16 files changed, 499 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index 1dbd69e0..23a2e3e0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,17 @@ Version 4.1.6  [DEVEL] (rgerhards), 2009-03-??
   issue with the function call VM instruction set design.
 - implemented the strlen() RainerScript function
 - added a template output module
+- added -T rsyslogd command line option, enables to specify a directory
+  where to chroot() into on startup. This is NOT a security feature but
+  introduced to support testing. Thus, -T does not make sure chroot()
+  is used in a secure way. (may be removed later)
+- added omstdout module for testing purposes. Spits out all messages to
+  stdout - no config option, no other features
+- added a parser testing suite (still needs to be extended, but a good
+  start)
+- modified $ModLoad statement so that for modules whom's name starts with
+  a dot, no path is prepended (this enables relative-pathes and should
+  not break any valid current config)
 - fixed a bug that caused action retries not to work correctly
   situation was only cleared by a restart
 - bugfix: closed dynafile was potentially never written until another
diff --git a/Makefile.am b/Makefile.am
index 87e378ee..97f4aed3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,5 +1,3 @@
-AUTOMAKE_OPTIONS=dejagnu
-
 sbin_PROGRAMS =
 pkglib_LTLIBRARIES = 
 
@@ -90,6 +88,10 @@ if ENABLE_IMTEMPLATE
 SUBDIRS += plugins/imtemplate
 endif
 
+if ENABLE_OMSTDOUT
+SUBDIRS += plugins/omstdout
+endif
+
 if ENABLE_OMTEMPLATE
 SUBDIRS += plugins/omtemplate
 endif
@@ -120,5 +122,5 @@ SUBDIRS += tests
 # temporarily be removed below. The intent behind forcing everthing to compile
 # in a make distcheck is so that we detect code that accidently was not updated
 # when some global update happened.
-DISTCHECK_CONFIGURE_FLAGS=--enable-gssapi_krb5 --enable-imfile --enable-snmp --enable-pgsql --enable-libdbi --enable-mysql --enable-omtemplate --enable-imtemplate --enable-relp --enable-rsyslogd --enable-mail --enable-klog  --enable-diagtools --enable-gnutls
+DISTCHECK_CONFIGURE_FLAGS=--enable-gssapi_krb5 --enable-imfile --enable-snmp --enable-pgsql --enable-libdbi --enable-mysql --enable-omtemplate --enable-imtemplate --enable-relp --enable-rsyslogd --enable-mail --enable-klog  --enable-diagtools --enable-gnutls --enable-omstdout
 ACLOCAL_AMFLAGS = -I m4
diff --git a/configure.ac b/configure.ac
index 7289d74e..2db856cd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -688,6 +688,23 @@ AM_CONDITIONAL(ENABLE_OMTEMPLATE, test x$enable_omtemplate = xyes)
 # end of copy template - be sure to serach for omtemplate to find everything!
 
 
+# settings for omstdout
+AC_ARG_ENABLE(omstdout,
+        [AS_HELP_STRING([--enable-omstdout],[Compiles stdout template module @<:@default=no@:>@])],
+        [case "${enableval}" in
+         yes) enable_omstdout="yes" ;;
+          no) enable_omstdout="no" ;;
+           *) AC_MSG_ERROR(bad value ${enableval} for --enable-omstdout) ;;
+         esac],
+        [enable_omstdout=no]
+)
+#
+# you may want to do some library checks here - see snmp, mysql, pgsql modules
+# for samples
+#
+AM_CONDITIONAL(ENABLE_OMSTDOUT, test x$enable_omstdout = xyes)
+
+
 AC_CONFIG_FILES([Makefile \
 		runtime/Makefile \
 		tools/Makefile \
@@ -701,6 +718,7 @@ AC_CONFIG_FILES([Makefile \
 		plugins/imklog/Makefile \
 		plugins/imtemplate/Makefile \
 		plugins/omtemplate/Makefile \
