1 .\" Copyright (c) 1985, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" @(#)syslog.3 8.1 (Berkeley) 6/4/93
40 .Nd control system log
46 .Fn syslog "int priority" "const char *message" "..."
48 .Fn openlog "const char *ident" "int logopt" "int facility"
52 .Fn setlogmask "int maskpri"
56 .Fn vsyslog "int priority" "const char *message" "va_list args"
63 to the system message logger.
64 The message is then written to the system console, log files,
65 logged-in users, or forwarded to other machines as appropriate.
69 The message is identical to a
71 format string, except that
73 is replaced by the current error
75 (As denoted by the global variable
79 A trailing newline is added if none is present.
84 is an alternate form in which the arguments have already been captured
85 using the variable-length argument facilities of
88 The message is tagged with
90 Priorities are encoded as a
94 The facility describes the part of the system
95 generating the message.
96 The level is selected from the following
99 .Bl -tag -width LOG_AUTHPRIV
102 This is normally broadcast to all users.
104 A condition that should be corrected immediately, such as a corrupted
107 Critical conditions, e.g., hard device errors.
113 Conditions that are not error conditions,
114 but should possibly be handled specially.
116 Informational messages.
118 Messages that contain information
119 normally of use only when debugging a program.
125 provides for more specialized processing of the messages sent
133 is a string that will be prepended to every message.
134 It may be formatted as
136 in which case decimal number
138 replaces the process id within messages.
142 is a bit field specifying logging options, which is formed by
144 one or more of the following values:
145 .Bl -tag -width LOG_AUTHPRIV
149 cannot pass the message to
151 it will attempt to write the message to the console
152 .Pq Dq Pa /dev/console .
154 Open the connection to
157 Normally the open is delayed until the first message is logged.
158 Useful for programs that need to manage the order in which file
159 descriptors are allocated.
161 Write the message to standard error output as well to the system log.
163 Log the process id with each message: useful for identifying
164 instantiations of daemons.
167 this option is enabled by default and cannot be disabled.
172 argument encodes a default facility to be assigned to all messages
173 that do not have an explicit facility encoded:
174 .Bl -tag -width LOG_AUTHPRIV
176 The authorization system:
184 but logged to a file readable only by
185 selected individuals.
189 by the kernel console output driver.
194 System daemons, such as
196 that are not provided for explicitly by other facilities.
198 The file transfer protocol daemons:
202 Messages generated by the kernel.
203 These cannot be generated by any user processes.
205 The line printer spooling system:
213 The network news system.
215 The network time protocol system.
217 Security subsystems, such as
220 Messages generated internally by
223 Messages generated by random user processes.
224 This is the default facility identifier if none is specified.
228 Reserved for local use.
238 can be used to close the log file.
243 sets the log priority mask to
245 and returns the previous mask.
248 with a priority not set in
251 The mask for an individual priority
253 is calculated by the macro
255 the mask for all priorities up to and including
257 is given by the macro
258 .Fn LOG_UPTO toppri ; .
259 The default allows all priorities to be logged.
271 always returns the previous log mask level.
273 .Bd -literal -offset indent -compact
274 syslog(LOG_ALERT, "who: internal error 23");
276 openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
278 setlogmask(LOG_UPTO(LOG_ERR));
280 syslog(LOG_INFO, "Connection from host %d", CallingHost);
282 syslog(LOG_ERR|LOG_LOCAL2, "foobar error: %m");
289 functions appeared in
292 Never pass a string with user-supplied data as a format without using
294 An attacker can put format specifiers in the string to mangle your stack,
295 leading to a possible security hole.
296 This holds true even if the string was built using a function like
298 as the resulting string may still contain user-supplied conversion specifiers
299 for later interpolation by
302 Always use the proper secure idiom:
304 .Dl syslog(priority, \*q%s\*q, string);