Commit Graph

61 Commits

Author SHA1 Message Date
Alan Somers
6d1014a32b Add syslog(3) support to devd(8).
sbin/devd/devd.cc
        All output will now go to syslog(3) if devd is daemonized, or stderr
        if it's running in the foreground.

sbin/devd/devd.8
        Remove the "-D" flag.  Filtering messages by priority now
	happens in the usual syslog way.  For performance reasons, a few
	extra-verbose debugging statements are now conditional on the "-d" (do
	not daemonize) flag.

etc/syslog.conf
etc/newsyslog.conf
        Direct messages from devd(8) to /var/log/devd.log, but leave it
        disabled by default

Reviewed by:	eadler
Approved by:	gibbs (co-mentor)
MFC after:	never (removed a command-line option from devd)
2013-07-01 21:20:17 +00:00
Eitan Adler
fc0f2bcf18 Revert r250565 which causes issues for older CPUs
PR:		conf/178504
Requested by:	many
2013-05-12 21:24:18 +00:00
Eitan Adler
e4132b573c Make newsyslog compress logs with xz instead of bzip2 to save space.
PR:		conf/178504
Submitted by:	ak
Reviewed by:	smh
2013-05-12 15:23:59 +00:00
Mark Johnston
0191c2dfa8 Don't reload syslogd after rotating sendmail.st, as this file isn't
managed by syslogd.

PR:		conf/169973
Approved by:	rstone (co-mentor)
MFC after:	1 week
2012-12-20 23:18:36 +00:00
Gleb Smirnoff
3fc38dbfb8 Fix typo in weekly line which made it to rotated after reaching > 1 Kb.
PR:		conf/173857
Submitted by:	Matt Smith <matt xtaz.co.uk>
2012-11-26 19:42:38 +00:00
Gleb Smirnoff
004cb95bae Rotate auth.log and messages at the beginning of a year. Otherwise,
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
2012-03-19 09:30:40 +00:00
Ed Schouten
4c2c7b2c94 Make init(8) slightly more robust when /dev/console is missing.
If the environment doesn't offer a working /dev/console, the existing
version of init(8) will simply refuse running rc(8) scripts. This means
you'll only have a system running init(8) and nothing else.

Change the code to do the following:

- Open /dev/console like we used to do, but make it more robust to use
  O_NONBLOCK to prevent blocking on a carrier.
- If this fails, use /dev/null as stdin and /var/log/init.log as stdout
  and stderr.
- If even this fails, use /dev/null as stdin, stdout and stderr.

So why us this useful? Well, if you remove the `getpid() == 1' check in
main(), you can now use init(8) inside jails to properly execute rc(8).
It still requires some polishing, as existing tools assume init(8) has
PID 1.

Also it is now possible to use use init(8) on `headless' devices that
don't even have a serial boot console.
2012-03-14 16:22:09 +00:00
Ruslan Ermilov
a4638c5ce5 Updated `flags' field description. 2011-05-03 12:22:46 +00:00
Ed Schouten
1e40039260 Let rc and periodic infrastructure and newsyslog use the utmpx files. 2010-01-13 19:07:48 +00:00
Ken Smith
edadbb99db The slip.log file got removed along with the MPSAFE tty work. If slip
does ever come back it's probably best if its log file be something that
gets added if the user decided they want to run slip instead of having
it here unconditionally.
2008-12-02 16:46:01 +00:00
Brooks Davis
d4df47caab Remove the C flag from slip.log. The current slip userbase does not
justify the presence of a (usually empty) /var/log/slip.log on every
FreeBSD box.
2008-03-27 03:30:14 +00:00
Brooks Davis
bb4bd97c12 - Update etc/rc.d/newsyslog to FreeBSD standards and install it.
- Enable it by default, running newsyslog with -CN which creates files
   that have the C flag specified in /etc/newsyslog.conf.
 - Remove the "newsyslog -CC" call from etc/rc.d/var and the check for
   newsyslog.
 - Add the C flag to entries in /etc/newsyslog.conf that are currently
   installed as part of the base system.

There are two effects from this change:
 - Users who delete default syslog files to stop logging to them
   will need to set newsyslog_enable=NO in rc.conf or remove the C
   flag from those file in /etc/newsyslog.conf or they will come back
   on the next boot.
 - Diskless systems now create the same set of files that ordinary
   systems have by default instead of every file in newsyslog.conf.
2005-03-02 00:40:55 +00:00
Max Laier
042d501cc7 Style:
- do not comment out entries in newsyslog.conf
 - use tabs to line up inetd.conf

Requested by:	bde
Approved by:	bms(mentor)
2004-04-03 17:52:29 +00:00
Max Laier
6cd9ebedd7 Add rc.d script to start pflogd and add rcvars etc. Also document vars in
rc.conf(5) and put a sample entry to newsyslog.conf

Reviewed by:	-current
Approved by:	bms(mentor)
2004-04-02 19:25:27 +00:00
Max Khon
c4cab931c5 Fix typo in comments:
/etc/syslogd.conf -> /etc/syslog.conf

MFC after:	3 days
2003-08-07 21:04:40 +00:00
Garance A Drosehn
6663ea7f48 Add the 'N' flag to the entries for three log files which are *not*
written to by syslogd:  /var/log/{daily.log,weekly.log,monthly.log}

MFC after:	1 week
2003-05-05 19:08:33 +00:00
Garance A Drosehn
504755d9ca Update the comments in this file to reflect the recent changes to
newsyslog.

