diff --git a/ReadMe.md b/ReadMe.md index ba6c5cb..05ee514 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -563,11 +563,11 @@ rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms | rr-ttl-reply-max | 允许返回给客户端的最大 TTL 值 | 远程查询结果 | 大于 0 的数字 | rr-ttl-reply-max 60 | | max-reply-ip-num | 允许返回给客户的最大IP数量 | IP数量 | 大于 0 的数字 | max-reply-ip-num 1 | | log-level | 设置日志级别 | error | fatal、error、warn、notice、info 或 debug | log-level error | -| log-file | 日志文件路径 | /var/log/smartdns.log | 合法路径字符串 | log-file /var/log/smartdns.log | +| log-file | 日志文件路径 | /var/log/smartdns/smartdns.log | 合法路径字符串 | log-file /var/log/smartdns/smartdns.log | | log-size | 日志大小 | 128K | 数字 + K、M 或 G | log-size 128K | | log-num | 日志归档个数 | 2 | 大于等于 0 的数字 | log-num 2 | | audit-enable | 设置审计启用 | no | [yes\|no] | audit-enable yes | -| audit-file | 审计文件路径 | /var/log/smartdns-audit.log | 合法路径字符串 | audit-file /var/log/smartdns-audit.log | +| audit-file | 审计文件路径 | /var/log/smartdns/smartdns-audit.log | 合法路径字符串 | audit-file /var/log/smartdns/smartdns-audit.log | | audit-size | 审计大小 | 128K | 数字 + K、M 或 G | audit-size 128K | | audit-num | 审计归档个数 | 2 | 大于等于 0 的数字 | audit-num 2 | | conf-file | 附加配置文件 | 无 | 合法路径字符串 | conf-file /etc/smartdns/smartdns.more.conf | diff --git a/ReadMe_en.md b/ReadMe_en.md index 6717738..08fc6fa 100755 --- a/ReadMe_en.md +++ b/ReadMe_en.md @@ -501,11 +501,11 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use |rr-ttl-max|Domain name Maximum TTL|Remote query result|number greater than 0|rr-ttl-max 600 |max-reply-ip-num|Maximum number of IPs returned to the client|8|number of IPs, 1~16 |max-reply-ip-num 1 |log-level|log level|error|fatal,error,warn,notice,info,debug|log-level error -|log-file|log path|/var/log/smartdns.log|File Pah|log-file /var/log/smartdns.log +|log-file|log path|/var/log/smartdns/smartdns.log|File Pah|log-file /var/log/smartdns/smartdns.log |log-size|log size|128K|number+K,M,G|log-size 128K |log-num|archived log number|2|Integer|log-num 2 |audit-enable|audit log enable|no|[yes\|no]|audit-enable yes -|audit-file|audit log file|/var/log/smartdns-audit.log|File Path|audit-file /var/log/smartdns-audit.log +|audit-file|audit log file|/var/log/smartdns/smartdns-audit.log|File Path|audit-file /var/log/smartdns/smartdns-audit.log |audit-size|audit log size|128K|number+K,M,G|audit-size 128K |audit-num|archived audit log number|2|Integer|audit-num 2 |conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf diff --git a/etc/smartdns/smartdns.conf b/etc/smartdns/smartdns.conf index f5befe1..a281197 100644 --- a/etc/smartdns/smartdns.conf +++ b/etc/smartdns/smartdns.conf @@ -4,7 +4,7 @@ # server-name smartdns # -# dns server run ser +# dns server run user # user [username] # example: run as nobody # user nobody @@ -126,7 +126,7 @@ cache-size 16384 # log-size: size of each log file, support k,m,g # log-num: number of logs log-level info -# log-file /var/log/smartdns.log +# log-file /var/log/smartdns/smartdns.log # log-size 128k # log-num 2 diff --git a/src/dns_conf.h b/src/dns_conf.h index 58452fd..2af259c 100644 --- a/src/dns_conf.h +++ b/src/dns_conf.h @@ -49,8 +49,8 @@ extern "C" { #define DEFAULT_DNS_HTTPS_PORT 443 #define DNS_MAX_CONF_CNAME_LEN 256 #define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf" -#define SMARTDNS_LOG_FILE "/var/log/smartdns.log" -#define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log" +#define SMARTDNS_LOG_FILE "/var/log/smartdns/smartdns.log" +#define SMARTDNS_AUDIT_FILE "/var/log/smartdns/smartdns-audit.log" #define SMARTDNS_CACHE_FILE "/tmp/smartdns.cache" enum domain_rule { diff --git a/src/smartdns.c b/src/smartdns.c index c617270..0a170c4 100644 --- a/src/smartdns.c +++ b/src/smartdns.c @@ -114,8 +114,8 @@ static int drop_root_privilege(void) prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); cap.effective |= (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN); cap.permitted |= (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN); - unused = setuid(uid); unused = setgid(gid); + unused = setuid(uid); if (capset(&header, &cap) < 0) { return -1; } @@ -323,15 +323,22 @@ static int _smartdns_destroy_ssl(void) return 0; } -static int _smartdns_init(void) +static const char *_smartdns_log_path(void) { - int ret = 0; char *logfile = SMARTDNS_LOG_FILE; if (dns_conf_log_file[0] != 0) { logfile = dns_conf_log_file; } + return logfile; +} + +static int _smartdns_init(void) +{ + int ret = 0; + const char *logfile = _smartdns_log_path(); + ret = tlog_init(logfile, dns_conf_log_size, dns_conf_log_num, 0, 0); if (ret != 0) { tlog(TLOG_ERROR, "start tlog failed.\n"); @@ -463,6 +470,43 @@ static void _reg_signal(void) } } +static int _smartdns_create_logdir(void) +{ + int uid = 0; + int gid = 0; + char logdir[PATH_MAX] = {0}; + safe_strncpy(logdir, _smartdns_log_path(), PATH_MAX); + dirname(logdir); + + if (access(logdir, F_OK) == 0) { + return 0; + } + + if (mkdir(logdir, 0750) != 0) { + if (errno == EEXIST) { + return 0; + } + + return -1; + } + + int unused __attribute__((unused)) = 0; + + if (get_uid_gid(&uid, &gid) != 0) { + return -1; + } + + chown(logdir, uid, gid); + return 0; +} + +static int _smartdns_init_pre(void) +{ + _smartdns_create_logdir(); + + return 0; +} + int main(int argc, char *argv[]) { int ret = 0; @@ -531,6 +575,11 @@ int main(int argc, char *argv[]) signal(SIGINT, _sig_exit); signal(SIGTERM, _sig_exit); + if (_smartdns_init_pre() != 0) { + fprintf(stderr, "init failed.\n"); + return 1; + } + drop_root_privilege(); ret = _smartdns_init();