How to redirect syslog freely - Unix

This is a discussion on How to redirect syslog freely - Unix ; Hello, Suppose I have a program called `a.out' that is built from a.c below and another program called `b.out' that is also built from the same source file a.c. How to make a.out and b.out write messages to log file ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: How to redirect syslog freely

  1. How to redirect syslog freely

    Hello,

    Suppose I have a program called `a.out' that is built from a.c below
    and another program called `b.out' that is also built from the same
    source file a.c. How to make a.out and b.out write messages to log
    file ~/a.log and ~/b.log respectively? And only a.out writes to a.log
    and only a.out writes to b.log.

    It seems that I'm not allowed to specify program names such as a.out
    and b.out in syslog conf file /etc/syslog.conf.


    #include
    int main(int argc, char *argv[])
    {
    openlog(argv[0], LOG_PID, LOG_USER);
    syslog(LOG_WARNING | LOG_USER, "syslog test.");
    closelog();
    return 0;
    }


    Thank you for your time.

  2. Re: How to redirect syslog freely

    On Mar 18, 12:15*am, "lovecreatesbea...@gmail.com"
    wrote:

    > file ~/a.log and ~/b.log respectively? And only a.out writes to a.log
    > and only a.out writes to b.log.


    Sorry, it should read:
    and only b.out writes to b.log.

  3. Re: How to redirect syslog freely

    >Suppose I have a program called `a.out' that is built from a.c below
    >and another program called `b.out' that is also built from the same
    >source file a.c. How to make a.out and b.out write messages to log
    >file ~/a.log and ~/b.log respectively? And only a.out writes to a.log
    >and only a.out writes to b.log.


    Syslog doesn't do ~ because there's no user name associated with a
    syslog entry. Use absolute path names.

    >It seems that I'm not allowed to specify program names such as a.out
    >and b.out in syslog conf file /etc/syslog.conf.


    This depends on your implementation of syslogd. The one on FreeBSD
    does allow such specifications in /etc/syslog.conf. This is probably
    not unique to FreeBSD.

    >#include
    >int main(int argc, char *argv[])
    >{
    > openlog(argv[0], LOG_PID, LOG_USER);
    > syslog(LOG_WARNING | LOG_USER, "syslog test.");
    > closelog();
    > return 0;
    >}


    You can also change things like LOG_USER (to, say, LOG_LOCAL1) based
    on whether the program name in argv[0] matches what you want. Be
    prepared, however, for someone to invoke it with a name different
    from both a.out and b.out, and make sure that doesn't cause any
    security issues.

    Below is FreeBSD's default syslog.conf file. Note the entries involving
    ppp and startslip.


    # $FreeBSD: src/etc/syslog.conf,v 1.28 2005/03/12 12:31:16 glebius Exp $
    #
    # Spaces ARE valid field separators in this file. However,
    # other *nix-like systems still insist on using tabs as field
    # separators. If you are sharing this file between systems, you
    # may want to use only tabs as field separators here.
    # Consult the syslog.conf(5) manpage.
    *.err;kern.warning;auth.notice;mail.crit /dev/console
    *.notice;authpriv.none;kern.debug;lpr.info;mail.cr it;news.err /var/log/messages
    security.* /var/log/security
    auth.info;authpriv.info /var/log/auth.log
    mail.info /var/log/maillog
    lpr.info /var/log/lpd-errs
    ftp.info /var/log/xferlog
    cron.* /var/log/cron
    *.=debug /var/log/debug.log
    *.emerg *
    # uncomment this to log all writes to /dev/console to /var/log/console.log
    #console.info /var/log/console.log
    # uncomment this to enable logging of all log messages to /var/log/all.log
    # touch /var/log/all.log and chmod it to mode 600 before it will work
    #*.* /var/log/all.log
    # uncomment this to enable logging to a remote loghost named loghost
    #*.* @loghost
    # uncomment these if you're running inn
    # news.crit /var/log/news/news.crit
    # news.err /var/log/news/news.err
    # news.notice /var/log/news/news.notice
    !startslip
    *.* /var/log/slip.log
    !ppp
    *.* /var/log/ppp.log

  4. Re: How to redirect syslog freely

    On Mar 18, 7:47 am, gordonb.vc...@burditt.org (Gordon Burditt) wrote:
    > >Suppose I have a program called `a.out' that is built from a.c below
    > >and another program called `b.out' that is also built from the same
    > >source file a.c. How to make a.out and b.out write messages to log
    > >file ~/a.log and ~/b.log respectively? And only a.out writes to a.log
    > >and only a.out writes to b.log.

    >
    > Syslog doesn't do ~ because there's no user name associated with a
    > syslog entry. Use absolute path names.
    >


    Thank you for the reminder.

    > >It seems that I'm not allowed to specify program names such as a.out
    > >and b.out in syslog conf file /etc/syslog.conf.

