1.\" $OpenBSD: syslog.3,v 1.15 2001/11/08 11:12:09 mpech Exp $ 2.\" 3.\" Copyright (c) 1985, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.Dd June 4, 1993 35.Dt SYSLOG 3 36.Os 37.Sh NAME 38.Nm syslog , 39.Nm syslog_r, 40.Nm vsyslog , 41.Nm vsyslog_r, 42.Nm openlog , 43.Nm openlog_r, 44.Nm closelog , 45.Nm closelog_r, 46.Nm setlogmask, 47.Nm setlogmask_r 48.Nd control system log 49.Sh SYNOPSIS 50.Fd #include <syslog.h> 51.Fd #include <stdarg.h> 52.Ft void 53.Fn syslog "int priority" "const char *message" "..." 54.Ft void 55.Fn syslog_r "int priority" "struct syslog_data *data" "const char *message" "..." 56.Ft void 57.Fn vsyslog "int priority" "const char *message" "va_list args" 58.Ft void 59.Fn vsyslog_r "int priority" "struct syslog_data *data" "const char *message" "va_list args" 60.Ft void 61.Fn openlog "const char *ident" "int logopt" "int facility" 62.Ft void 63.Fn openlog_r "const char *ident" "int logopt" "int facility" "struct syslog_data *data" 64.Ft void 65.Fn closelog void 66.Ft void 67.Fn closelog_r "struct syslog_data *data" 68.Ft int 69.Fn setlogmask "int maskpri" 70.Ft int 71.Fn setlogmask_r "int maskpri" "struct syslog_data *data" 72.Bd -literal 73struct syslog_data { 74 int log_file; 75 int connected; 76 int opened; 77 int log_stat; 78 const char *log_tag; 79 int log_fac; 80 int log_mask; 81}; 82 83#define SYSLOG_DATA_INIT {-1, 0, 0, 0, NULL, LOG_USER, 0xff} 84.Ed 85.Sh DESCRIPTION 86The 87.Fn syslog 88function writes 89.Fa message 90to the system message logger. 91The message is then written to the system console, log files, 92logged-in users, or forwarded to other machines as appropriate (see 93.Xr syslogd 8 ) . 94.Pp 95The message is identical to a 96.Xr printf 3 97format string, except that 98.Ql %m 99is replaced by the current error 100message (as denoted by the global variable 101.Va errno ; 102see 103.Xr strerror 3 ) . 104A trailing newline is added if none is present. 105.Pp 106The 107.Fn syslog_r 108function is a reentrant version of the 109.Xr syslog 3 110function. 111It takes a pointer to a 112.Fa syslog_data 113structure which is used to store 114information. 115This parameter must be initialized before 116.Fn syslog_r 117is called. 118The SYSLOG_DATA_INIT constant is used for this purpose. 119The 120.Fa syslog_data 121structure is composed of the following elements: 122.Bl -tag -width connected 123.It Dv log_file 124contains the file descriptor of the file where the message is logged. 125.It Dv connected 126indicates if connect has been done 127.It Dv opened 128indicates if 129.Xr openlog_r 3 130has been called. 131.It Dv log_stat 132status bits, set by 133.Xr openlog_r 3 134.It Dv log_tag 135string to tag the entry with 136.It Dv log_fac 137facility code 138.It Dv log_mask 139mask of priorities to be logged 140.El 141.Pp 142The 143.Fn vsyslog 144function is an alternate form in which the arguments have already been captured 145using the variable-length argument facilities of 146.Xr varargs 3 . 147.Pp 148The message is tagged with 149.Fa priority . 150Priorities are encoded as a 151.Fa facility 152and a 153.Dq level . 154The facility describes the part of the system 155generating the message. 156The level is selected from the following 157.Em ordered 158(high to low) list: 159.Bl -tag -width LOG_AUTHPRIV 160.It Dv LOG_EMERG 161A panic condition. 162This is normally broadcast to all users. 163.It Dv LOG_ALERT 164A condition that should be corrected immediately, such as a corrupted 165system database. 166.It Dv LOG_CRIT 167Critical conditions, e.g., hard device errors. 168.It Dv LOG_ERR 169Errors. 170.It Dv LOG_WARNING 171Warning messages. 172.It Dv LOG_NOTICE 173Conditions that are not error conditions, 174but should possibly be handled specially. 175.It Dv LOG_INFO 176Informational messages. 177.It Dv LOG_DEBUG 178Messages that contain information 179normally of use only when debugging a program. 180.El 181.Pp 182The 183.Fn vsyslog_r 184is used the same way than 185.Fn vsyslog 186except than it takes an additional pointer on a 187.Fa syslog_data 188structure. 189It is a reentrant version of the 190.Fn vsyslog 191function described above. 192.Pp 193The 194.Fn openlog 195function provides for more specialized processing of the messages sent by 196.Fn syslog 197and 198.Fn vsyslog . 199The parameter 200.Fa ident 201is a string that will be prepended to every message. 202The 203.Fa logopt 204argument 205is a bit field specifying logging options, which is formed by 206.Tn OR Ns 'ing 207one or more of the following values: 208.Bl -tag -width LOG_AUTHPRIV 209.It Dv LOG_CONS 210If 211.Fn syslog 212cannot pass the message to 213.Xr syslogd 8 214it will attempt to write the message to the console 215.Pq Pa /dev/console . 216.It Dv LOG_NDELAY 217Open the connection to 218.Xr syslogd 8 219immediately. 