xref: /openbsd-src/lib/libc/gen/syslog.3 (revision db3296cf5c1dd9058ceecc3a29fe4aaa0bd26000) 
1.\"	$OpenBSD: syslog.3,v 1.23 2003/06/02 20:18:35 millert Exp $
2.\"
3.\" Copyright (c) 1985, 1991, 1993
4.\"	The Regents of the University of California.  All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\" 3. Neither the name of the University nor the names of its contributors
15.\"    may be used to endorse or promote products derived from this software
16.\"    without specific prior written permission.
17.\"
18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28.\" SUCH DAMAGE.
29.\"
30.Dd June 4, 1993
31.Dt SYSLOG 3
32.Os
33.Sh NAME
34.Nm syslog ,
35.Nm syslog_r ,
36.Nm vsyslog ,
37.Nm vsyslog_r ,
38.Nm openlog ,
39.Nm openlog_r ,
40.Nm closelog ,
41.Nm closelog_r ,
42.Nm setlogmask ,
43.Nm setlogmask_r
44.Nd control system log
45.Sh SYNOPSIS
46.Fd #include <syslog.h>
47.Fd #include <stdarg.h>
48.Ft void
49.Fn syslog "int priority" "const char *message" "..."
50.Ft void
51.Fn syslog_r "int priority" "struct syslog_data *data" "const char *message" "..."
52.Ft void
53.Fn vsyslog "int priority" "const char *message" "va_list args"
54.Ft void
55.Fn vsyslog_r "int priority" "struct syslog_data *data" "const char *message" "va_list args"
56.Ft void
57.Fn openlog "const char *ident" "int logopt" "int facility"
58.Ft void
59.Fn openlog_r "const char *ident" "int logopt" "int facility" "struct syslog_data *data"
60.Ft void
61.Fn closelog void
62.Ft void
63.Fn closelog_r "struct syslog_data *data"
64.Ft int
65.Fn setlogmask "int maskpri"
66.Ft int
67.Fn setlogmask_r "int maskpri" "struct syslog_data *data"
68.Bd -literal
69.Pp
70struct syslog_data {
71        int             log_file;
72        int             connected;
73        int             opened;
74        int             log_stat;
75        const char     *log_tag;
76        int             log_fac;
77        int             log_mask;
78};
79.Pp
80#define SYSLOG_DATA_INIT {-1, 0, 0, 0, NULL, LOG_USER, 0xff}
81.Ed
82.Sh DESCRIPTION
83The
84.Fn syslog
85function writes
86.Fa message
87to the system message logger.
88The message is then written to the system console, log files,
89logged-in users, or forwarded to other machines as appropriate (see
90.Xr syslogd 8 ) .
91.Pp
92The message is identical to a
93.Xr printf 3
94format string, except that
95.Ql %m
96is replaced by the current error
97message (as denoted by the global variable
98.Va errno ;
99see
100.Xr strerror 3 ) .
101A trailing newline is added if none is present.
102.Pp
103The
104.Fn syslog_r
105function is a reentrant version of the
106.Fn syslog
107function.
108It takes a pointer to a
109.Fa syslog_data
110structure which is used to store
111information.
112This parameter must be initialized before
113.Fn syslog_r
114is called.
115The SYSLOG_DATA_INIT constant is used for this purpose.
116The
117.Fa syslog_data
118structure is composed of the following elements:
119.Bl -tag -width connected
120.It Dv log_file
121contains the file descriptor of the file where the message is logged
122.It Dv connected
123indicates if connect has been done
124.It Dv opened
125indicates if
126.Xr openlog_r 3
127has been called
128.It Dv log_stat
129status bits, set by
130.Xr openlog_r 3
131.It Dv log_tag
132string to tag the entry with
133.It Dv log_fac
134facility code
135.It Dv log_mask
136mask of priorities to be logged
137.El
138.Pp
139The
140.Fn vsyslog
141function is an alternate form in which the arguments have already been captured
142using the variable-length argument facilities of
143.Xr varargs 3 .
144.Pp
145The message is tagged with
146.Fa priority .
147Priorities are encoded as a
148.Fa facility
149and a
150.Dq level .
151The facility describes the part of the system
152generating the message.
153The level is selected from the following
154.Em ordered
155(high to low) list:
156.Bl -tag -width LOG_AUTHPRIV
157.It Dv LOG_EMERG
158A panic condition.
159This is normally broadcast to all users.
160.It Dv LOG_ALERT
161A condition that should be corrected immediately, such as a corrupted
162system database.
163.It Dv LOG_CRIT
164Critical conditions, e.g., hard device errors.
165.It Dv LOG_ERR
166Errors.
167.It Dv LOG_WARNING
168Warning messages.
169.It Dv LOG_NOTICE
170Conditions that are not error conditions,
171but should possibly be handled specially.
172.It Dv LOG_INFO
173Informational messages.
174.It Dv LOG_DEBUG
175Messages that contain information
176normally of use only when debugging a program.
177.El
178.Pp
179The
180.Fn vsyslog_r
181is used the same way as
182.Fn vsyslog
183except that it takes an additional pointer on a
184.Fa syslog_data
185structure.
186It is a reentrant version of the
187.Fn vsyslog
188function described above.
189.Pp
190The
191.Fn openlog
192function provides for more specialized processing of the messages sent by
193.Fn syslog
194and
195.Fn vsyslog .
196The parameter
197.Fa ident
198is a string that will be prepended to every message.
199The
200.Fa logopt
201argument
202is a bit field specifying logging options, which is formed by
203.Tn OR Ns 'ing
204one or more of the following values:
205.Bl -tag -width LOG_AUTHPRIV
206.It Dv LOG_CONS
207If
208.Fn syslog
209cannot pass the message to
210.Xr syslogd 8
211it will attempt to write the message to the console
212.Pq Pa /dev/console .
