1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
|
.\" $OpenBSD: syslog.3,v 1.26 2006/10/26 13:52:06 jmc Exp $
.\"
.\" Copyright (c) 1985, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd June 4, 1993
.Dt SYSLOG 3
.Os
.Sh NAME
.Nm syslog ,
.Nm syslog_r ,
.Nm vsyslog ,
.Nm vsyslog_r ,
.Nm openlog ,
.Nm openlog_r ,
.Nm closelog ,
.Nm closelog_r ,
.Nm setlogmask ,
.Nm setlogmask_r
.Nd control system log
.Sh SYNOPSIS
.Fd #include <syslog.h>
.Fd #include <stdarg.h>
.Ft void
.Fn syslog "int priority" "const char *message" "..."
.Ft void
.Fn syslog_r "int priority" "struct syslog_data *data" "const char *message" "..."
.Ft void
.Fn vsyslog "int priority" "const char *message" "va_list args"
.Ft void
.Fn vsyslog_r "int priority" "struct syslog_data *data" "const char *message" "va_list args"
.Ft void
.Fn openlog "const char *ident" "int logopt" "int facility"
.Ft void
.Fn openlog_r "const char *ident" "int logopt" "int facility" "struct syslog_data *data"
.Ft void
.Fn closelog void
.Ft void
.Fn closelog_r "struct syslog_data *data"
.Ft int
.Fn setlogmask "int maskpri"
.Ft int
.Fn setlogmask_r "int maskpri" "struct syslog_data *data"
.Bd -literal
struct syslog_data {
int log_file;
int connected;
int opened;
int log_stat;
const char *log_tag;
int log_fac;
int log_mask;
};
#define SYSLOG_DATA_INIT {-1, 0, 0, 0, NULL, LOG_USER, 0xff}
.Ed
.Sh DESCRIPTION
The
.Fn syslog
function writes
.Fa message
to the system message logger.
The message is then written to the system console, log files,
logged-in users, or forwarded to other machines as appropriate (see
.Xr syslogd 8 ) .
.Pp
The message is identical to a
.Xr printf 3
format string, except that
.Ql %m
is replaced by the current error
message (as denoted by the global variable
.Va errno ;
see
.Xr strerror 3 ) .
A trailing newline is added if none is present.
.Pp
The
.Fn syslog_r
function is a reentrant version of the
.Fn syslog
function.
It takes a pointer to a
.Fa syslog_data
structure which is used to store
information.
This parameter must be initialized before
.Fn syslog_r
is called.
The
.Dv SYSLOG_DATA_INIT
constant is used for this purpose.
The
.Fa syslog_data
structure is composed of the following elements:
.Bl -tag -width connected
.It Dv log_file
contains the file descriptor of the file where the message is logged
.It Dv connected
indicates if connect has been done
.It Dv opened
indicates if
.Fn openlog_r
has been called
.It Dv log_stat
status bits, set by
.Fn openlog_r
.It Dv log_tag
string to tag the entry with
.It Dv log_fac
facility code
.It Dv log_mask
mask of priorities to be logged
.El
.Pp
The
.Fn vsyslog
function is an alternate form in which the arguments have already been captured
using the variable-length argument facilities of
.Xr varargs 3 .
.Pp
The message is tagged with
.Fa priority .
Priorities are encoded as a
.Fa facility
and a
.Dq level .
The facility describes the part of the system
generating the message.
The level is selected from the following
.Em ordered
(high to low) list:
.Bl -tag -width LOG_AUTHPRIV
.It Dv LOG_EMERG
A panic condition.
This is normally broadcast to all users.
.It Dv LOG_ALERT
A condition that should be corrected immediately, such as a corrupted
system database.
.It Dv LOG_CRIT
Critical conditions, e.g., hard device errors.
.It Dv LOG_ERR
Errors.
.It Dv LOG_WARNING
Warning messages.
.It Dv LOG_NOTICE
Conditions that are not error conditions,
but should possibly be handled specially.
.It Dv LOG_INFO
Informational messages.
.It Dv LOG_DEBUG
Messages that contain information
normally of use only when debugging a program.
.El
.Pp
The
.Fn vsyslog_r
is used the same way as
.Fn vsyslog
except that it takes an additional pointer to a
.Fa syslog_data
structure.
It is a reentrant version of the
.Fn vsyslog
function described above.
.Pp
The
.Fn openlog
function provides for more specialized processing of the messages sent by
.Fn syslog
and
.Fn vsyslog .
The parameter
.Fa ident
is a string that will be prepended to every message.
The
.Fa logopt
argument
is a bit field specifying logging options, which is formed by
.Tn OR Ns 'ing
one or more of the following values:
.Bl -tag -width LOG_AUTHPRIV
.It Dv LOG_CONS
If
.Fn syslog
cannot pass the message to
.Xr syslogd 8
it will attempt to write the message to the console
.Pq Pa /dev/console .
.It Dv LOG_NDELAY
Open the connection to
.Xr syslogd 8
immediately.
