File: log_authpriv.patch

package info (click to toggle)
libnss-ldap 265-6
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 2,628 kB
  • sloc: ansic: 16,912; sh: 3,357; perl: 284; makefile: 105
file content (163 lines) | stat: -rw-r--r-- 6,486 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
 
Description: use LOG_AUTHPRIV facility with syslog() calls
Author: Stephen Frost <sfrost@debian.org>
Bug-Debian: http://bugs.debian.org/310421

--- a/ldap-nss.c
+++ b/ldap-nss.c
@@ -698,7 +698,7 @@ do_close (void)
 # else
       sd = __session.ls_conn->ld_sb.sb_sd;
 # endif /* LDAP_OPT_DESC */
-      syslog (LOG_INFO, "nss_ldap: closing connection %p fd %d",
+      syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: closing connection %p fd %d",
 	      __session.ls_conn, sd);
 #endif /* DEBUG */
 
@@ -990,7 +990,7 @@ do_close_no_unbind (void)
   closeSd = do_get_our_socket (&sd);
 
 #if defined(DEBUG) || defined(DEBUG_SOCKETS)
-  syslog (LOG_INFO, "nss_ldap: %sclosing connection (no unbind) %p fd %d",
+  syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: %sclosing connection (no unbind) %p fd %d",
 	  closeSd ? "" : "not ", __session.ls_conn, sd);
 #endif /* DEBUG */
 
@@ -1152,11 +1152,11 @@ do_init (void)
 
 #ifdef DEBUG
 #ifdef HAVE_PTHREAD_ATFORK
-  syslog (LOG_DEBUG,
+  syslog (LOG_AUTHPRIV | LOG_DEBUG,
 	  "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __euid=%i, euid=%i",
 	  __session.ls_state, __session.ls_conn, __euid, euid);
 #elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
-  syslog (LOG_DEBUG,
+  syslog (LOG_AUTHPRIV | LOG_DEBUG,
 	  "nss_ldap: libpthreads=%s, __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i",
  	  ((__pthread_once == NULL || __pthread_atfork == NULL) ? "FALSE" : "TRUE"),
 	  __session.ls_state,
@@ -1164,7 +1164,7 @@ do_init (void)
  	  ((__pthread_once == NULL || __pthread_atfork == NULL) ? __pid : -1),
  	  ((__pthread_once == NULL || __pthread_atfork == NULL) ? pid : -1), __euid, euid);
 #else
-  syslog (LOG_DEBUG,
+  syslog (LOG_AUTHPRIV | LOG_DEBUG,
 	  "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i",
 	  __session.ls_state, __session.ls_conn, __pid, pid, __euid, euid);
 #endif
@@ -1275,7 +1275,7 @@ do_init (void)
 	  stat = _nss_ldap_mergeconfigfromdns (__config, &configbufp, &configbuflen);
 	  if (stat != NSS_SUCCESS)
 	    {
-      	      syslog (LOG_ERR, "nss_ldap: could not determine LDAP server from ldap.conf or DNS");
+      	      syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not determine LDAP server from ldap.conf or DNS");
 	    }
 	}
 
@@ -1418,7 +1418,7 @@ do_start_tls (ldap_session_t * session)
           rc = LDAP_TIMEOUT;
         } 
 
-      syslog (LOG_INFO, "nss_ldap: ldap_start_tls failed: %s", ldap_err2string (rc));
+      syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: ldap_start_tls failed: %s", ldap_err2string (rc));
       debug ("<== do_start_tls (ldap_start_tls failed: %s)", ldap_err2string (rc));
       return rc;
     }
@@ -1671,7 +1671,7 @@ do_open (void)
   if (rc != LDAP_SUCCESS)
     {
       /* log actual LDAP error code */
-      syslog (LOG_INFO,
+      syslog (LOG_AUTHPRIV | LOG_INFO,
 	      "nss_ldap: failed to bind to LDAP server %s: %s",
 	      cfg->ldc_uris[__session.ls_current_uri],
 	      ldap_err2string (rc));
@@ -1829,6 +1829,9 @@ do_bind (LDAP * ld, int timelimit, const
 #else
 	  rc = ld->ld_errno;
 #endif /* LDAP_OPT_ERROR_NUMBER */
+	  /* Notify if we failed. */
+	  syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not connect to any LDAP server as %s - %s",
+			  dn, ldap_err2string (rc));
 	  debug ("<== do_bind");
 
