syslog

svn path=/rcynic/README; revision=358

1 files changed, 7 insertions, 25 deletions

diff --git a/rcynic/README b/rcynic/README
index c2e9743d..3b718f2c 100644
--- a/rcynic/README
+++ b/rcynic/README
@@ -293,8 +293,6 @@ accident.  Programs running in jails under cron should not make
 assumptions about the current working directory or environment
 variable settings.
 
-
-
 Building static binaries:
 
 On FreeBSD, building a staticly linked rsync is easy: just set the
@@ -306,31 +304,15 @@ work on other platforms.
 For simplicity, I've taken the same approach with rcynic, so just
 setting LDFLAGS='-static' and running make should work.
 
-
-
-To Do:
-
-- Support for running rsync chrooted.
-
-  After some discussion with Randy, I've concluded that it'd be much
-  simpler to run both rcynic and rsync in the chrooted jail than it
-  would be to run just rsync in the chrooted jail.  As far as we can
-  tell, putting rcynic in the jail with rsync doesn't create any
-  serious new threats, and it simplifies many things.
-
-  To further simplify this, we'll handle the chroot itself via an
-  external program.  Wietse Venema's chrootuid[*] would probably
-  suffice out of the box: one could do slightly better by tweaking it
-  for this specific application, but the main thing that's missing is
-  some shell script code and instructions for compiling static
-  binaries and setting up the jail.  No research topics here, this is
-  all ancient technology, the tricky bit is just getting all the
-  finicky details right.
+syslog:
 
-  [*] ftp://ftp.porcupine.org/pub/security/chrootuid1.3.tar.gz
+Depending on your syslogd configuration, syslog may not work properly
+with rcynic in a chroot jail.  On FreeBSD, the easiest way to fix this
+is to add the following lines to /etc/rc.conf:
 
-- autoconf?  probably not, unless we run into portability issues
-  serious enough to require it.
+    altlog_proglist="named rcynic"
+    rcynic_chrootdir="/var/rcynic"
+    rcynic_enable="YES"