+		plugins/omstdout/Makefile \
 		plugins/imfile/Makefile \
 		plugins/imrelp/Makefile \
 		plugins/imdiag/Makefile \
@@ -731,7 +749,8 @@ echo "RELP support enabled:                     $enable_relp"
 echo "imdiag enabled:                           $enable_imdiag"
 echo "file input module enabled:                $enable_imfile"
 echo "input template module will be compiled:   $enable_imtemplate"
-echo "output template module will be compiled:   $enable_omtemplate"
+echo "output template module will be compiled:  $enable_omtemplate"
+echo "omstdout module will be compiled:         $enable_omstdout"
 echo "Large file support enabled:               $enable_largefile"
 echo "Networking support enabled:               $enable_inet"
 echo "GnuTLS network stream driver enabled:     $enable_gnutls"
diff --git a/plugins/omstdout/Makefile.am b/plugins/omstdout/Makefile.am
new file mode 100644
index 00000000..9f5d497f
--- /dev/null
+++ b/plugins/omstdout/Makefile.am
@@ -0,0 +1,8 @@
+pkglib_LTLIBRARIES = omstdout.la
+
+omstdout_la_SOURCES = omstdout.c
+omstdout_la_CPPFLAGS =  $(RSRT_CFLAGS) $(PTHREADS_CFLAGS)
+omstdout_la_LDFLAGS = -module -avoid-version
+omstdout_la_LIBADD = 
+
+EXTRA_DIST = 
diff --git a/plugins/omstdout/omstdout.c b/plugins/omstdout/omstdout.c
new file mode 100644
index 00000000..6e227ba9
--- /dev/null
+++ b/plugins/omstdout/omstdout.c
@@ -0,0 +1,125 @@
+/* omstdout.c
+ * send all output to stdout - this is primarily a test driver (but may
+ * be used for weired use cases). Not tested for robustness!
+ *
+ * NOTE: read comments in module-template.h for more specifics!
+ *
+ * File begun on 2009-03-19 by RGerhards
+ *
+ * Copyright 2009 Rainer Gerhards and Adiscon GmbH.
+ *
+ * This file is part of rsyslog.
+ *
+ * Rsyslog is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Rsyslog is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Rsyslog.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this distribution.
+ */
+#include "config.h"
+#include "rsyslog.h"
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <signal.h>
+#include <errno.h>
+#include <unistd.h>
+#include "dirty.h"
+#include "syslogd-types.h"
+#include "srUtils.h"
+#include "template.h"
+#include "module-template.h"
+#include "errmsg.h"
+#include "cfsysline.h"
+
+MODULE_TYPE_OUTPUT
+
+/* internal structures
+ */
+DEF_OMOD_STATIC_DATA
+
+typedef struct _instanceData {
+} instanceData;
+
+BEGINcreateInstance
+CODESTARTcreateInstance
+ENDcreateInstance
+
+
+BEGINisCompatibleWithFeature
+CODESTARTisCompatibleWithFeature
+	if(eFeat == sFEATURERepeatedMsgReduction)
+		iRet = RS_RET_OK;
+ENDisCompatibleWithFeature
+
+
+BEGINfreeInstance
+CODESTARTfreeInstance
+ENDfreeInstance
+
+
+BEGINdbgPrintInstInfo
+CODESTARTdbgPrintInstInfo
+ENDdbgPrintInstInfo
+
+
+BEGINtryResume
+CODESTARTtryResume
+ENDtryResume
+
+BEGINdoAction
+CODESTARTdoAction
+	write(1, (char*)ppString[0], strlen((char*)ppString[0]));
+ENDdoAction
+
+
+BEGINparseSelectorAct
+CODESTARTparseSelectorAct
+CODE_STD_STRING_REQUESTparseSelectorAct(1)
+	/* first check if this config line is actually for us */
+	if(strncmp((char*) p, ":omstdout:", sizeof(":omstdout:") - 1)) {
+		ABORT_FINALIZE(RS_RET_CONFLINE_UNPROCESSED);
+	}
+
+	/* ok, if we reach this point, we have something for us */
+	p += sizeof(":omstdout:") - 1; /* eat indicator sequence  (-1 because of '\0'!) */
+	CHKiRet(createInstance(&pData));
+
+	/* check if a non-standard template is to be applied */
