mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
Syslogd normally converts messages of facility kern to facility
user unless they come directly from the kernel. Document this and add a flag to syslogd which prevents this conversion. Sort getopt args while I'm at it. PR: 21788 Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
This commit is contained in:
parent
bcfe1db87d
commit
481a19023e
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=67249
@ -391,6 +391,19 @@ auth.* |exec /usr/local/sbin/authfilter
|
||||
# Log all security messages to a separate file.
|
||||
security.* /var/log/security
|
||||
.Ed
|
||||
.Sh IMPLEMENTATION NOTES
|
||||
The
|
||||
.Dq kern
|
||||
facility is usually reserved for messages
|
||||
generated by the local kernel.
|
||||
Other messages logged with facility
|
||||
.Dq kern
|
||||
are usually translated to facility
|
||||
.Dq user .
|
||||
This translation can be disabled,
|
||||
see
|
||||
.Xr syslogd 8
|
||||
for details.
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/syslog.conf -compact
|
||||
.It Pa /etc/syslog.conf
|
||||
|
@ -40,7 +40,7 @@
|
||||
.Nd log systems messages
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl dnsuv
|
||||
.Op Fl dknsuv
|
||||
.Op Fl a Ar allowed_peer
|
||||
.Op Fl f Ar config_file
|
||||
.Op Fl m Ar mark_interval
|
||||
@ -112,6 +112,16 @@ into debugging mode. This is probably only of use to developers working on
|
||||
Specify the pathname of an alternate configuration file;
|
||||
the default is
|
||||
.Pa /etc/syslog.conf .
|
||||
.It Fl k
|
||||
Disable the translation of
|
||||
messages received with facility
|
||||
.Dq kern
|
||||
to facility
|
||||
.Dq user .
|
||||
Usually the
|
||||
.Dq kern
|
||||
facility is reserved for messages read directly from
|
||||
.Pa /dev/klog .
|
||||
.It Fl m
|
||||
Select the number of minutes between
|
||||
.Dq mark
|
||||
|
@ -269,6 +269,7 @@ int NumAllowed = 0; /* # of AllowedPeer entries */
|
||||
int UniquePriority = 0; /* Only log specified priority? */
|
||||
int LogFacPri = 0; /* Put facility and priority in log message: */
|
||||
/* 0=no, 1=numeric, 2=names */
|
||||
int KeepKernFac = 0; /* Keep remotely logged kernel facility */
|
||||
|
||||
int allowaddr __P((char *));
|
||||
void cfline __P((char *, struct filed *, char *, char *));
|
||||
@ -311,7 +312,7 @@ main(argc, argv)
|
||||
pid_t ppid = 1;
|
||||
socklen_t len;
|
||||
|
||||
while ((ch = getopt(argc, argv, "a:dl:f:m:p:nsuv")) != -1)
|
||||
while ((ch = getopt(argc, argv, "a:df:kl:m:np:suv")) != -1)
|
||||
switch (ch) {
|
||||
case 'a': /* allow specific network addresses only */
|
||||
if (allowaddr(optarg) == -1)
|
||||
@ -323,6 +324,9 @@ main(argc, argv)
|
||||
case 'f': /* configuration file */
|
||||
ConfFile = optarg;
|
||||
break;
|
||||
case 'k': /* keep remote kern fac */
|
||||
KeepKernFac = 1;
|
||||
break;
|
||||
case 'l':
|
||||
if (nfunix < MAXFUNIX)
|
||||
funixn[nfunix++] = optarg;
|
||||
@ -580,7 +584,7 @@ printline(hname, msg)
|
||||
pri = DEFUPRI;
|
||||
|
||||
/* don't allow users to log kernel messages */
|
||||
if (LOG_FAC(pri) == LOG_KERN)
|
||||
if (LOG_FAC(pri) == LOG_KERN && !KeepKernFac)
|
||||
pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
|
||||
|
||||
q = line;
|
||||
|
Loading…
Reference in New Issue
Block a user