 	  return rc;
@@ -2481,7 +2484,7 @@ do_result (ent_context_t * ctx, int all)
 #else
 	  rc = __session.ls_conn->ld_errno;
 #endif /* LDAP_OPT_ERROR_NUMBER */
-	  syslog (LOG_ERR, "nss_ldap: could not get LDAP result - %s",
+	  syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not get LDAP result - %s",
 		  ldap_err2string (rc));
 	  do_close();
 	  stat = NSS_UNAVAIL;
@@ -2515,7 +2518,7 @@ do_result (ent_context_t * ctx, int all)
 		  && parserc != LDAP_MORE_RESULTS_TO_RETURN)
 		{
 		  ldap_abandon (__session.ls_conn, ctx->ec_msgid);
-		  syslog (LOG_ERR,
+		  syslog (LOG_AUTHPRIV | LOG_ERR,
 			  "nss_ldap: could not get LDAP result - %s",
 			  ldap_err2string (rc));
 		  do_close();
@@ -2591,15 +2594,15 @@ do_with_reconnect (const char *base, int
 	  else if (backoff < __session.ls_config->ldc_reconnect_maxsleeptime)
 	    backoff *= 2;
 
-	  syslog (LOG_INFO,
+	  syslog (LOG_AUTHPRIV | LOG_INFO,
 		  "nss_ldap: reconnecting to LDAP server (sleeping %d seconds)...",
 		  backoff);
 	  (void) sleep (backoff);
 	}
-      else if (tries > 1)
+      else if (tries > 0)
 	{
 	  /* Don't sleep, reconnect immediately. */
-	  syslog (LOG_INFO, "nss_ldap: reconnecting to LDAP server...");
+	  syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnecting to LDAP server...");
 	}
 
       /* For each "try", attempt to connect to all specified URIs */
@@ -2650,11 +2653,11 @@ do_with_reconnect (const char *base, int
   switch (stat)
     {
     case NSS_UNAVAIL:
-      syslog (LOG_ERR, "nss_ldap: could not search LDAP server - %s",
+      syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not search LDAP server - %s",
 	      ldap_err2string (rc));
       break;
     case NSS_TRYAGAIN:
-      syslog (LOG_ERR,
+      syslog (LOG_AUTHPRIV | LOG_ERR,
 	      "nss_ldap: could not %s %sconnect to LDAP server - %s",
 	      hard ? "hard" : "soft", tries ? "re" : "",
 	      ldap_err2string (rc));
@@ -2669,11 +2672,11 @@ do_with_reconnect (const char *base, int
 	    uri = "(null)";
 
 	  if (tries)
-	    syslog (LOG_INFO,
+	    syslog (LOG_AUTHPRIV | LOG_INFO,
 	      "nss_ldap: reconnected to LDAP server %s after %d attempt%s",
 	      uri, tries, (tries == 1) ? "" : "s");
 	  else
-	    syslog (LOG_INFO, "nss_ldap: reconnected to LDAP server %s", uri);
+	    syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnected to LDAP server %s", uri);
 	}
       time (&__session.ls_timestamp);
       break;
--- a/ldap-nss.h
+++ b/ldap-nss.h
@@ -140,9 +140,9 @@
 #ifdef DEBUG
 #ifdef DEBUG_SYSLOG
 #ifdef HAVE_NSSWITCH_H
-#define debug(fmt, args...) syslog(LOG_DEBUG, "nss_ldap: %s:%d thread %u - " fmt, __FILE__, __LINE__, thr_self() , ## args)
+#define debug(fmt, args...) syslog(LOG_AUTHPRIV | LOG_DEBUG, "nss_ldap: %s:%d thread %u - " fmt, __FILE__, __LINE__, thr_self() , ## args)
 #else
-#define debug(fmt, args...) syslog(LOG_DEBUG, "nss_ldap: %s:%d thread %u - " fmt, __FILE__, __LINE__, pthread_self() , ## args)
+#define debug(fmt, args...) syslog(LOG_AUTHPRIV | LOG_DEBUG, "nss_ldap: %s:%d thread %u - " fmt, __FILE__, __LINE__, pthread_self() , ## args)
 #endif /* HAVE_NSSWITCH_H */
 #else
 #ifndef __GNUC__