    >
    > This depends on your implementation of syslogd. The one on FreeBSD
    > does allow such specifications in /etc/syslog.conf. This is probably
    > not unique to FreeBSD.
    >
    > >#include
    > >int main(int argc, char *argv[])
    > >{
    > > openlog(argv[0], LOG_PID, LOG_USER);
    > > syslog(LOG_WARNING | LOG_USER, "syslog test.");
    > > closelog();
    > > return 0;
    > >}

    >
    > You can also change things like LOG_USER (to, say, LOG_LOCAL1) based
    > on whether the program name in argv[0] matches what you want. Be
    > prepared, however, for someone to invoke it with a name different
    > from both a.out and b.out, and make sure that doesn't cause any
    > security issues.
    >


    The log is recorded on my machine as following. I'm just wondering
    that whether a user program (i mean not a system facility) can have a
    more personal log file for itself.

    With this entry in syslog conf file, many programs will share the same
    log file:
    local0.* /home/jhl/tmp/a.log

    It's better if it allows a similar config like this:
    /path/a.out.local0.* /home/jhl/tmp/a.log
    /path/b.out.local0.* /home/jhl/tmp/b.log

    But it seems invalid. What's the intention of syslog? Collect all
    system and user log messages in several huge files?


    $ cat a.c
    #include
    int main(int argc, char *argv[])
    {
    syslog(LOG_LOCAL0 | LOG_WARNING, "syslog test.");
    return 0;
    }

    $ grep a.log /etc/syslog.conf
    local0.* /home/jhl/tmp/a.log

    $ gcc a.c && ./a.out

    $ cat /home/jhl/tmp/a.log
    Mar 18 10:25:02 C88 a.out: syslog test.
    $

  5. Re: How to redirect syslog freely

    >> >Suppose I have a program called `a.out' that is built from a.c below
    >> >and another program called `b.out' that is also built from the same
    >> >source file a.c. How to make a.out and b.out write messages to log
    >> >file ~/a.log and ~/b.log respectively? And only a.out writes to a.log
    >> >and only a.out writes to b.log.

    >>
    >> Syslog doesn't do ~ because there's no user name associated with a
    >> syslog entry. Use absolute path names.
    >>

    >
    >Thank you for the reminder.
    >
    >> >It seems that I'm not allowed to specify program names such as a.out
    >> >and b.out in syslog conf file /etc/syslog.conf.

    >>
    >> This depends on your implementation of syslogd. The one on FreeBSD
    >> does allow such specifications in /etc/syslog.conf. This is probably
    >> not unique to FreeBSD.
    >>
    >> >#include
    >> >int main(int argc, char *argv[])
    >> >{
    >> > openlog(argv[0], LOG_PID, LOG_USER);
    >> > syslog(LOG_WARNING | LOG_USER, "syslog test.");
    >> > closelog();
    >> > return 0;
    >> >}

    >>
    >> You can also change things like LOG_USER (to, say, LOG_LOCAL1) based
    >> on whether the program name in argv[0] matches what you want. Be
    >> prepared, however, for someone to invoke it with a name different
    >> from both a.out and b.out, and make sure that doesn't cause any
    >> security issues.
    >>

    >
    >The log is recorded on my machine as following. I'm just wondering
    >that whether a user program (i mean not a system facility) can have a
    >more personal log file for itself.
    >
    >With this entry in syslog conf file, many programs will share the same
    >log file:
    > local0.* /home/jhl/tmp/a.log
    >
    >It's better if it allows a similar config like this:
    > /path/a.out.local0.* /home/jhl/tmp/a.log
    > /path/b.out.local0.* /home/jhl/tmp/b.log
    >
    >But it seems invalid. What's the intention of syslog? Collect all
    >system and user log messages in several huge files?


    The intention of syslog is to collect system messages in one of a small
    set of log files where they can be seen (since they are mostly produced
    by daemons or background processes, stdout and stderr are unlikely to
    be seen).

    It really isn't intended to handle user messages at all. It might
    be used by a programmer (who is at least friends with an admin) to
    log problems encountered with users using his beta test software
    rather than depending on the users to report details of problems.
    (In other words, *all* users using the program end up with messages
    in the same log for this program, and that's what's wanted here.)

    I'll suggest a setup which might be more suitable for your purposes:
    (If you have access to the syslog() library code, you might just
    modify it.)

    openuserlog(), which takes a path name of a log file to append to,
    opens it, and keeps the FILE * for it in a static variable. Flags
    and facilities and error levels are optional.

    userlog(), which uses vfprintf() and outputs the message to the file
    opened by openuserlog. You probably want it to fflush each message.
    Special handling of the messages, like adding time stamps, process IDs,
    and program names is optional.

    closeuserlog(), which closes the log. This should be used if the
    log is open when you fork().

    Or, you could take the simple approach and just open a file and
    fprintf() messages into it.


+ Reply to Thread