213.It Dv LOG_NDELAY
214Open the connection to
215.Xr syslogd 8
216immediately.
217Normally the open is delayed until the first message is logged.
218Useful for programs that need to manage the order in which file
219descriptors are allocated.
220This option must be used in programs that call
221.Xr chroot 2
222where the new root does not have its own log socket.
223.It Dv LOG_PERROR
224Write the message to standard error output as well to the system log.
225.It Dv LOG_PID
226Log the process ID with each message; useful for identifying
227instantiations of daemons.
228.El
229.Pp
230The
231.Fa facility
232parameter encodes a default facility to be assigned to all messages
233that do not have an explicit facility encoded:
234.Bl -tag -width LOG_AUTHPRIV
235.It Dv LOG_AUTH
236The authorization system:
237.Xr login 1 ,
238.Xr su 1 ,
239.Xr getty 8 ,
240etc.
241.It Dv LOG_AUTHPRIV
242The same as
243.Dv LOG_AUTH ,
244but logged to a file readable only by
245selected individuals.
246.It Dv LOG_CRON
247The cron daemon,
248.Xr cron 8 .
249.It Dv LOG_DAEMON
250System daemons, such as
251.Xr routed 8 ,
252that are not provided for explicitly by other facilities.
253.It Dv LOG_FTP
254The file transfer protocol daemon,
255.Xr ftpd 8 .
256.It Dv LOG_KERN
257Messages generated by the kernel.
258These cannot be generated by any user processes.
259.It Dv LOG_LPR
260The line printer spooling system:
261.Xr lpr 1 ,
262.Xr lpc 8 ,
263.Xr lpd 8 ,
264etc.
265.It Dv LOG_MAIL
266The mail system.
267.It Dv LOG_NEWS
268The network news system.
269.It Dv LOG_SYSLOG
270Messages generated internally by
271.Xr syslogd 8 .
272.It Dv LOG_USER
273Messages generated by random user processes.
274This is the default facility identifier if none is specified.
275.It Dv LOG_UUCP
276The
277.Tn UUCP
278system.
279.It Dv LOG_LOCAL0
280Reserved for local use.
281Similarly for
282.Dv LOG_LOCAL1
283through
284.Dv LOG_LOCAL7 .
285.El
286.Pp
287The
288.Fn openlog_r
289function is the reentrant version of the
290.Fn openlog
291function.
292It takes an additional pointer on a
293.Fa syslog_data
294structure.
295This function must be used in conjunction with the other
296reentrant functions.
297.Pp
298The
299.Fn closelog
300function can be used to close the log file.
301.Fn closelog_r
302do the same thing but in a reentrant way and takes an additional
303pointer on a
304.Fa syslog_data
305structure.
306.Pp
307The
308.Fn setlogmask
309function sets the log priority mask to
310.Fa maskpri
311and returns the previous mask.
312Calls to
313.Fn syslog
314with a priority not set in
315.Fa maskpri
316are rejected.
317The mask for an individual priority
318.Fa pri
319is calculated by the macro
320.Fn LOG_MASK pri ;
321the mask for all priorities up to and including
322.Fa toppri
323is given by the macro
324.Fn LOG_UPTO toppri .
325The default allows all priorities to be logged.
326.Pp
327The
328.Fn setlogmask_r
329function is the reentrant version of
330.Fn setlogmask .
331It takes an additional pointer on a
332.Fa syslog_data
333structure.
334.Sh RETURN VALUES
335The
336.Fn closelog ,
337.Fn closelog_r ,
338.Fn openlog ,
339.Fn openlog_r ,
340.Fn syslog ,
341.Fn syslog_r ,
342.Fn vsyslog
343and
344.Fn vsyslog_r
345functions return no value.
346.Pp
347The routines
348.Fn setlogmask
349and
350.Fn setlogmask_r
351always return the previous log mask level.
352.Sh EXAMPLES
353.Bd -literal -offset indent -compact
354syslog(LOG_ALERT, "who: internal error 23");
355
356openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
357
358setlogmask(LOG_UPTO(LOG_ERR));
359
360syslog(LOG_INFO, "Connection from host %d", CallingHost);
361
362syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
363.Pp
364.Ed
365For the reentrant functions:
366.Pp
367.Bd -literal -offset indent -compact
368struct syslog_data sdata = SYSLOG_DATA_INIT;
369
370syslog_r(LOG_INFO|LOG_LOCAL2, &sdata, "foobar error: %m");
371.Ed
372.Sh SEE ALSO
373.Xr logger 1 ,
374.Xr syslogd 8
375.Sh HISTORY
376These
377functions appeared in
378.Bx 4.2 .
379The reentrant functions appeared in
380.Ox 3.1 .
381.Sh CAVEATS
382It is important never to pass a string with user-supplied data as a
383format without using
384.Ql %s .
385An attacker can put format specifiers in the string to mangle your stack,
386leading to a possible security hole.
387This holds true even if you have built the string
388.Dq by hand
389using a function like
390.Fn snprintf ,
391as the resulting string may still contain user-supplied conversion specifiers
392for later interpolation by
393.Fn syslog .
394.Pp
395Always be sure to use the proper secure idiom:
396.Bd -literal -offset indent
397syslog(priority, "%s", string);
398.Ed
399.Pp
400.Fn syslog_r
401and the other reentrant functions should only be used where
402reentrancy is required (for instance in a signal handler).
403.Fn syslog
404being not reentrant, only
405.Fn syslog_r
406should be used here.
407For more information about reentrancy and signal handlers, see
408.Xr signal 3 .
409