Parent Directory
| 
Revision Log
| Links to HEAD: | (view) (download) (annotate) |
| Sticky Revision: |
Document that syslogd -v has no effect when RFC 5424 mode is enabled. The variable it sets, LogFacPri, is only used in the RFC 3164 formatting codepath. PR: 229457 Reported by: Andre Albsmeier MFC after: 1 week
Use proper alphabetic sorting of options.
Add RFC 5424 syslog message output to syslogd. - Move all of the code responsible for transmitting log messages into a separate function, fprintlog_write(). - Instead of manually modifying a list of iovecs, add a structure iovlist with some helper functions. - Alter the F_FORW (UDP message forwarding) case to also use iovecs like the other cases. Use sendmsg() instead of sendto(). - In the case of F_FORW, truncate the message to a size dependent on the address family (AF_INET, AF_INET6), as proposed by RFC 5426. - Move all traditional message formatting into fprintlog_bsd(). Get rid of some of the string copying and snprintf()'ing. Simply emit more iovecs to get the job done. - Increase ttymsg()'s limit of 7 iovecs to 32. Add a definition for this limit, so it can be reused by iovlist. - Add fprintlog_rfc5424() to emit RFC 5424 formatted log entries. - Add a "-O" command line option to enable RFC 5424 formatting. It would have been nicer if we supported "-o rfc5424", just like on NetBSD. Unfortunately, the "-o" flag is already used for a different purpose on FreeBSD. - Don't truncate hostnames in the RFC 5424 case, as suggested by that specific RFC. For people interested in using this, this feature can be enabled by adding the following line to /etc/rc.conf: syslogd_flags="-s -O rfc5424" Differential Revision: https://reviews.freebsd.org/D15011
When parsing remote messages, require them to have standard timestamp field, and support properly parse out the hostname as described by RFC3164, which wasn't done before. However, don't discard message if it doesn't have hostname, for compatibility. Enable logging of the message supplied hostname instead of real hostname with -H switch. PR: 200933 Reported by: Konstantin Pavlov <thresh nginx.com> MFC after: 2 months
Correct nuance of -a :service -> "*" in r314563, r314585 My attempt to correct the sender/receiver behavior was incorrect. The source port of the sender for forwarded datagrams is filtered with -a, and my change in r314585 didn't clarify that point at all. Wording is based on suggestion by hrs. MFC after: 28 days X-MFC with: r314563, r314585 Reported by: hrs In collaboration with: hrs, rgrimes Sponsored by: Dell EMC Isilon
Correct verb change for service => `*` after r314563 `*` means that packets will be received from a remote peer on any port. Since the point of interest is the syslogd instance (not the remote peer), the appropriate verb is "received", not "sent". MFC after: 1 month X-MFC with: r314563 Sponsored by: Dell EMC Isilon
Wordsmith syslogd(8) - Clarify -p/-S options by using appropriate subject-verb modifiers (verb and modifiers suggested that the subject should have been singular). - Simplify/correct -a description: -- Be more terse when describing IPv4 (the "usual dotted notation" isn't necessarily well understood by the reader). Being blunt and saying "IPv4 address" with an optional netmask is. -- prefixlen is the appropriate terminology for IPv6. -- mask/prefixlen is optional, not required (as noted later on in the section). -- split up IPv4/IPv6 use so to clarify both forms. -- Fix wordiness when describing the optional "service" specifier. - -T: Use "cannot" instead of "can't" [*]. Bump .Dd for the changes. MFC after: 1 month Reported by: igor [*] Reviewed by: hrs Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D9855
Renumber copyright clause 4 Renumber cluase 4 to 3, per what everybody else did when BSD granted them permission to remove clause 3. My insistance on keeping the same numbering for legal reasons is too pedantic, so give up on that point. Submitted by: Jan Schaumann <jschauma@stevens.edu> Pull Request: https://github.com/freebsd/freebsd/pull/96
mdoc and style fixes.
- Use fnmatch(3) for domanname matching of -a options. - Document the patten matching. - Document -S flag in SYNOPSIS.
Escape punctuation characters.
syslogd: support multiple -b options. It's now possible to bind multiple sockets to different IP addresses. PR: 159305 Submitted by: Kurt Lidl <lidl pix.net> Sponsored by: Pi-Coral, Inc.
Update .Dd, sync usage() for -F. Missed in previous change.
