This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Syslog "event source" registration [Was Re: Suggest cygrunsrv extension: --pidfile option (patch included)]


On Thu, 24 Nov 2005, Brian Dessent wrote:

> Christian Franke wrote:
>
> > Unlike syslog, windows event log is intended to store only message
> > parameters, not complete messages.
> > The (probably localized) messages must be provided by such an "event
> > message file" (the misleading MS-term;-), which is essentially an .exe
> > or .dll containing (message id, string) pairs in a resource section.
> > For Cygwin, this would be one trivial (0, "%1") pair.
> >
> > Does such a file (and associated registry tool) exist for Cygwin?
>
> It's trivial to add the RT_MESSAGETABLE resource to cygwin1.dll that
> contains the single message "%1\r\n".  It's complicated by the fact that
> windres doesn't have parsing support for messagetables, but you can just
> specify the raw binary for something this trivial.  If you search the ML
> archives someone posted the appropriate .rc bits a couple years ago.
>
> The hard part is that for every "event source" you need to add keys:
>
> HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\(name)\
>    EventMessageFile = REG_SZ "c:\path\to\cygwin1.dll"
>    TypesSupported = REG_DWORD 0x1f
>
> where (name) is whatever the application passed to openlog()'s first
> parameter.
>
> This sucks because it means that to truly do this right, the code in
> Cygwin's openlog() has got to add these keys every time it's called.
> But it can't just blindly overwrite whatever event source might exist
> already because otherwise a malicious application that called e.g.
> openlog("MsiInstaller", ...) would fubar the MSI event source.  So it's
> got to check if the event source exists, decide if it's a Cygwin event
> source, figure out if the DLL path is correct, and if not, put the
> current cygwin DLL path in the key.
>
> This is not insurmountable but it's kind of a pain.  I've been slowly
> working on a patch that does all this, but it's not ready yet.  For the
> time being I just add event sources manually and it works great.

Why complicate openlog()?  Let the Cygwin applications that use openlog()
do this (e.g., in a postinstall script).  We could even add a utility
package in "Base", similar to "editrights", that contains scripts for
adding and removing this setting (something like 'regtool add
"KEY/$1/VAL"; regtool set "KEY/$1/VAL" "value"') that the postinstall and
preremove scripts can invoke...  That way this would also be cleaned up
if, say, "openssh" were uninstalled.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. /DA

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]