+	if(*(p-1) == ';')
+		--p;
+	CHKiRet(cflineParseTemplateName(&p, *ppOMSR, 0, 0, (uchar*) "RSYSLOG_FileFormat"));
+CODE_STD_FINALIZERparseSelectorAct
+ENDparseSelectorAct
+
+
+BEGINmodExit
+CODESTARTmodExit
+ENDmodExit
+
+
+BEGINqueryEtryPt
+CODESTARTqueryEtryPt
+CODEqueryEtryPt_STD_OMOD_QUERIES
+ENDqueryEtryPt
+
+
+BEGINmodInit()
+CODESTARTmodInit
+	*ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */
+CODEmodInit_QueryRegCFSLineHdlr
+ENDmodInit
+
+/* vi:set ai:
+ */
diff --git a/runtime/modules.c b/runtime/modules.c
index d548a949..cef4eac6 100644
--- a/runtime/modules.c
+++ b/runtime/modules.c
@@ -608,7 +608,7 @@ Load(uchar *pModName)
 	iLoadCnt    = 0;
 	do {
 		/* now build our load module name */
-		if(*pModName == '/') {
+		if(*pModName == '/' || *pModName == '.') {
 			*szPath = '\0';	/* we do not need to append the path - its already in the module name */
 			iPathLen = 0;
 		} else {
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 65a294ca..093742db 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,11 +1,10 @@
-testruns = rt_init rscript
-check_PROGRAMS = $(testruns) ourtail
-TESTS = $(testruns) cfg.sh
+check_PROGRAMS = rt_init rscript ourtail parsertest
+TESTS = $(check_PROGRAMS) cfg.sh
 TESTS_ENVIRONMENT = RSYSLOG_MODDIR='$(abs_top_builddir)'/runtime/.libs/
+DISTCLEANFILES=rsyslog.pid
 
 test_files = testbench.h runtime-dummy.c
-EXTRA_DIST=1.rstest 2.rstest 3.rstest err1.rstest \
-	   cfg.sh \
+EXTRA_DIST= 1.rstest 2.rstest 3.rstest err1.rstest \
 	   cfg1.cfgtest \
 	   cfg1.testin \
       	   cfg2.cfgtest \
@@ -16,7 +15,15 @@ EXTRA_DIST=1.rstest 2.rstest 3.rstest err1.rstest \
 	   cfg4.testin \
 	   DevNull.cfgtest \
 	   err1.rstest \
-	   NoExistFile.cfgtest
+	   NoExistFile.cfgtest \
+	   testruns/parser.conf \
+	   testruns/1.parse1 \
+   	   testruns/rfc3164.parse1 \
+	   testruns/rfc5424-1.parse1 \
+	   testruns/rfc5424-2.parse1 \
+	   testruns/rfc5424-3.parse1 \
+	   testruns/rfc5424-4.parse1 \
+	   cfg.sh
 
 ourtail_SOURCES = ourtail.c
 
diff --git a/tests/parsertest.c b/tests/parsertest.c
new file mode 100644
index 00000000..6c2221e8
--- /dev/null
+++ b/tests/parsertest.c
@@ -0,0 +1,269 @@
+/* Runs a test suite on the rsyslog parser (and later potentially
+ * other things).
+ *
+ * Please note that this
+ * program works together with the config file AND easily extensible
+ * test case files (*.parse1) to run a number of checks. All test
+ * cases are executed, even if there is a failure early in the
+ * process. When finished, the numberof failed tests will be given.
+ *
+ * Part of the testbench for rsyslog.
+ *
+ * Copyright 2009 Rainer Gerhards and Adiscon GmbH.
+ *
+ * This file is part of rsyslog.
+ *
+ * Rsyslog is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Rsyslog is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Rsyslog.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this distribution.
+ */
+#include "config.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <arpa/inet.h>
+#include <assert.h>
+#include <unistd.h>
+#include <string.h>
+#include <glob.h>
+#include <netinet/in.h>
+
+#define EXIT_FAILURE 1
+
+
+void readLine(int fd, char *ln)
+{
+	char c;
+	int lenRead;
+	lenRead = read(fd, &c, 1);
+	while(lenRead == 1 && c != '\n') {
+		*ln++ = c;
+		 lenRead = read(fd, &c, 1);
+	}
+	*ln = '\0';
+}
+
+
+/* send a message via UDP
+ * returns 0 if ok, something else otherwise.
