syslog, syslog_r, vsyslog, vsyslog_r, openlog, openlog_r,
closelog,
closelog_r, setlogmask, setlogmask_r - control system log
#include <syslog.h>
#include <stdarg.h>
void
syslog(int priority, const char *message, ...);
void
syslog_r(int priority, struct syslog_data *data, const char
*message,
...);
void
vsyslog(int priority, const char *message, va_list args);
void
vsyslog_r(int priority, struct syslog_data *data, const char
*message,
va_list args);
void
openlog(const char *ident, int logopt, int facility);
void
openlog_r(const char *ident, int logopt, int facility,
struct syslog_data *data);
void
closelog(void);
void
closelog_r(struct syslog_data *data);
int
setlogmask(int maskpri);
int
setlogmask_r(int maskpri, struct syslog_data *data);
struct syslog_data {
int log_file;
int connected;
int opened;
int log_stat;
const char *log_tag;
int log_fac;
int log_mask;
};
#define SYSLOG_DATA_INIT {-1, 0, 0, 0, NULL, LOG_USER, 0xff}
The syslog() function writes message to the system message
logger. The
message is then written to the system console, log files,
logged-in
users, or forwarded to other machines as appropriate (see
syslogd(8)).
The message is identical to a printf(3) format string, except that `%m'
is replaced by the current error message (as denoted by the
global variable
errno; see strerror(3)). A trailing newline is added
if none is
present.
The syslog_r() function is a reentrant version of the
syslog() function.
It takes a pointer to a syslog_data structure which is used
to store information.
This parameter must be initialized before
syslog_r() is
called. The SYSLOG_DATA_INIT constant is used for this purpose. The
syslog_data structure is composed of the following elements:
log_file contains the file descriptor of the file where
the message is
logged
connected indicates if connect has been done
opened indicates if openlog_r(3) has been called
log_stat status bits, set by openlog_r(3)
log_tag string to tag the entry with
log_fac facility code
log_mask mask of priorities to be logged
The vsyslog() function is an alternate form in which the arguments have
already been captured using the variable-length argument facilities of
varargs(3).
The message is tagged with priority. Priorities are encoded
as a
facility and a ``level''. The facility describes the part
of the system
generating the message. The level is selected from the following ordered
(high to low) list:
LOG_EMERG A panic condition. This is normally broadcast
to all
users.
LOG_ALERT A condition that should be corrected immediately, such as a
corrupted system database.
LOG_CRIT Critical conditions, e.g., hard device errors.
LOG_ERR Errors.
LOG_WARNING Warning messages.
LOG_NOTICE Conditions that are not error conditions, but
should possibly
be handled specially.
LOG_INFO Informational messages.
LOG_DEBUG Messages that contain information normally of
use only when
debugging a program.
The vsyslog_r() is used the same way as vsyslog() except
that it takes an
additional pointer on a syslog_data structure. It is a
reentrant version
of the vsyslog() function described above.
The openlog() function provides for more specialized processing of the
messages sent by syslog() and vsyslog(). The parameter
ident is a string
that will be prepended to every message. The logopt argument is a bit
field specifying logging options, which is formed by OR'ing
one or more
of the following values:
LOG_CONS If syslog() cannot pass the message to syslogd(8) it will
attempt to write the message to the console
(/dev/console).
LOG_NDELAY Open the connection to syslogd(8) immediately.
Normally
the open is delayed until the first message is
logged.
Useful for programs that need to manage the
order in which
file descriptors are allocated. This option
must be used
in programs that call chroot(2) where the new
root does not
have its own log socket.
LOG_PERROR Write the message to standard error output as
well to the
system log.
LOG_PID Log the process ID with each message; useful
for identifying
instantiations of daemons.
The facility parameter encodes a default facility to be assigned to all
messages that do not have an explicit facility encoded:
LOG_AUTH The authorization system: login(1), su(1),
getty(8), etc.
LOG_AUTHPRIV The same as LOG_AUTH, but logged to a file
readable only by
selected individuals.
LOG_CRON The cron daemon, cron(8).
LOG_DAEMON System daemons, such as routed(8), that are
not provided
for explicitly by other facilities.
LOG_FTP The file transfer protocol daemon, ftpd(8).
LOG_KERN Messages generated by the kernel. These cannot be generated
by any user processes.
LOG_LPR The line printer spooling system: lpr(1),
lpc(8), lpd(8),
etc.
LOG_MAIL The mail system.
LOG_NEWS The network news system.
LOG_SYSLOG Messages generated internally by syslogd(8).
LOG_USER Messages generated by random user processes.
This is the
default facility identifier if none is specified.
LOG_UUCP The UUCP system.
LOG_LOCAL0 Reserved for local use. Similarly for LOG_LOCAL1 through
LOG_LOCAL7.
The openlog_r() function is the reentrant version of the
openlog() function.
It takes an additional pointer on a syslog_data
structure. This
function must be used in conjunction with the other reentrant functions.
The closelog() function can be used to close the log file.
closelog_r()
do the same thing but in a reentrant way and takes an additional pointer
on a syslog_data structure.
The setlogmask() function sets the log priority mask to
maskpri and returns
the previous mask. Calls to syslog() with a priority
not set in
maskpri are rejected. The mask for an individual priority
pri is calculated
by the macro LOG_MASK(pri); the mask for all priorities up to and
including toppri is given by the macro LOG_UPTO(toppri).
The default allows
all priorities to be logged.
The setlogmask_r() function is the reentrant version of
setlogmask(). It
takes an additional pointer on a syslog_data structure.
The closelog(), closelog_r(), openlog(), openlog_r(),
syslog(),
syslog_r(), vsyslog() and vsyslog_r() functions return no
value.
The routines setlogmask() and setlogmask_r() always return
the previous
log mask level.
syslog(LOG_ALERT, "who: internal error 23");
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
setlogmask(LOG_UPTO(LOG_ERR));
syslog(LOG_INFO, "Connection from host %d", CallingHost);
syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
For the reentrant functions:
struct syslog_data sdata = SYSLOG_DATA_INIT;
syslog_r(LOG_INFO|LOG_LOCAL2, &sdata, "foobar error:
%m");
logger(1), syslogd(8)
These functions appeared in 4.2BSD. The reentrant functions
appeared in
OpenBSD 3.1.
It is important never to pass a string with user-supplied
data as a format
without using `%s'. An attacker can put format specifiers in the
string to mangle your stack, leading to a possible security
hole. This
holds true even if you have built the string ``by hand'' using a function
like snprintf(), as the resulting string may still contain
user-supplied
conversion specifiers for later interpolation by syslog().
Always be sure to use the proper secure idiom:
syslog(priority, "%s", string);
syslog_r() and the other reentrant functions should only be
used where
reentrancy is required (for instance in a signal handler).
syslog() being
not reentrant, only syslog_r() should be used here. For
more information
about reentrancy and signal handlers, see signal(3).
OpenBSD 3.6 June 4, 1993
[ Back ] |
