1.\" $OpenBSD: syslogd.8,v 1.18 2003/06/12 12:59:53 jmc Exp $ 2.\" 3.\" Copyright (c) 1983, 1986, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" from: @(#)syslogd.8 8.1 (Berkeley) 6/6/93 31.\" $NetBSD: syslogd.8,v 1.3 1996/01/02 17:41:48 perry Exp $ 32.\" 33.Dd June 6, 1993 34.Dt SYSLOGD 8 35.Os 36.Sh NAME 37.Nm syslogd 38.Nd log systems messages 39.Sh SYNOPSIS 40.Nm syslogd 41.Bk -words 42.Op Fl dnu 43.Op Fl f Ar config_file 44.Op Fl m Ar mark_interval 45.Op Fl a Ar path 46.Op Fl p Ar log_socket 47.Ek 48.Sh DESCRIPTION 49.Nm 50reads and logs messages to the system console, log files, other 51machines and/or users as specified by its configuration file. 52.Pp 53The options are as follows: 54.Bl -tag -width Ds 55.It Fl d 56Enable debugging to the standard output, 57and do not disassociate from the controlling terminal. 58.It Fl f Ar config_file 59Specify the pathname of an alternate configuration file; 60the default is 61.Pa /etc/syslog.conf . 62.It Fl m Ar mark_interval 63Select the number of minutes between 64.Dq mark 65messages; the default is 20 minutes. 66.It Fl n 67Print source addresses numerically rather than symbolically. 68This saves an address-to-name lookup for each incoming message, 69which can be useful when combined with the 70.Fl u 71option on a loghost with no DNS cache. 72Messages from the local host will still be logged with 73the symbolic local host name. 74.It Fl u 75Select the historical 76.Dq insecure 77mode, in which syslogd will 78accept input from the UDP port. 79Some software wants this, but you can be subjected to a variety of 80attacks over the network, including attackers remotely filling logs. 81.It Fl p Ar log_socket 82Specify the pathname of an alternate log socket to be used instead; 83the default is 84.Pa /dev/log . 85.It Fl a Pa path 86Specify a location where 87.Nm 88should place an additional log socket. 89Up to about 20 additional logging sockets can be specified. 90The primary use for this is to place additional log sockets in 91.Pa /dev/log 92of various chroot filespaces. 93.El 94.Pp 95.Nm 96reads its configuration file when it starts up and whenever it 97receives a hangup signal. 98For information on the format of the configuration file, 99see 100.Xr syslog.conf 5 . 101.Pp 102.Nm 103opens an Internet domain socket as specified 104in 105.Pa /etc/services . 106Normally 107.Nm 108will only use this socket to send messages outwards, but in 109.Dq insecure 110mode it will also read messages from this socket. 111.Nm 112also opens and reads messages from the 113.Tn UNIX 114domain socket 115.Pa /dev/log , 116and from the special device 117.Pa /dev/klog 118(to read kernel messages). 119.Pp 120.Nm 121opens the above described socket whether or not it is 122running in secure mode. 123If 124.Nm 125is running in secure mode, all incoming data on this socket is discarded. 126The socket is required for sending forwarded messages. 127.Pp 128.Nm 129creates the file 130.Pa /var/run/syslog.pid , 131and stores its process ID there. 132This can be used to kill or reconfigure 133.Nm syslogd . 134.Pp 135The message sent to 136.Nm 137should consist of a single line. 138The message can contain a priority code, which should be a preceding 139decimal number in angle braces, for example, 140.Dq Aq 5 . 141This priority code should map into the priorities defined in the 142include file 143.Aq Pa sys/syslog.h . 144.Sh FILES 145.Bl -tag -width /var/run/syslog.pid -compact 146.It Pa /etc/syslog.conf 147configuration file 148.It Pa /var/run/syslog.pid 149process ID of current 150.Nm syslogd 151.It Pa /dev/log 152name of the 153.Tn UNIX 154domain datagram log socket 155.It Pa /dev/klog 156kernel log device 157.El 158.Sh SEE ALSO 159.Xr logger 1 , 160.Xr syslog 3 , 161.Xr services 5 , 162.Xr syslog.conf 5 , 163.Xr newsyslog 8 164.Sh HISTORY 165The 166.Nm 167command appeared in 168.Bx 4.3 . 169