Understanding the syslogd-linux Service Script

From: Scott Colby <scott_at_scolby.com>
Date: Tue, 08 Sep 2020 12:53:37 -0400

Hello,

I am faced with running a program in a container that will only log
to syslog and cannot be configured otherwise. I am looking to using
s6 within the container to supervise this program and some
implementation of syslog. I thought that there must be something
simpler than rsyslog or syslog-ng, and my investigations led me to
the s6/examples/syslogd-linux service directory.

I am only slightly experienced with writing execline scripts and
would like to better understand exactly what each line in the example
run script is doing. Here it is, annotated with my understanding
and questions.

#!/command/execlineb -P
# Redirects stderr to stdout, but why is this necessary?
fdmove -c 2 1
# Clears the environment, I assume for general
# security/isolation/cleanliness reasons?
exec -c
# Prepares for setting uid/gid later
s6-envuidgid nobody
# Redirects stdout to fd 3, I think because s6-ipcserver closes fd
# 1; what happens to things sent to fd 3?
# Also, why is the -c option not used here?
fdmove 1 3
# Listens on /dev/log, this makes sense to me
s6-ipcserver -U -1 -- /dev/log
# Redirects stdout to stderr, because this is where log messages
# are expected to go
fdmove -c 1 2
# writes stdin to stdout with the values of the remote UID and GID
# prepended, plus whatever other functionality of ucspidlogd
ucspilogd IPCREMOTEEUID IPCREMOTEEGID

Please let me know if I have made any mistakes in my annotation and
what the answers to my questions are.

Thank you,
Scott
Received on Tue Sep 08 2020 - 16:53:37 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:44:19 UTC