Commit Graph

32 Commits

Author SHA1 Message Date
Alan Somers
6d1014a32b Add syslog(3) support to devd(8).
sbin/devd/devd.cc
        All output will now go to syslog(3) if devd is daemonized, or stderr
        if it's running in the foreground.

sbin/devd/devd.8
        Remove the "-D" flag.  Filtering messages by priority now
	happens in the usual syslog way.  For performance reasons, a few
	extra-verbose debugging statements are now conditional on the "-d" (do
	not daemonize) flag.

etc/syslog.conf
etc/newsyslog.conf
        Direct messages from devd(8) to /var/log/devd.log, but leave it
        disabled by default

Reviewed by:	eadler
Approved by:	gibbs (co-mentor)
MFC after:	never (removed a command-line option from devd)
2013-07-01 21:20:17 +00:00
Christian Brueffer
e19c9e1ed5 Similar to all.log, mention that /var/log/console.log has to be created and chmod'ed
to make logging work.

PR:		168889
Submitted by:	Robert Simmons <rsimmons0@gmail.com>
MFC after:	1 week
2012-07-01 12:34:19 +00:00
Andriy Gapon
44672a2966 syslog.conf: pop up from logging only ppp messages at the end of file
This allows to append custom rules at the end of the file without
risk of confusion that can result when one misses default !ppp line
and doesn't add another program specification and thus subsequent
selector(s) would belong to ppp program block.

Requested by:	marck
Submitted by:	marck
Approved by:	jhb (mentor)
2009-06-11 15:07:02 +00:00
Ken Smith
dcaf4eb3ed Remove slip.log. Slip got removed as part of the MPSAFE tty work. If
it does come back it would probably be better if users who were interested
in slip added appropriate lines instead of this being here unconditionally.

Reminded by:	tut <at> nhamon <dot> com <dot> ua
2008-12-02 18:13:29 +00:00
Gleb Smirnoff
9091954535 Fix a terrible braino in last commit. Put kern.debug back to /var/log/messages
and do exactly what last commit message described.
2005-03-12 12:31:16 +00:00
Gleb Smirnoff
bcdbb13a66 Do not print kernel debugging on console. In case of serial console
this can cause a really heavy load on system. Several kernel debugging
messages can be triggered even remotely (e.g. bad ARP replies).

Use kern.warning instead, so that really significant messages still
will be printed on console.

Reviewed by:	current@
MFC after:	1 week
Security:	this change fixes a DoS condition, when default system
		console is serial, and box is flooded with bogus ARP
		packets
2005-02-22 08:03:09 +00:00
Dag-Erling Smørgrav
5b9cb0c3eb Make sure debug.log only gets debugging messages. 2003-04-23 13:08:31 +00:00
Dag-Erling Smørgrav
4845d27e63 Introduce debug.log which gets debug.* (most of this would otherwise go
to the great bit-bucket in the sky)
2003-04-08 16:14:02 +00:00
Yaroslav Tykhiy
fec51ab5fc Stop logging ``authpriv'' messages to the world-readable file
/var/log/messages.  Such messages are for the eyes of authorized
personnel only.

PR:		conf/48170
Discussed in:	freebsd-security
MFC after:	2 weeks
2003-04-03 18:37:49 +00:00
Mark Murray
a5dd613ce6 Rename the ftp log filename for compatability with OpenBSD and NetBSD.
Requested by:	ru
2002-09-21 12:07:35 +00:00
Mark Murray
bbd0e6a78d Log ftpd stuff in the same way that we log lpd stuff. Too many ftpd's
are attacked for us to throw away this sort of evidence.
2002-09-20 22:10:01 +00:00
Poul-Henning Kamp
193eadc319 Per discussion on current: Don't spam root with syslog messages. 2002-04-06 11:22:01 +00:00
Robert Watson
30d6457c9e Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
Robert Watson
0ec9497e58 Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
Robert Watson
179e0241ea /var/log/security gets almost no (if not no) activity on many FreeBSD
systems due to sshd not using the security log class.  Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.

Submitted by:	aeonflux@synapse.subneural.net
MFC after:	4 weeks
2002-03-10 15:20:36 +00:00
Jeroen Ruigrok van der Werven
03b7b65a08 Explain that /var/log/all.log needs to be touched and chmod'd 'ere it
can be used.