+ */
+int
+udpSend(char *buf, int lenBuf)
+{
+	struct sockaddr_in si_other;
+	int s, slen=sizeof(si_other);
+
+	if((s=socket(AF_INET, SOCK_DGRAM, 0))==-1) {
+		perror("socket()");
+		return(1);
+	}
+
+	memset((char *) &si_other, 0, sizeof(si_other));
+	si_other.sin_family = AF_INET;
+	si_other.sin_port = htons(12514);
+	if(inet_aton("127.0.0.1", &si_other.sin_addr)==0) {
+		fprintf(stderr, "inet_aton() failed\n");
+		return(1);
+	}
+
+	if(sendto(s, buf, lenBuf, 0, (struct sockaddr*) &si_other, slen)==-1) {
+		perror("sendto");
+		fprintf(stderr, "sendto() failed\n");
+		return(1);
+	}
+
+	close(s);
+	return 0;
+}
+
+/* open pipe to test candidate - so far, this is
+ * always rsyslogd and with a fixed config. Later, we may
+ * change this. Returns 0 if ok, something else otherwise.
+ * rgerhards, 2009-03-31
+ */
+int openPipe(pid_t *pid, int *pfd)
+{
+	int pipefd[2];
+	pid_t cpid;
+	char *newargv[] = {"../tools/rsyslogd", "dummy", "-c4", "-u2", "-n", "-irsyslog.pid",
+			   "-M../runtime//.libs", NULL };
+	char confFile[1024];
+	char *newenviron[] = { NULL };
+
+
+	sprintf(confFile, "-f%s/testruns/parser.conf", getenv("srcdir"));
+	newargv[1] = confFile;
+
+	if (pipe(pipefd) == -1) {
+		perror("pipe");
+		exit(EXIT_FAILURE);
+	}
+
+	cpid = fork();
+	if (cpid == -1) {
+		perror("fork");
+		exit(EXIT_FAILURE);
+	}
+
+	if(cpid == 0) {    /* Child reads from pipe */
+		fclose(stdout);
+		dup(pipefd[1]);
+		close(pipefd[1]);
+		close(pipefd[0]);
+		fclose(stdin);
+		execve("../tools/rsyslogd", newargv, newenviron);
+	} else {            
+		close(pipefd[1]);
+		*pid = cpid;
+		*pfd = pipefd[0];
+	}
+
+	return(0);
+}
+
+
+/* Process a specific test case. File name is provided.
+ * Needs to return 0 if all is OK, something else otherwise.
+ */
+int
+processTestFile(int fd, char *pszFileName)
+{
+	FILE *fp;
+	char *testdata = NULL;
+	char *expected = NULL;
+	int ret = 0;
+	size_t lenLn;
+	char buf[4096];
+
+	if((fp = fopen((char*)pszFileName, "r")) == NULL) {
+		perror((char*)pszFileName);
+		return(2);
+	}
+
+	/* skip comments at start of file */
+
+	getline(&testdata, &lenLn, fp);
+	while(!feof(fp)) {
+		if(*testdata == '#')
+			getline(&testdata, &lenLn, fp);
+		else
+			break; /* first non-comment */
+	}
+
+
+	testdata[strlen(testdata)-1] = '\0'; /* remove \n */
+	/* now we have the test data to send */
+	if(udpSend(testdata, strlen(testdata)) != 0)
+		return(2);
+
+	/* next line is expected output 
+	 * we do not care about EOF here, this will lead to a failure and thus
+	 * draw enough attention. -- rgerhards, 2009-03-31
+	 */
+	getline(&expected, &lenLn, fp);
+	expected[strlen(expected)-1] = '\0'; /* remove \n */
+
+	/* pull response from server and then check if it meets our expectation */
+	readLine(fd, buf);
+	if(strcmp(expected, buf)) {
+		printf("\nExpected Response:\n'%s'\nActual Response:\n'%s'\n",
+			expected, buf);
+			ret = 1;
+	}
+
+	free(testdata);
+	free(expected);
+	fclose(fp);
+	return(ret);
+}
+
+
+/* carry out all tests. Tests are specified via a file name
+ * wildcard. Each of the files is read and the test carried
+ * out.