Add and document an option to cause syslogd to run in the foreground. This allows a separate process to monitor when and how syslogd exits. That process can then restart syslogd if needed. Differential Revision: https://reviews.freebsd.org/D1985 Submitted by: Ravi Pokala Reviewed by: allanjude (man page)
Minor spelling fixes.
Update man page to present -T argument in synopsis MFC with r183347 MFC after: 0 days
Add a new option, -N to disable the default and recommended syslogd(8) behavior, which binds to the well known UDP port. This option implies -s. MFC after: 2 months
syslogd(8) already supports *sending* log messages to non- standard ports, but it can't *receive* them (port 514 is hardcoded). This commit adds that missing feature. (NB: I actually needed this feature for a server farm where multiple jails run with shared IP addresses, and every jail should have its own syslogd process.) As a side effect, syslogd now compiles with WARNS=6. Approved by: des (mentor) MFC after: 3 weeks
Use "allowed_peer" throughout this manual page.
Add a flag, -T, that tells syslogd to always replace the timestamp on messages from the network. We already replace malformatted timestamps and this option lets us replace timestamps that are correctly formatted but wrong. PR: 120891 Submitted by: Thomas Vogt <thomas@bsdunix.ch> MFC after: 1 week
Add a -8 switch to syslogd to prevent it from mangling 8-bit data.
By default (for security reasons) syslogd(8) doesn't create log files when they don't exist, but sometimes its quite useful (eg. we use non-standard log files and memory backed /var/, which is populated on boot). Add -C option which tells syslogd(8) to create log files if they don't exist. Glanced at by: phk MFC after: 3 days
Add -S option which allows to change the pathname of the privileged socket /var/run/logpriv. Reviewed by: glebius and kensmith MFC after: 2 days
Expand *n't contractions.
Scheduled mdoc(7) sweep.
s/priveleged/privileged/
Bump document date. Noticed by: trhodes Pointy hat: kensmith MFC after: 1 week
Add newsyslog(8) to the "See Also" section. MFC after: 1 week
Protect against local flooder of /var/run/log. Do not loop forever in syslog(3) if we are a priveleged program (sshd, su, etc.). - Make syslogd open an additional socket /var/run/logpriv, with 0600 permissions. - In libc, try to use this socket. - Do not loop forever if we are using this socket (partial backout of 1.31) Reviewed by: dwmalone, Andrea Campi <andrea webcom it> Approved by: julian (mentor) MFC after: 1 month
- Use stailqueue for sockets instead of socket buffer. Thus remove limit for 20 sockets. - Add possibility to specify file mode for sockets created with '-l'. - Check that socket name in '-l' is absolute. Reviewed by: dwmalone, Andrea Campi <andrea webcom it> Approved by: julian (mentor)
Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software (with permission of addtional copyright holders where appropriate)
Mechanically kill hard sentence breaks.
mdoc(7): Use the new feature of the .In macro.
Uniformly refer to a file system as "file system". Approved by: re
mdoc(7) police: markup fixes. Approved by: re
Add -c option to synopsis. Sort it alphabetically, too.
The .Nm utility
mdoc(7) police: add missing markup bit.
Add a new flag '-c' to disable repeated line compression when the output is a pipe to another program, or, if specified twice, in all cases. PR: bin/32420
mdoc(7) police: markup nits.
Make the default kernel prefix "kernel:" instead of the boot file,
with the old behavior available via the -o option (it might still be
useful if one has many kernels and cares which messages came from
which). If the boot file is not used as the prefix, it is still
logged once at startup.
This change is prompted by the fact that the boot file is now much
longer ("/boot/kernel/kernel" vs. "/kernel"), which significanlty
bloats the syslogd output.
Reviewed by: peter
Introduce a -b option that allows the user to specify which address to bind to. This is useful for hosts running jails that need syslog to maintain an open socket to log to a remote host. Reviewed by: sheldonh
Don't make it sound like -A is turning on the default behavior.
Document the fact that syslogd(8) requires logs files to be created before it will start logging to them. PR: 27088 Approved by: des MFC after: 10 days
Remove whitespace at EOL.
mdoc(7) police: removed HISTORY info from the .Os call.
Note that -a is ignored if -s is also specified.
mdoc(7) police: uppercase abbreviations in revision 1.34.
Add the ability to specify alternate PID file for syslogd. PR: 25784 Submitted by: Jon Villarreal <jonv@ivmg.net> Reviewed by: iedowse
Prepare for mdocNG.
mdoc(7) police: split punctuation characters + misc fixes.