PR:		17022
Submitted by:	Niels Christian Bank-Pedersen <ncbp@bank-pedersen.dk>
MFC after:	1 week
2001-10-28 13:41:30 +00:00
Murray Stokely
1f38b5660f Note in the comments that it is possible, but not recommended to use
spaces instead of tabs in this file.  This matches the description in
the manpage.

PR:		25945
Submitted by:	T. William Wells <bill@twwells.com>
2001-03-31 04:41:24 +00:00
Poul-Henning Kamp
960cada9b8 Log the console output to "/var/log/console.log", not "/var/log/console"
(MFC candidate)
2001-02-17 20:27:58 +00:00
Poul-Henning Kamp
d9f8912333 Add commented out entry showing use of console.info feature. 2000-12-20 22:26:33 +00:00
Robert Watson
13c032fd0e Add two commented out syslog.conf entries, one to demonstrate the use of
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.

Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism.  Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.

Approved by:	jkh
Reviewed by:	freebsd-security
2000-02-08 21:57:28 +00:00
Nick Hibma
d98069654d Move /var/cron/log to /var/log/cron 1999-09-06 20:10:27 +00:00
Peter Wemm
9b7a44a60e $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
Brian Feldman
fa62586ae7 This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by:	rgrimes, imp, chris
1999-08-21 18:24:29 +00:00
Nate Williams
58645a5596 - Add a couple comment lines to note that spaces are not allowed as
field separators.

PR:		conf/8162
Submitted by:	Sheldon Hearn <sheldonh@axl.training.iafrica.com>
1998-10-14 21:59:55 +00:00
Brian Somers
a19eda1f28 Add Id keywords 1998-09-02 01:34:57 +00:00
Andrey A. Chernov
419a3911cf Add ppp.log 1997-06-10 20:40:22 +00:00
Paul Traina
648251a14c auth.debug should not be sent to root realtime
news.notice info should not be sent to /var/log/messages, as news has
	its own set of logs and notice is overused by inn

added entries for newsservers (but they're commented out)
1996-11-06 22:27:04 +00:00
Andrey A. Chernov
0ee6900601 Back out daemon.* addition, ssh port should be fixed instead 1996-11-02 00:08:44 +00:00
Andrey A. Chernov
64cfb09a21 Log daemon.* to /var/log/messages or very valuable daemons messages
lost forever
1996-10-31 00:29:10 +00:00
Andrey A. Chernov
a4f267bdf0 Put startslip syslog messages into separate file
Increase rotating log sizes in newsyslog.conf to reflect
more common case
1996-01-07 00:52:50 +00:00
Guido van Rooij
3b15f669f7 This is Vixie cron 3.0. This version fixes all known security bugs.
Further it implements crontab -e.
I moved cron from /usr/libexec to /usr/sbin where most daemons are
that are run from rc. That also gets rid of the ugly path crond
used to have in ps(1) outputs. Further I renamed it to cron, as
Paul Vixie likes it and is done by NetBSD.

NOTE VERY WELL THE FOLLOWING:

1) Systems crontab changed. Every users crontab resides in /var/cron
   *EXCEPT* root's. This is a special crontab as it resides in
   /etc. Further it is the *ONLY* crontab file in which you specify
   usernames. See /usr/src/etc/crontab. This is also done by BSDI's
   BSD/386 as far as I know (they provided the patches for it anyway)
2) So you *must* delete root's crontab and reinstall the copy
   in /etc from /usr/src/etc.
   'Must' is to much: the old installed crontab will work but cron
   will also try to 'run' /etc/crontab.
3) Last but not least: cron's logging is now done via syslog. Note
   that logging by cron is done lowercase when it logs about itsself
   and uppercase when it logs user events, like installing a new crontab.
   The default logfile file is the same as before:
   	syslog.conf:cron.*	/var/cron/log

-Guido
1994-01-22 20:44:14 +00:00
Rodney W. Grimes
1bf9d5d951 Initial import of 386BSD 0.1 othersrc/etc 1993-06-20 13:41:45 +00:00