+ * Returns the number of tests that failed. Zero means all
+ * success.
+ */
+int
+doTests(int fd, char *files)
+{
+	int iFailed = 0;
+	int iTests = 0;
+	int ret;
+	char *testFile;
+	glob_t testFiles;
+	size_t i = 0;
+	struct stat fileInfo;
+
+	glob(files, GLOB_MARK, NULL, &testFiles);
+
+	for(i = 0; i < testFiles.gl_pathc; i++) {
+		testFile = testFiles.gl_pathv[i];
+
+		if(stat((char*) testFile, &fileInfo) != 0) 
+			continue; /* continue with the next file if we can't stat() the file */
+
+		++iTests;
+		/* all regular files are run through the test logic. Symlinks don't work. */
+		if(S_ISREG(fileInfo.st_mode)) { /* config file */
+			printf("processing test case '%s' ... ", testFile);
+			ret = processTestFile(fd, testFile);
+			if(ret == 0) {
+				printf("successfully completed\n");
+			} else {
+				printf("failed!\n");
+				++iFailed;
+			}
+		}
+	}
+	globfree(&testFiles);
+
+	if(iTests == 0) {
+		printf("Error: no test cases found, no tests executed.\n");
+		iFailed = 1;
+	} else {
+		printf("Number of tests run: %d, number of failures: %d\n", iTests, iFailed);
+	}
+
+	return(iFailed);
+}
+
+
+/* */
+int main(int argc, char *argv[])
+{
+	int fd;
+	pid_t pid;
+	int ret = 0;
+	char buf[4096];
+	char testcases[4096];
+
+	printf("running rsyslog parser tests ($srcdir=%s)\n", getenv("srcdir"));
+
+	openPipe(&pid, &fd);
+	readLine(fd, buf);
+
+	/* generate filename */
+	sprintf(testcases, "%s/testruns/*.parse1", getenv("srcdir"));
+	if(doTests(fd, testcases) != 0)
+		ret = 1;
+
+	/* cleanup */
+	kill(pid, SIGTERM);
+	printf("End of parser tests.\n");
+	exit(ret);
+}
diff --git a/tests/testruns/1.parse1 b/tests/testruns/1.parse1
new file mode 100644
index 00000000..5ae655e6
--- /dev/null
+++ b/tests/testruns/1.parse1
@@ -0,0 +1,3 @@
+<167>Mar  6 16:57:54 172.20.245.8 %PIX-7-710005: UDP request discarded from SERVER1/2741 to test_app:255.255.255.255/61601
+167,local4,debug,Mar  6 16:57:54,172.20.245.8,%PIX-7-710005,%PIX-7-710005:, UDP request discarded from SERVER1/2741 to test_app:255.255.255.255/61601
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/parser.conf b/tests/testruns/parser.conf
new file mode 100644
index 00000000..0fb7d16d
--- /dev/null
+++ b/tests/testruns/parser.conf
@@ -0,0 +1,9 @@
+$ModLoad ../plugins/omstdout/.libs/omstdout
+$ModLoad ../plugins/imudp/.libs/imudp
+$UDPServerRun 12514
+
+$ErrorMessagesToStderr off
+
+# use a special format that we can easily parse in expect
+$template expect,"%PRI%,%syslogfacility-text%,%syslogseverity-text%,%timestamp%,%hostname%,%programname%,%syslogtag%,%msg%\n"
+*.* :omstdout:;expect
diff --git a/tests/testruns/rfc3164.parse1 b/tests/testruns/rfc3164.parse1
new file mode 100644
index 00000000..e7a5fa18
--- /dev/null
+++ b/tests/testruns/rfc3164.parse1
@@ -0,0 +1,4 @@
+<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8
+34,auth,crit,Oct 11 22:14:15,mymachine,su,su:, 'su root' failed for lonvick on /dev/pts/8
+#Example from RFC3164, section 5.4
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-1.parse1 b/tests/testruns/rfc5424-1.parse1
new file mode 100644
index 00000000..23836c9f
--- /dev/null
+++ b/tests/testruns/rfc5424-1.parse1
@@ -0,0 +1,3 @@
+#Example from RFC5424, section 6.5 / sample 1
+<34>1 2003-10-11T22:14:15.003Z mymachine.example.com su - ID47 - BOM'su root' failed for lonvick on /dev/pts/8
+34,auth,crit,Oct 11 22:14:15,mymachine.example.com,,su,- BOM'su root' failed for lonvick on /dev/pts/8
diff --git a/tests/testruns/rfc5424-2.parse1 b/tests/testruns/rfc5424-2.parse1
new file mode 100644
index 00000000..a86fbc35
--- /dev/null
+++ b/tests/testruns/rfc5424-2.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-08-24T05:14:15.000003-07:00 192.0.2.1 myproc 8710 - - %% It's time to make the do-nuts.