Prepare for mdoc(7)NG.
mdoc(7) police: document IPv6 options in the SYNOPSIS.
IPv6 support for syslogd. Reviewed by: freebsd-current Obtained from: NetBSD
mdoc(7) police: use the new features of the Nm macro.
Syslogd normally converts messages of facility kern to facility user unless they come directly from the kernel. Document this and add a flag to syslogd which prevents this conversion. Sort getopt args while I'm at it. PR: 21788 Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
Fix spelling of comparison.
Add forgotten -n option to SYNOPSIS section Submitted by: Reinier Bezuidenhout <rbezuide@oskar.nanoteq.co.za>
Change option -r to -n inline with conventions we use elsewhere. I guess it serves me right for using a patch directly from Jan Koum. :) Requested by: many
Add option 'r' to syslogd which will disable dns queries for every request. This is useful when you have a large site pointed at a single syslog server. Submitted by: Jan Koum <jkb@yahoo-inc.com>
Remove single-space hard sentence breaks. These degrade the quality of the typeset output, tend to make diffs harder to read and provide bad examples for new-comers to mdoc.
s|/dev/log|/var/run/log|
Add section number to .Xr. Use .Pa for filenames. fprintf -> warnx.
Reflect the change in secure mode semantics, and document fascist mode properly.
$Id$ -> $FreeBSD$
Implement fascist mode (do not open a datagram socket at all).
Add -u, -v and -vv options to syslogd, this improves the control and logging verbosity about facility & priority levels. PR: 7278 Reviewed by: phk Submitted by: Harlan Stenn <Harlan.Stenn@pfcs.com>
Implement new argument -l (OpenBSD has -a but we already use that). This allows one to specify additional sockets in the unix domain that syslogd listens to. Its primary use is to create log sockets in chroot environments. Obtained from:OpenBSD (with a bug fixed d
Augment the last change after some deliberation with rgrimes & peter. It is important that we keep the ability to send packets to a remote server and that the packets come from our well-known port, also in that case. Reviewed by: peter, rgrimes.
Cosmetic in usage string.
Use snprintf() instead of sprintf() most of the time. Obtained from: OpenBSD Make usage() consistent with man page.
Nobody ever seemed to be interested in reviewing these changes, and i found that my syslogd is now running them for several months... Add an option to syslogd to restrict the IP addresses that are allowed to log to this syslogd. It's too late to develop the inter-syslogd communications protocol mentioned in the BUGS section, some 10 years too late. Thus, restricting the IP address range is about the most effective change we can do if we want to allow incoming syslog messages at all. IMHO, we should encourage the system administrators to use this option, and thus provide a knob in /etc/rc.* for it, defaulting to -a 127.0.0.1/32 (just as a hint about the usage). Please state opinions about whether to merge this change into 2.2 or not (i've got it running on RELENG_2_2 anyway).
add an Id line, minor mdoc fix ups add ftp to list of facilities in syslog.conf Closes PR#3389 Submitted-by: Pius Fischer
Secure mode (-s) incorrectly disabled both sending and receiving of syslog packets over UDP. Secure boxes should still be able to send packets.
Revert $FreeBSD$ to $Id$
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
Back out the entire change from rev 1.11 of syslogd.c. It was bogus. Correct the man page to reflect the new reality.
Reviewed by: various (mailing list feedback) Submitted by: whistle communications move the socket from /dev to /var/run by default TRANSITIONALLY make syslog add a symlink.. I PROMISE I'll remove that as soon as I have the makefiles etc fixed as well.
Bring in some fixes from NetBSD and re-hack our syslogd to be option-compatible with theirs (change the -I option to -s (but leave -I in for backwards compat.) Also eliminate an make sane some magic numbers, and fix a small bug where we'd send to an unopened socket. Reviewed by: wollman Obtained from: NetBSD
Correct synopsis (-d, -I options were missing because -mdoc mistook the dI in `.Op Fl dI' for the name of an internal mdoc command).
Add a command-line option `-I' to disable logging from UDP. Document `-d' and `-I'. Add a BUGS section noting that logging from UDP is an unauthenticated remote disk-filling service, and probably should be disabled by default in the absence of some sort of authentication.
This commit was generated by cvs2svn to compensate for changes in r1553, which included commits to RCS files with non-trunk default branches.
BSD 4.4 Lite usr.sbin Sources
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| ViewVC Help | |
| Powered by ViewVC 1.1.27 |