xref: /openbsd-src/lib/libc/gen/syslog.3 (revision a28daedfc357b214be5c701aa8ba8adb29a7f1c2) 
1.\"	$OpenBSD: syslog.3,v 1.28 2008/05/07 12:05:35 claudio Exp $
2.\"
3.\" Copyright (c) 1985, 1991, 1993
4.\"	The Regents of the University of California.  All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\" 3. Neither the name of the University nor the names of its contributors
15.\"    may be used to endorse or promote products derived from this software
16.\"    without specific prior written permission.
17.\"
18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28.\" SUCH DAMAGE.
29.\"
30.Dd $Mdocdate: May 7 2008 $
31.Dt SYSLOG 3
32.Os
33.Sh NAME
34.Nm syslog ,
35.Nm syslog_r ,
36.Nm vsyslog ,
37.Nm vsyslog_r ,
38.Nm openlog ,
39.Nm openlog_r ,
40.Nm closelog ,
41.Nm closelog_r ,
42.Nm setlogmask ,
43.Nm setlogmask_r
44.Nd control system log
45.Sh SYNOPSIS
46.Fd #include <syslog.h>
47.Fd #include <stdarg.h>
48.Ft void
49.Fn syslog "int priority" "const char *message" "..."
50.Ft void
51.Fn syslog_r "int priority" "struct syslog_data *data" "const char *message" "..."
52.Ft void
53.Fn vsyslog "int priority" "const char *message" "va_list args"
54.Ft void
55.Fn vsyslog_r "int priority" "struct syslog_data *data" "const char *message" "va_list args"
56.Ft void
57.Fn openlog "const char *ident" "int logopt" "int facility"
58.Ft void
59.Fn openlog_r "const char *ident" "int logopt" "int facility" "struct syslog_data *data"
60.Ft void
61.Fn closelog void
62.Ft void
63.Fn closelog_r "struct syslog_data *data"
64.Ft int
65.Fn setlogmask "int maskpri"
66.Ft int
67.Fn setlogmask_r "int maskpri" "struct syslog_data *data"
68.Bd -literal
69
70struct syslog_data {
71        int             log_file;
72        int             connected;
73        int             opened;
74        int             log_stat;
75        const char     *log_tag;
76        int             log_fac;
77        int             log_mask;
78};
79
80#define SYSLOG_DATA_INIT {-1, 0, 0, 0, NULL, LOG_USER, 0xff}
81.Ed
82.Sh DESCRIPTION
83The
84.Fn syslog
85function writes
86.Fa message
87to the system message logger.
88The message is then written to the system console, log files,
89logged-in users, or forwarded to other machines as appropriate (see
90.Xr syslogd 8 ) .
91.Pp
92The message is identical to a
93.Xr printf 3
94format string, except that
95.Ql %m
96is replaced by the current error
97message (as denoted by the global variable
98.Va errno ;
99see
100.Xr strerror 3 ) .
101A trailing newline is added if none is present.
102.Pp
103The
104.Fn syslog_r
105function is a reentrant version of the
106.Fn syslog
107function.
108It takes a pointer to a
109.Fa syslog_data
110structure which is used to store
111information.
112This parameter must be initialized before
113.Fn syslog_r
114is called.
115The
116.Dv SYSLOG_DATA_INIT
117constant is used for this purpose.
118The
119.Fa syslog_data
120structure is composed of the following elements:
121.Bl -tag -width connected
122.It Dv log_file
123contains the file descriptor of the file where the message is logged
124.It Dv connected
125indicates if connect has been done
126.It Dv opened
127indicates if
128.Fn openlog_r
129has been called
130.It Dv log_stat
131status bits, set by
132.Fn openlog_r
133.It Dv log_tag
134string to tag the entry with
135.It Dv log_fac
136facility code
137.It Dv log_mask
138mask of priorities to be logged
139.El
140.Pp
141The
142.Fn vsyslog
143function is an alternate form in which the arguments have already been captured
144using the variable-length argument facilities of
145.Xr varargs 3 .
146.Pp
147The message is tagged with
148.Fa priority .
149Priorities are encoded as a
150.Fa facility
151and a
152.Dq level .
153The facility describes the part of the system
154generating the message.
155The level is selected from the following
156.Em ordered
157(high to low) list:
158.Bl -tag -width LOG_AUTHPRIV
159.It Dv LOG_EMERG
160A panic condition.
161This is normally broadcast to all users.
162.It Dv LOG_ALERT
163A condition that should be corrected immediately, such as a corrupted
164system database.
165.It Dv LOG_CRIT
166Critical conditions, e.g., hard device errors.
167.It Dv LOG_ERR
168Errors.
169.It Dv LOG_WARNING
170Warning messages.
171.It Dv LOG_NOTICE
172Conditions that are not error conditions,
173but should possibly be handled specially.
174.It Dv LOG_INFO
175Informational messages.
176.It Dv LOG_DEBUG
177Messages that contain information
178normally of use only when debugging a program.
179.El
180.Pp
181The
182.Fn vsyslog_r
183is used the same way as
184.Fn vsyslog
185except that it takes an additional pointer to a
186.Fa syslog_data
187structure.
188It is a reentrant version of the
189.Fn vsyslog
190function described above.
191.Pp
192The
193.Fn openlog
194function provides for more specialized processing of the messages sent by
195.Fn syslog
196and
197.Fn vsyslog .
198The parameter
199.Fa ident
200is a string that will be prepended to every message.
201The
202.Fa logopt
203argument
204is a bit field specifying logging options, which is formed by
205.Tn OR Ns 'ing
206one or more of the following values:
207.Bl -tag -width LOG_AUTHPRIV
208.It Dv LOG_CONS
209If
210.Fn syslog
211cannot pass the message to
212.Xr syslogd 8
213it will attempt to write the message to the console
214.Pq Pa /dev/console .
