1 .\" Copyright (c) 1985, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. All advertising materials mentioning features or use of this software
13 .\" must display the following acknowledgement:
14 .\" This product includes software developed by the University of
15 .\" California, Berkeley and its contributors.
16 .\" 4. Neither the name of the University nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .\" @(#)syslog.3 8.1 (Berkeley) 6/4/93
33 .\" $FreeBSD: src/lib/libc/gen/syslog.3,v 1.22 2001/10/01 16:08:51 ru Exp $
44 .Nd control system log
55 .Fa "const char *ident"
66 .Fa "const char *message"
74 .Fa "const char *message"
83 to the system message logger.
84 The message is then written to the system console, log files,
85 logged-in users, or forwarded to other machines as appropriate.
89 The message is identical to a
91 format string, except that
93 is replaced by the current error
95 (As denoted by the global variable
99 A trailing newline is added if none is present.
101 Newlines and other non-printable characters embedded in the message string are printed in an alternate format.
102 This prevents someone from using non-printable characters to construct misleading log messages in an output file.
103 Newlines are printed as "\\n",
104 tabs are printed as "\\t".
105 Other control characters are printed using a caret ("^") representation, for example "^M" for carriage return.
110 is an alternate form in which the arguments have already been captured
111 using the variable-length argument facilities of
114 The message is tagged with
116 Priorities are encoded as a
120 The facility describes the part of the system
121 generating the message.
122 The level is selected from the following
125 .Bl -tag -width LOG_AUTHPRIV
128 This is normally broadcast to all users.
130 A condition that should be corrected immediately, such as a corrupted
133 Critical conditions, e.g., hard device errors.
139 Conditions that are not error conditions,
140 but should possibly be handled specially.
142 Informational messages.
144 Messages that contain information
145 normally of use only when debugging a program.
151 provides for more specialized processing of the messages sent
158 is a string that will be prepended to every message.
162 is a bit field specifying logging options, which is formed by
164 one or more of the following values:
165 .Bl -tag -width LOG_AUTHPRIV
169 cannot pass the message to
171 it will attempt to write the message to the console
172 .Pq Dq Pa /dev/console .
174 Open the connection to
177 Normally the open is delayed until the first message is logged.
178 Useful for programs that need to manage the order in which file
179 descriptors are allocated.
181 Write the message to standard error output as well to the system log.
183 Log the process id with each message: useful for identifying
184 instantiations of daemons.
189 parameter encodes a default facility to be assigned to all messages
190 that do not have an explicit facility encoded:
191 .Bl -tag -width LOG_AUTHPRIV
193 The authorization system:
201 but logged to a file readable only by
202 selected individuals.
207 System daemons, such as
209 that are not provided for explicitly by other facilities.
211 The file transfer protocol daemons:
215 Messages generated by the kernel.
216 These cannot be generated by any user processes.
218 The line printer spooling system:
226 The network news system.
228 Security subsystems, such as
231 Messages generated internally by
234 Messages generated by random user processes.
235 This is the default facility identifier if none is specified.
239 Reserved for local use.
249 can be used to close the log file.
254 sets the log priority mask to
256 and returns the previous mask.
259 with a priority not set in
262 The mask for an individual priority
264 is calculated by the macro
266 the mask for all priorities up to and including
268 is given by the macro
269 .Fn LOG_UPTO toppri ; .
270 The default allows all priorities to be logged.
282 always returns the previous log mask level.
284 .Bd -literal -offset indent -compact
285 syslog(LOG_ALERT, "who: internal error 23");
287 openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
289 setlogmask(LOG_UPTO(LOG_ERR));
291 syslog(LOG_INFO, "Connection from host %d", CallingHost);
293 syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
296 .Fd #include <syslog.h>
297 .Fd #include <stdarg.h>
299 These include files are necessary for all functions.
306 functions appeared in
309 Never pass a string with user-supplied data as a format without using
311 An attacker can put format specifiers in the string to mangle your stack,
312 leading to a possible security hole.
313 This holds true even if the string was built using a function like
315 as the resulting string may still contain user-supplied conversion specifiers
316 for later interpolation by
319 Always use the proper secure idiom:
321 .Dl syslog(LOG_ERR, "%s", string);