+165,local4,notice,Aug 24 05:14:15,192.0.2.1,,myproc[8710],- %% It's time to make the do-nuts.
+#Example from RFC5424, section 6.5 / sample 2
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-3.parse1 b/tests/testruns/rfc5424-3.parse1
new file mode 100644
index 00000000..6ad4073d
--- /dev/null
+++ b/tests/testruns/rfc5424-3.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource= "Application" eventID="1011"][examplePriority@32473 class="high"]
+165,local4,notice,Oct 11 22:14:15,mymachine.example.com,,evntslog,
+#Example from RFC5424, section 6.5 / sample 4
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-4.parse1 b/tests/testruns/rfc5424-4.parse1
new file mode 100644
index 00000000..ecf27e14
--- /dev/null
+++ b/tests/testruns/rfc5424-4.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource= "Application" eventID="1011"] BOMAn application event log entry...
+165,local4,notice,Oct 11 22:14:15,mymachine.example.com,,evntslog,BOMAn application event log entry...
+#Example from RFC5424, section 6.5 / sample 3
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tools/syslogd.c b/tools/syslogd.c
index a2aead9a..c72160fb 100644
--- a/tools/syslogd.c
+++ b/tools/syslogd.c
@@ -3324,7 +3324,7 @@ int realMain(int argc, char **argv)
 	 * only when actually neeeded. 
 	 * rgerhards, 2008-04-04
 	 */
-	while((ch = getopt(argc, argv, "46a:Ac:def:g:hi:l:m:M:nN:op:qQr::s:t:u:vwx")) != EOF) {
+	while((ch = getopt(argc, argv, "46a:Ac:def:g:hi:l:m:M:nN:op:qQr::s:t:T:u:vwx")) != EOF) {
 		switch((char)ch) {
                 case '4':
                 case '6':
@@ -3342,6 +3342,7 @@ int realMain(int argc, char **argv)
 		case 'q': /* add hostname if DNS resolving has failed */
 		case 'Q': /* dont resolve hostnames in ACL to IPs */
 		case 's':
+		case 'T': /* chroot on startup (primarily for testing) */
 		case 'u': /* misc user settings */
 		case 'w': /* disable disallowed host warnings */
 		case 'x': /* disable dns for remote messages */
@@ -3586,6 +3587,20 @@ int realMain(int argc, char **argv)
 			} else
 				fprintf(stderr,	"-t option only supported in compatibility modes 0 to 2 - ignored\n");
 			break;
+		case 'T':/* chroot() immediately at program startup, but only for testing, NOT security yet */
+{
+char buf[1024];
+getcwd(buf, 1024);
+printf("pwd: '%s'\n", buf);
+printf("chroot to '%s'\n", arg);
+			if(chroot(arg) != 0) {
+				perror("chroot");
+				exit(1);
+			}
+getcwd(buf, 1024);
+printf("pwd: '%s'\n", buf);
+}
+			break;
 		case 'u':		/* misc user settings */
 			iHelperUOpt = atoi(arg);
 			if(iHelperUOpt & 0x01)