1 .\" Copyright (c) 1985, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 .Nd control system log
43 .Fn syslog "int priority" "const char *message" "..."
45 .Fn openlog "const char *ident" "int logopt" "int facility"
49 .Fn setlogmask "int maskpri"
53 .Fn vsyslog "int priority" "const char *message" "va_list args"
60 to the system message logger.
61 The message is then written to the system console, log files,
62 logged-in users, or forwarded to other machines as appropriate.
66 The message is identical to a
68 format string, except that
70 is replaced by the current error
72 (As denoted by the global variable
76 A trailing newline is added if none is present.
81 is an alternate form in which the arguments have already been captured
82 using the variable-length argument facilities of
85 The message is tagged with
87 Priorities are encoded as a
91 The facility describes the part of the system
92 generating the message.
93 The level is selected from the following
96 .Bl -tag -width LOG_AUTHPRIV
99 This is normally broadcast to all users.
101 A condition that should be corrected immediately, such as a corrupted
104 Critical conditions, e.g., hard device errors.
110 Conditions that are not error conditions,
111 but should possibly be handled specially.
113 Informational messages.
115 Messages that contain information
116 normally of use only when debugging a program.
122 provides for more specialized processing of the messages sent
130 is a string that will be prepended to every message.
131 It may be formatted as
133 in which case decimal number
135 replaces the process id within messages.
139 is a bit field specifying logging options, which is formed by
141 one or more of the following values:
142 .Bl -tag -width LOG_AUTHPRIV
146 cannot pass the message to
148 it will attempt to write the message to the console
149 .Pq Dq Pa /dev/console .
151 Open the connection to
154 Normally the open is delayed until the first message is logged.
155 Useful for programs that need to manage the order in which file
156 descriptors are allocated.
158 Write the message to standard error output as well to the system log.
160 Log the process id with each message: useful for identifying
161 instantiations of daemons.
164 this option is enabled by default and cannot be disabled.
169 argument encodes a default facility to be assigned to all messages
170 that do not have an explicit facility encoded:
171 .Bl -tag -width LOG_AUTHPRIV
173 The authorization system:
181 but logged to a file readable only by
182 selected individuals.
186 by the kernel console output driver.
191 System daemons, such as
193 that are not provided for explicitly by other facilities.
195 The file transfer protocol daemons:
199 Messages generated by the kernel.
200 These cannot be generated by any user processes.
202 The line printer spooling system:
210 The network news system.
212 The network time protocol system.
214 Security subsystems, such as
217 Messages generated internally by
220 Messages generated by random user processes.
221 This is the default facility identifier if none is specified.
225 Reserved for local use.
235 can be used to close the log file.
240 sets the log priority mask to
242 and returns the previous mask.
245 with a priority not set in
248 The mask for an individual priority
250 is calculated by the macro
252 the mask for all priorities up to and including
254 is given by the macro
255 .Fn LOG_UPTO toppri ; .
256 The default allows all priorities to be logged.
268 always returns the previous log mask level.
270 .Bd -literal -offset indent -compact
271 syslog(LOG_ALERT, "who: internal error 23");
273 openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
275 setlogmask(LOG_UPTO(LOG_ERR));
277 syslog(LOG_INFO, "Connection from host %d", CallingHost);
279 syslog(LOG_ERR|LOG_LOCAL2, "foobar error: %m");
286 functions appeared in
289 Never pass a string with user-supplied data as a format without using
291 An attacker can put format specifiers in the string to mangle your stack,
292 leading to a possible security hole.
293 This holds true even if the string was built using a function like
295 as the resulting string may still contain user-supplied conversion specifiers
296 for later interpolation by
299 Always use the proper secure idiom:
301 .Dl syslog(priority, \*q%s\*q, string);