freeradius-server icon indicating copy to clipboard operation
freeradius-server copied to clipboard

Published 20 hours ago verified publisher icon FreeRADIUS

Pipe facility for logging modules.

Open arr2036 opened this issue 8 years ago • 4 comments

Issue type

  • Questions about the server or its usage should be posted to the users mailing list.
  • Remote security exploits MUST be sent to [email protected].
  • [ ] Defect - Crash or memory corruption.
  • [ ] Defect - Non compliance with a standards document, or incorrect API usage.
  • [ ] Defect - Unexpected behaviour (obvious or verified by project member).
  • [x] Feature request.

Defect/Feature description

@jimdigriz had a fun idea.

For rlm_detail, rlm_linelog, rlm_logtee, it'd be nice to be able to pipe the output through other utilities for preprocessing/compression.

The idea would be to take an 'exec' xlat expansion, expand it, and use that as a key into a tree of fork()/execve() processes. The log message would then be written to the stdin fd of the process.

Processes would be created if the xlat didn't match a pre-existing process, and cleaned up/closed after a period of inactivity.

Only unsolved problem would be what to do in a threaded environment, I guess have all threads write to the same process? Something like xv probably doesn't implement file locking natively.

arr2036 avatar Jun 09 '17 22:06 arr2036

@alandekok mentioned that popen() is probably a better fit than execve() as it runs everything in a shell (more pipes).

arr2036 avatar Jun 12 '17 14:06 arr2036

This is very doable now. We even expose stdin in our async exec API.

arr2036 avatar Oct 21 '21 19:10 arr2036

This should really be either an rlm_pipe module, or a separate facility for the underlying log functionality.

alandekok avatar May 29 '23 20:05 alandekok