From: Alexey Gladkov <legion@altlinux.ru>
To: ALT Devel discussion list <devel@lists.altlinux.org>
Subject: [devel] [PATCH 0/6] sysklogd: implement checkum chains for log entries
Date: Tue, 27 Oct 2020 12:33:45 +0100
Message-ID: <20201027113351.3373843-1-legion@altlinux.ru> (raw)
Привет!
Этот патчсет реализовывает цепочки хэшей для записей в логе. Это позволяет
обнаружить возможное втрожение в логи.
При старте syslogd считает хэш для каждой записи используя хэш предыдущей
записи или пустой, если это первая запись в лог после старта. Цепочка не
прерывается до остановки сервера или перекофигруции.
Наследование чексумм между рестартами не сделано намеренно поскольку у сервера
нет возможности сохранить и гарантировать неприкосновенность чексуммы между
рестартами.
Рестарт syslogd, как и нарушение цепочки чексумм, считается поводом для
расследования.
Реализация sha256 (каталог block/) взята из git.
Alexey Gladkov (6):
Optimize the filling of the record fields
syslogd: make logerror is printf-like
syslogd: Implement customization of log file records
syslogd: no need to try to substitute a field in a record if it's not
in the log_format
Makefile: use make variables instead of a hardcoded list
syslogd: implement checksum chains for log entries
Makefile | 24 +-
block/bswap.h | 217 ++++++++++++++++
block/sha256.c | 202 +++++++++++++++
block/sha256.h | 24 ++
hash.h | 66 +++++
syslog.conf | 17 ++
syslogd.c | 419 +++++++++++++++++++++++++------
tests/log-hashes/.gitignore | 5 +
tests/log-hashes/check | 28 +++
tests/log-hashes/check-hashes.sh | 28 +++
10 files changed, 950 insertions(+), 80 deletions(-)
create mode 100644 block/bswap.h
create mode 100644 block/sha256.c
create mode 100644 block/sha256.h
create mode 100644 hash.h
create mode 100644 tests/log-hashes/.gitignore
create mode 100755 tests/log-hashes/check
create mode 100755 tests/log-hashes/check-hashes.sh
--
2.25.4
next reply other threads:[~2020-10-27 11:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-27 11:33 Alexey Gladkov [this message]
2020-10-27 11:33 ` [devel] [PATCH 1/6] Optimize the filling of the record fields Alexey Gladkov
2020-10-27 11:33 ` [devel] [PATCH 2/6] syslogd: make logerror is printf-like Alexey Gladkov
2020-10-27 11:33 ` [devel] [PATCH 3/6] syslogd: Implement customization of log file records Alexey Gladkov
2020-10-27 11:33 ` [devel] [PATCH 4/6] syslogd: no need to try to substitute a field in a record if it's not in the log_format Alexey Gladkov
2020-10-27 11:33 ` [devel] [PATCH 5/6] Makefile: use make variables instead of a hardcoded list Alexey Gladkov
2020-10-27 11:33 ` [devel] [PATCH 6/6] syslogd: implement checksum chains for log entries Alexey Gladkov
2020-10-27 11:44 ` [devel] [PATCH 0/6] sysklogd: implement checkum " Alexey V. Vissarionov
2020-10-27 12:13 ` Alexey Gladkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201027113351.3373843-1-legion@altlinux.ru \
--to=legion@altlinux.ru \
--cc=devel@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Team development discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
public-inbox-index devel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git