Normally the open is delayed until the first message is logged.
Useful for programs that need to manage the order in which file
descriptors are allocated.
This option must be used in programs that call
.Xr chroot 2
where the new root does not have its own log socket.
.It Dv LOG_PERROR
Write the message to standard error output as well as to the system log.
.It Dv LOG_PID
Log the process ID with each message; useful for identifying
instantiations of daemons.
.El
.Pp
The
.Fa facility
parameter encodes a default facility to be assigned to all messages
that do not have an explicit facility encoded:
.Bl -tag -width LOG_AUTHPRIV
.It Dv LOG_AUTH
The authorization system:
.Xr login 1 ,
.Xr su 1 ,
.Xr getty 8 ,
etc.
.It Dv LOG_AUTHPRIV
The same as
.Dv LOG_AUTH ,
but logged to a file readable only by
selected individuals.
.It Dv LOG_CRON
The cron daemon,
.Xr cron 8 .
.It Dv LOG_DAEMON
System daemons, such as
.Xr routed 8 ,
that are not provided for explicitly by other facilities.
.It Dv LOG_FTP
The file transfer protocol daemon,
.Xr ftpd 8 .
.It Dv LOG_KERN
Messages generated by the kernel.
These cannot be generated by any user processes.
.It Dv LOG_LPR
The line printer spooling system:
.Xr lpr 1 ,
.Xr lpc 8 ,
.Xr lpd 8 ,
etc.
.It Dv LOG_MAIL
The mail system.
.It Dv LOG_NEWS
The network news system.
.It Dv LOG_SYSLOG
Messages generated internally by
.Xr syslogd 8 .
.It Dv LOG_USER
Messages generated by random user processes.
This is the default facility identifier if none is specified.
.It Dv LOG_UUCP
The
.Tn UUCP
system.
.It Dv LOG_LOCAL0
Reserved for local use.
Similarly for
.Dv LOG_LOCAL1
through
.Dv LOG_LOCAL7 .
.El
.Pp
The
.Fn openlog_r
function is the reentrant version of the
.Fn openlog
function.
It takes an additional pointer to a
.Fa syslog_data
structure.
This function must be used in conjunction with the other
reentrant functions.
.Pp
The
.Fn closelog
function can be used to close the log file.
.Fn closelog_r
does the same thing but in a reentrant way and takes an additional
pointer to a
.Fa syslog_data
structure.
.Pp
The
.Fn setlogmask
function sets the log priority mask to
.Fa maskpri
and returns the previous mask.
Calls to
.Fn syslog
with a priority not set in
.Fa maskpri
are rejected.
The mask for an individual priority
.Fa pri
is calculated by the macro
.Fn LOG_MASK pri ;
the mask for all priorities up to and including
.Fa toppri
is given by the macro
.Fn LOG_UPTO toppri .
The default allows all priorities to be logged.
.Pp
The
.Fn setlogmask_r
function is the reentrant version of
.Fn setlogmask .
It takes an additional pointer to a
.Fa syslog_data
structure.
.Sh RETURN VALUES
The
.Fn closelog ,
.Fn closelog_r ,
.Fn openlog ,
.Fn openlog_r ,
.Fn syslog ,
.Fn syslog_r ,
.Fn vsyslog ,
and
.Fn vsyslog_r
functions return no value.
.Pp
The routines
.Fn setlogmask
and
.Fn setlogmask_r
always return the previous log mask level.
.Sh EXAMPLES
.Bd -literal -offset indent
syslog(LOG_ALERT, "who: internal error 23");
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
setlogmask(LOG_UPTO(LOG_ERR));
syslog(LOG_INFO, "Connection from host %d", CallingHost);
syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
.Ed
.Pp
For the reentrant functions:
.Bd -literal -offset indent
struct syslog_data sdata = SYSLOG_DATA_INIT;
syslog_r(LOG_INFO|LOG_LOCAL2, &sdata, "foobar error: %m");
.Ed
.Sh SEE ALSO
.Xr logger 1 ,
.Xr syslogd 8
.Sh HISTORY
These
functions appeared in
.Bx 4.2 .
The reentrant functions appeared in
.Ox 3.1 .
.Sh CAVEATS
It is important never to pass a string with user-supplied data as a
format without using
.Ql %s .
An attacker can put format specifiers in the string to mangle the stack,
leading to a possible security hole.
This holds true even if the string has been built
.Dq by hand
using a function like
.Fn snprintf ,
as the resulting string may still contain user-supplied conversion specifiers
for later interpolation by
.Fn syslog .
.Pp
Always be sure to use the proper secure idiom:
.Bd -literal -offset indent
syslog(priority, "%s", string);
.Ed
.Pp
.Fn syslog_r
and the other reentrant functions should only be used where
reentrancy is required (for instance, in a signal handler).
.Fn syslog
being not reentrant, only
.Fn syslog_r
should be used here.
For more information about reentrancy and signal handlers, see
.Xr signal 3 .
|