220Normally the open is delayed until the first message is logged. 221Useful for programs that need to manage the order in which file 222descriptors are allocated. 223.It Dv LOG_PERROR 224Write the message to standard error output as well to the system log. 225.It Dv LOG_PID 226Log the process ID with each message; useful for identifying 227instantiations of daemons. 228.El 229.Pp 230The 231.Fa facility 232parameter encodes a default facility to be assigned to all messages 233that do not have an explicit facility encoded: 234.Bl -tag -width LOG_AUTHPRIV 235.It Dv LOG_AUTH 236The authorization system: 237.Xr login 1 , 238.Xr su 1 , 239.Xr getty 8 , 240etc. 241.It Dv LOG_AUTHPRIV 242The same as 243.Dv LOG_AUTH , 244but logged to a file readable only by 245selected individuals. 246.It Dv LOG_CRON 247The cron daemon, 248.Xr cron 8 . 249.It Dv LOG_DAEMON 250System daemons, such as 251.Xr routed 8 , 252that are not provided for explicitly by other facilities. 253.It Dv LOG_FTP 254The file transfer protocol daemon, 255.Xr ftpd 8 . 256.It Dv LOG_KERN 257Messages generated by the kernel. 258These cannot be generated by any user processes. 259.It Dv LOG_LPR 260The line printer spooling system: 261.Xr lpr 1 , 262.Xr lpc 8 , 263.Xr lpd 8 , 264etc. 265.It Dv LOG_MAIL 266The mail system. 267.It Dv LOG_NEWS 268The network news system. 269.It Dv LOG_SYSLOG 270Messages generated internally by 271.Xr syslogd 8 . 272.It Dv LOG_USER 273Messages generated by random user processes. 274This is the default facility identifier if none is specified. 275.It Dv LOG_UUCP 276The 277.Tn UUCP 278system. 279.It Dv LOG_LOCAL0 280Reserved for local use. 281Similarly for 282.Dv LOG_LOCAL1 283through 284.Dv LOG_LOCAL7 . 285.El 286.Pp 287The 288.Fn openlog_r 289function is the reentrant version of the 290.Fn openlog 291function. 292It takes an additional pointer on a 293.Fa syslog_data 294structure. 295This function must be used in conjunction with the other 296reentrant functions. 297.Pp 298The 299.Fn closelog 300function can be used to close the log file. 301.Fn closelog_r 302do the same thing but in a reentrant way and takes an additional 303pointer on a 304.Fa syslog_data 305structure. 306.Pp 307The 308.Fn setlogmask 309function sets the log priority mask to 310.Fa maskpri 311and returns the previous mask. 312Calls to 313.Fn syslog 314with a priority not set in 315.Fa maskpri 316are rejected. 317The mask for an individual priority 318.Fa pri 319is calculated by the macro 320.Fn LOG_MASK pri ; 321the mask for all priorities up to and including 322.Fa toppri 323is given by the macro 324.Fn LOG_UPTO toppri ; . 325The default allows all priorities to be logged. 326.Pp 327The 328.Fn setlogmask_r 329function is the reentrant version of 330.Fn setlogmask . 331It takes an additional pointer on a 332.Fa syslog_data 333structure. 334.Sh RETURN VALUES 335The 336.Fn closelog , 337.Fn closelog_r , 338.Fn openlog , 339.Fn openlog_r , 340.Fn syslog , 341.Fn syslog_r , 342.Fn vsyslog 343and 344.Fn vsyslog_r 345functions return no value. 346.Pp 347The routines 348.Fn setlogmask 349and 350.Fn setlogmask_r 351always return the previous log mask level. 352.Sh EXAMPLES 353.Bd -literal -offset indent -compact 354syslog(LOG_ALERT, "who: internal error 23"); 355 356openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP); 357 358setlogmask(LOG_UPTO(LOG_ERR)); 359 360syslog(LOG_INFO, "Connection from host %d", CallingHost); 361 362syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m"); 363.Pp 364.Ed 365For the reentrant functions: 366.Bd -literal -offset indent -compact 367struct syslog_data sdata = SYSLOG_DATA_INIT; 368 369syslog_r(LOG_INFO|LOG_LOCAL2, &sdata, "foobar error: %m"); 370.Ed 371.Sh SEE ALSO 372.Xr logger 1 , 373.Xr syslogd 8 374.Sh HISTORY 375These 376functions appeared in 377.Bx 4.2 . 378The reentrant functions appeared in 379.Ox 3.1 . 380.Sh CAVEATS 381It is important never to pass a string with user-supplied data as a 382format without using 383.Ql %s . 384An attacker can put format specifiers in the string to mangle your stack, 385leading to a possible security hole. 386This holds true even if you have built the string 387.Dq by hand 388using a function like 389.Fn snprintf , 390as the resulting string may still contain user-supplied conversion specifiers 391for later interpolation by 392.Fn syslog . 393.Pp 394Always be sure to use the proper secure idiom: 395.Bd -literal -offset indent 396syslog("%s", string); 397.Ed 398.Pp 399.Fn syslog_r 400and the other reentrant functions should only be used where 401reentrancy is required (for instance in a signal handler). 402.Fn syslog 403being not reentrant, only 404.Fn syslog_r 405should be used here. 406For more information about reentrancy and signal handlers, see 407.Xr signal 3 . 408