215.It Dv LOG_NDELAY
216Open the connection to
217.Xr syslogd 8
218immediately.
219Normally the open is delayed until the first message is logged.
220Useful for programs that need to manage the order in which file
221descriptors are allocated.
222This option must be used in programs that call
223.Xr chroot 2
224where the new root does not have its own log socket.
225.It Dv LOG_PERROR
226Write the message to standard error output as well as to the system log.
227.It Dv LOG_PID
228Log the process ID with each message; useful for identifying
229instantiations of daemons.
230.El
231.Pp
232The
233.Fa facility
234parameter encodes a default facility to be assigned to all messages
235that do not have an explicit facility encoded:
236.Bl -tag -width LOG_AUTHPRIV
237.It Dv LOG_AUTH
238The authorization system:
239.Xr login 1 ,
240.Xr su 1 ,
241.Xr getty 8 ,
242etc.
243.It Dv LOG_AUTHPRIV
244The same as
245.Dv LOG_AUTH ,
246but logged to a file readable only by
247selected individuals.
248.It Dv LOG_CRON
249The cron daemon,
250.Xr cron 8 .
251.It Dv LOG_DAEMON
252System daemons, such as
253.Xr dhcpd 8 ,
254that are not provided for explicitly by other facilities.
255.It Dv LOG_FTP
256The file transfer protocol daemon,
257.Xr ftpd 8 .
258.It Dv LOG_KERN
259Messages generated by the kernel.
260These cannot be generated by any user processes.
261.It Dv LOG_LPR
262The line printer spooling system:
263.Xr lpr 1 ,
264.Xr lpc 8 ,
265.Xr lpd 8 ,
266etc.
267.It Dv LOG_MAIL
268The mail system.
269.It Dv LOG_NEWS
270The network news system.
271.It Dv LOG_SYSLOG
272Messages generated internally by
273.Xr syslogd 8 .
274.It Dv LOG_USER
275Messages generated by random user processes.
276This is the default facility identifier if none is specified.
277.It Dv LOG_UUCP
278The
279.Tn UUCP
280system.
281.It Dv LOG_LOCAL0
282Reserved for local use.
283Similarly for
284.Dv LOG_LOCAL1
285through
286.Dv LOG_LOCAL7 .
287.El
288.Pp
289The
290.Fn openlog_r
291function is the reentrant version of the
292.Fn openlog
293function.
294It takes an additional pointer to a
295.Fa syslog_data
296structure.
297This function must be used in conjunction with the other
298reentrant functions.
299.Pp
300The
301.Fn closelog
302function can be used to close the log file.
303.Fn closelog_r
304does the same thing but in a reentrant way and takes an additional
305pointer to a
306.Fa syslog_data
307structure.
308.Pp
309The
310.Fn setlogmask
311function sets the log priority mask to
312.Fa maskpri
313and returns the previous mask.
314Calls to
315.Fn syslog
316with a priority not set in
317.Fa maskpri
318are rejected.
319The mask for an individual priority
320.Fa pri
321is calculated by the macro
322.Fn LOG_MASK pri ;
323the mask for all priorities up to and including
324.Fa toppri
325is given by the macro
326.Fn LOG_UPTO toppri .
327The default allows all priorities to be logged.
328.Pp
329The
330.Fn setlogmask_r
331function is the reentrant version of
332.Fn setlogmask .
333It takes an additional pointer to a
334.Fa syslog_data
335structure.
336.Sh RETURN VALUES
337The
338.Fn closelog ,
339.Fn closelog_r ,
340.Fn openlog ,
341.Fn openlog_r ,
342.Fn syslog ,
343.Fn syslog_r ,
344.Fn vsyslog ,
345and
346.Fn vsyslog_r
347functions return no value.
348.Pp
349The routines
350.Fn setlogmask
351and
352.Fn setlogmask_r
353always return the previous log mask level.
354.Sh EXAMPLES
355.Bd -literal -offset indent
356syslog(LOG_ALERT, "who: internal error 23");
357
358openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
359
360setlogmask(LOG_UPTO(LOG_ERR));
361
362syslog(LOG_INFO, "Connection from host %d", CallingHost);
363
364syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
365.Ed
366.Pp
367For the reentrant functions:
368.Bd -literal -offset indent
369struct syslog_data sdata = SYSLOG_DATA_INIT;
370
371syslog_r(LOG_INFO|LOG_LOCAL2, &sdata, "foobar error: %m");
372.Ed
373.Sh SEE ALSO
374.Xr logger 1 ,
375.Xr syslogd 8
376.Sh HISTORY
377These
378functions appeared in
379.Bx 4.2 .
380The reentrant functions appeared in
381.Ox 3.1 .
382.Sh CAVEATS
383It is important never to pass a string with user-supplied data as a
384format without using
385.Ql %s .
386An attacker can put format specifiers in the string to mangle the stack,
387leading to a possible security hole.
388This holds true even if the string has been built
389.Dq by hand
390using a function like
391.Fn snprintf ,
392as the resulting string may still contain user-supplied conversion specifiers
393for later interpolation by
394.Fn syslog .
395.Pp
396Always be sure to use the proper secure idiom:
397.Bd -literal -offset indent
398syslog(priority, "%s", string);
399.Ed
400.Pp
401.Fn syslog_r
402and the other reentrant functions should only be used where
403reentrancy is required (for instance, in a signal handler).
404.Fn syslog
405being not reentrant, only
406.Fn syslog_r
407should be used here.
408For more information about reentrancy and signal handlers, see
409.Xr signal 3 .
410