client \ 462 -h 169.254.0.2 -p mark.debug -t test2 "hello, world" 463 464 syslogd_check_log "test1: hello, world" 465 syslogd_check_log_nomatch "test2: hello, world" 466} 467allowed_peer_forwarding_cleanup() 468{ 469 allowed_peer_test_cleanup 470} 471 472atf_test_case allowed_peer_wildcard "cleanup" 473allowed_peer_wildcard_head() 474{ 475 atf_set descr "syslogd -a works with port wildcards" 476 atf_set require.user root 477} 478allowed_peer_wildcard_body() 479{ 480 allowed_peer_test_setup 481 482 printf "user.debug\t${SYSLOGD_LOGFILE}\n" > "${SYSLOGD_CONFIG}" 483 syslogd_start -j syslogd_allowed_peer -b 169.254.0.1:514 -a '169.254.0.2/32:*' 484 485 # Make sure that a message from 169.254.0.2:514 is logged. 486 syslogd_log_jail syslogd_client \ 487 -p user.debug -t test1 -h 169.254.0.1 -S 169.254.0.2:514 "hello, world" 488 syslogd_check_log "test1: hello, world" 489 490 # ... as is a message from 169.254.0.2:515, allowed by the wildcard. 491 syslogd_log_jail syslogd_client \ 492 -p user.debug -t test2 -h 169.254.0.1 -S 169.254.0.2:515 "hello, world" 493 syslogd_check_log "test2: hello, world" 494 495 # ... but not a message from 169.254.0.3. 496 syslogd_log_jail syslogd_client \ 497 -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.3:514 "hello, world" 498 syslogd_check_log_nomatch "test3: hello, world" 499 syslogd_log_jail syslogd_client \ 500 -p user.debug -t test3 -h 169.254.0.1 -S 169.254.0.3:515 "hello, world" 501 syslogd_check_log_nomatch "test3: hello, world" 502 503 syslogd_stop 504} 505allowed_peer_wildcard_cleanup() 506{ 507 allowed_peer_test_cleanup 508} 509 510atf_test_case "forward" "cleanup" 511forward_head() 512{ 513 atf_set descr "syslogd forwards messages to a remote host" 514 atf_set require.user root 515} 516forward_body() 517{ 518 local epair 519 520 syslogd_check_req epair 521 522 atf_check -o save:epair ifconfig epair create 523 epair=$(cat epair) 524 epair=${epair%%a} 525 526 syslogd_mkjail syslogd_server vnet 527 atf_check ifconfig ${epair}a vnet syslogd_server 528 atf_check jexec syslogd_server ifconfig ${epair}a inet 169.254.0.1/16 529 atf_check jexec syslogd_server ifconfig ${epair}a alias 169.254.0.2/16 530 531 syslogd_mkjail syslogd_client vnet 532 atf_check ifconfig ${epair}b vnet syslogd_client 533 atf_check jexec syslogd_client ifconfig ${epair}b inet 169.254.0.3/16 534 535 cat <<__EOF__ > ./client_config 536user.debug @169.254.0.1 537mail.debug @169.254.0.2 538ftp.debug @169.254.0.1 539__EOF__ 540 541 cat <<__EOF__ > ./server_config 542user.debug ${SYSLOGD_LOGFILE} 543mail.debug ${SYSLOGD_LOGFILE} 544ftp.debug ${SYSLOGD_LOGFILE} 545__EOF__ 546 547 syslogd_start -j syslogd_server -f ${PWD}/server_config \ 548 -b 169.254.0.1 -b 169.254.0.2 549 syslogd_start -j syslogd_client -f ${PWD}/client_config \ 550 -p ${PWD}/client -P ${SYSLOGD_PIDFILE}.2 551 552 syslogd_log_jail syslogd_client \ 553 -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p user.debug -t test1 "hello, world" 554 syslogd_check_log "test1: hello, world" 555 556 syslogd_log_jail syslogd_client \ 557 -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p mail.debug -t test2 "you've got mail" 558 syslogd_check_log "test2: you've got mail" 559 560 syslogd_log_jail syslogd_client \ 561 -h 169.254.0.3 -P $SYSLOGD_UDP_PORT -p ftp.debug -t test3 "transfer complete" 562 syslogd_check_log "test3: transfer complete" 563} 564forward_cleanup() 565{ 566 syslogd_cleanup 567} 568 569atf_init_test_cases() 570{ 571 atf_add_test_case "unix" 572 atf_add_test_case "inet" 573 atf_add_test_case "inet6" 574 atf_add_test_case "reload" 575 atf_add_test_case "prog_filter" 576 atf_add_test_case "host_filter" 577 atf_add_test_case "prop_filter" 578 atf_add_test_case "host_action" 579 atf_add_test_case "pipe_action" 580 atf_add_test_case "pipe_action_reload" 581 atf_add_test_case "jail_noinet" 582 atf_add_test_case "allowed_peer" 583 atf_add_test_case "allowed_peer_forwarding" 584 atf_add_test_case "allowed_peer_wildcard" 585 atf_add_test_case "forward" 586} 587