pw_log.c revision 330449 
1/*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (C) 1996
5 *	David L. Nugent.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY DAVID L. NUGENT AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED.  IN NO EVENT SHALL DAVID L. NUGENT OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#ifndef lint
30static const char rcsid[] =
31  "$FreeBSD: stable/11/usr.sbin/pw/pw_log.c 330449 2018-03-05 07:26:05Z eadler $";
32#endif /* not lint */
33
34#include <ctype.h>
35#include <err.h>
36#include <fcntl.h>
37#include <string.h>
38#include <stdarg.h>
39
40#include "pw.h"
41
42static FILE	*logfile = NULL;
43
44void
45pw_log(struct userconf * cnf, int mode, int which, char const * fmt,...)
46{
47	va_list		argp;
48	time_t		now;
49	const char	*cp, *name;
50	struct tm	*t;
51	int		fd, i, rlen;
52	char		nfmt[256], sname[32];
53
54	if (cnf->logfile == NULL || cnf->logfile[0] == '\0') {
55		return;
56	}
57
58	if (logfile == NULL) {
59		/* With umask==0 we need to control file access modes on create */
60		fd = open(cnf->logfile, O_WRONLY | O_CREAT | O_APPEND, 0600);
61		if (fd == -1) {
62			return;
63		}
64		logfile = fdopen(fd, "a");
65		if (logfile == NULL) {
66			return;
67		}
68	}
69
70	if ((name = getenv("LOGNAME")) == NULL &&
71	    (name = getenv("USER")) == NULL) {
72		strcpy(sname, "unknown");
73	} else {
74		/*
75		 * Since "name" will be embedded in a printf-like format,
76		 * we must sanitize it:
77		 *
78		 *    Limit its length so other information in the message
79		 *    is not truncated
80		 *
81		 *    Squeeze out embedded whitespace for the benefit of
82		 *    log file parsers
83		 *
84		 *    Escape embedded % characters with another %
85		 */
86		for (i = 0, cp = name;
87		    *cp != '\0' && i < (int)sizeof(sname) - 1; cp++) {
88			if (*cp == '%') {
89				if (i < (int)sizeof(sname) - 2) {
90					sname[i++] = '%';
91					sname[i++] = '%';
92				} else {
93					break;
94				}
95			} else if (!isspace(*cp)) {
96				sname[i++] = *cp;
97			} /* else do nothing */
98		}
99		if (i == 0) {
100			strcpy(sname, "unknown");
101		} else {
102			sname[i] = '\0';
103		}
104	}
105	now = time(NULL);
106	t = localtime(&now);
107	/* ISO 8601 International Standard Date format */
108	strftime(nfmt, sizeof nfmt, "%Y-%m-%d %T ", t);
109	rlen = sizeof(nfmt) - strlen(nfmt);
110	if (rlen <= 0 || snprintf(nfmt + strlen(nfmt), rlen,
111	    "[%s:%s%s] %s\n", sname, Which[which], Modes[mode],
112	    fmt) >= rlen) {
113		warnx("log format overflow, user name=%s", sname);
114	} else {
115		va_start(argp, fmt);
116		vfprintf(logfile, nfmt, argp);
117		va_end(argp);
118		fflush(logfile);
119	}
120}
121