1.\" $NetBSD: syslogd.8,v 1.37 2004/11/19 18:48:29 wiz Exp $ 2.\" 3.\" Copyright (c) 1983, 1986, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" from: @(#)syslogd.8 8.1 (Berkeley) 6/6/93 31.\" 32.Dd November 18, 2004 33.Dt SYSLOGD 8 34.Os 35.Sh NAME 36.Nm syslogd 37.Nd log systems messages 38.Sh SYNOPSIS 39.Nm 40.Op Fl dnrSsUv 41.Bk -words 42.Op Fl f Ar config_file 43.Ek 44.Bk -words 45.Op Fl g Ar group 46.Ek 47.Bk -words 48.Op Fl m Ar mark_interval 49.Ek 50.Bk -words 51.Op Fl P Ar file_list 52.Ek 53.Bk -words 54.Oo 55.Fl p Ar log_socket 56.Op Fl p Ar log_socket2 ... 57.Oc 58.Ek 59.Bk -words 60.Op Fl t Ar chroot_dir 61.Ek 62.Bk -words 63.Op Fl u Ar user 64.Ek 65.Sh DESCRIPTION 66.Nm 67reads and logs messages to the system console, log files, other 68machines and/or users as specified by its configuration file. 69The options are as follows: 70.Bl -tag -width 15n 71.It Fl d 72Enable debugging to the standard output, 73and do not disassociate from the controlling terminal. 74.It Fl f 75Specify the pathname of an alternative configuration file; 76the default is 77.Pa /etc/syslog.conf . 78.It Fl g Ar group 79Set GID to 80.Ar group 81after the sockets and log files have been opened. 82.It Fl m 83Select the number of minutes between ``mark'' messages; 84the default is 20 minutes. 85.It Fl n 86Do not perform hostname lookups; report only numeric addresses. 87.It Fl P 88Specify the pathname of a file containing a list of sockets to be 89created. 90The format of the file is simply one socket per line. 91.It Fl p 92Specify the pathname of a log socket. 93Multiple 94.Fl p 95options create multiple log sockets. 96If no 97.Fl p 98arguments are created, the default socket of 99.Pa /var/run/log 100is used. 101.It Fl r 102Disable the compression of repeated instances of the same line 103into a single line of the form 104.Dq last message repeated N times . 105.It Fl S 106Sync kernel messages to disk immediately. 107.It Fl s 108Select 109.Dq secure 110mode, in which 111.Nm 112does not listen on a UDP socket but only communicates over a 113.Ux 114domain socket. 115This is valuable when the machine on 116which 117.Nm 118runs is subject to attack over the network and it is desired 119that the machine be protected from attempts to remotely fill logs 120and similar attacks. 121.It Fl t Ar chroot_dir 122.Xr chroot 2 123to 124.Ar chroot_dir 125after the sockets and log files have been opened. 126.It Fl u Ar user 127Set UID to 128.Ar user 129after the sockets and log files have been opened. 130.It Fl U 131Unique priority logging. 132Only log messages at the priority specified by the selector in the 133configuration file. 134Without this option, messages at the specified priority or higher are 135logged. 136This option changes the default priority comparison from 137.Sq \*[Gt]= 138to 139.Sq = . 140.It Fl v 141Verbose logging. 142If specified once, the numeric facility and priority are logged with 143each locally-written message. 144If specified more than once, the names of the facility and priority are 145logged with each locally-written message. 146.El 147.Pp 148.Nm 149reads its configuration file when it starts up and whenever it 150receives a hangup signal. 151For information on the format of the configuration file, 152see 153.Xr syslog.conf 5 . 154.Pp 155.Nm 156reads messages from the 157.Ux 158domain socket 159.Pa /var/run/log , 160from an Internet domain socket specified in 161.Pa /etc/services , 162and from the special device 163.Pa /dev/klog 164(to read kernel messages). 165.Pp 166.Nm 167creates the file 168.Pa /var/run/syslogd.pid , 169and stores its process 170id there. 171This can be used to kill or reconfigure 172.Nm . 173.Pp 174By using multiple 175.Fl p 176options, one can set up many chroot environments by passing the pathname 177to the log socket 178.Pa ( /var/run/log ) 179in each chroot area to 180.Nm . 181For example: 182.Dl syslogd -p /var/run/log -p /web/var/run/log -p /ftp/var/run/log 183.Pp 184Note: the normal log socket must now also be passed to 185.Nm . 186.Pp 187The logged message includes the date, time, and hostname (or pathname of 188the log socket). 189Commonly, the program name and the process id is included. 190.Pp 191Accesses from UDP socket can be filtered by libwrap configuration files, like 192.Pa /etc/hosts.deny . 193Specify 194.Dq Li syslogd 195in 196.Ar daemon_list 197portion of the configuration files. 198Refer to 199.Xr hosts_access 5 200for details. 201.Ss SYSLOG PROTOCOL NOTES 202The message sent to 203.Nm 204should consist of a single line. 205The message can contain a priority code, which should be a preceding 206decimal number in angle braces, for example, 207.Sq Aq 5 . 208This priority code should map into the priorities defined in the 209include file 210.Aq Pa sys/syslog.h . 211.Pp 212Messages from the local kernel that are not tagged with a priority code 213receive the default facility 214.Dv LOG_KERN 215and priority 216.Dv LOG_NOTICE . 217All other untagged messages receive the default facility 218.Dv LOG_USER 219and priority 220.Dv LOT_NOTICE . 221.Sh FILES 222.Bl -tag -width /var/run/syslogd.pid -compact 223.It Pa /etc/syslog.conf 224The configuration file. 225.It Pa /var/run/syslogd.pid 226The process id of current 227.Nm . 228.It Pa /var/run/log 229Name of the 230.Ux 231domain datagram log socket. 232.It Pa /dev/klog 233The kernel log device. 234.El 235.Sh SEE ALSO 236.Xr logger 1 , 237.Xr syslog 3 , 238.Xr services 5 , 239.Xr syslog.conf 5 , 240.Xr newsyslog 8 241.Sh HISTORY 242The 243.Nm 244command appeared in 245.Bx 4.3 . 246Support for multiple log sockets appeared in 247.Nx 1.4 . 248libwrap support appeared in 249.Nx 1.6 . 250