MFC after:	1 week
2003-05-05 19:05:43 +00:00
Dag-Erling Smørgrav
4845d27e63 Introduce debug.log which gets debug.* (most of this would otherwise go
to the great bit-bucket in the sky)
2003-04-08 16:14:02 +00:00
Dag-Erling Smørgrav
6bbe71f3b8 Alphabetize. 2003-02-16 13:07:20 +00:00
Mark Murray
a5dd613ce6 Rename the ftp log filename for compatability with OpenBSD and NetBSD.
Requested by:	ru
2002-09-21 12:07:35 +00:00
Mark Murray
bbd0e6a78d Log ftpd stuff in the same way that we log lpd stuff. Too many ftpd's
are attacked for us to throw away this sort of evidence.
2002-09-20 22:10:01 +00:00
David E. O'Brien
8e00cef74d Use bzip2 instead of gzip for those logs we compress.
Basic idea agreed to by:	rwatson
2002-09-12 17:28:07 +00:00
Gregory Neil Shapiro
519c4f1816 Change the default permissions for the sendmail statistics file to 0640
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:44:53 +00:00
Robert Watson
30d6457c9e Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
Robert Watson
0ec9497e58 Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
David E. O'Brien
ec0f8380d3 Use tabs where possible. 2001-12-01 17:14:34 +00:00
Jonathan Lemon
dbae8e5b46 Change maillog to have permissions of 640. Users shouldn't be able to
eavesdrop on other users' communications.
2001-09-17 01:33:15 +00:00
Brian Somers
32706fb26f Allow group network to read ppp.log & slip.log.
Suggested by: Jesper Skriver <jesper@FreeBSD.org>
2001-09-03 11:35:17 +00:00
Robert Watson
78eb04b942 o Note that some sites will want to select generally more conservative
permissions on some files, and give hints as to what those permissions
  might be.  Note also that the current more liberal permissions might
  get changed in future revisions.
2001-09-01 21:00:28 +00:00
Robert Watson
585514eb2d o More conservative permissions for kerberos.log: 600 instead of 644.
Reviewed by:	peter
2001-08-31 23:44:51 +00:00
David E. O'Brien
8e4e3be259 Document Bzip2's flag.
PR:		27901
Submitted by:	Anders Nordby <anders@fix.no> (stylistic changes by me)
2001-07-30 15:18:15 +00:00
Poul-Henning Kamp
142ef1abd5 /var/log/console.log should be mode 600.
PR:		25329
Submitted by:	Yoshihiro Koya Yoshihiro.Koya@math.yokohama-cu.ac.jp
MFC after:	1 week
2001-05-28 20:54:34 +00:00
Poul-Henning Kamp
960cada9b8 Log the console output to "/var/log/console.log", not "/var/log/console"
(MFC candidate)
2001-02-17 20:27:58 +00:00
Robert Watson
d6828be55f o Introduce automated log rotation for /var/log/console, the
default syslog target for console messages (when enabled in
  syslog.conf).  Use the same rotation defaults as with
  /var/log/messages -- every 100kb of log, compress back logs,
  and keep five rotated logs.
o Note: phk also thought it would be useful to force rotation
  each boot.  This commit does not introduce such a rotation.

Reviewed by:	phk
2001-02-06 06:07:00 +00:00
Brian Somers
9ed55d1192 Another overhaul of the periodic stuff.
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8).  Output may be masked based on variable values in
periodic.conf.

It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.

The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).

PR:	21250
2000-09-14 17:19:15 +00:00
Peter Wemm
4944b91311 Change various log file modes from mode 664 to 644. Allowing group
wheel to trash logfiles is not exactly good security policy.  There have
been several gid wheel holes in ports.  Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them.  utmp and
wtmp are mode 644 already on all the systems we checked.

Submitted by:  jkb
Reviewed by:   kris
2000-07-14 01:12:50 +00:00
Robert Watson
13c032fd0e Add two commented out syslog.conf entries, one to demonstrate the use of
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.

Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism.  Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.

Approved by:	jkh
Reviewed by:	freebsd-security
2000-02-08 21:57:28 +00:00
Nick Hibma
d98069654d Move /var/cron/log to /var/log/cron 1999-09-06 20:10:27 +00:00
Peter Wemm
9b7a44a60e $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
Brian Feldman
fa62586ae7 This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by:	rgrimes, imp, chris
1999-08-21 18:24:29 +00:00
David E. O'Brien
63b5983b9e Syntax for user/group is changed from "user.group" to "user:group" to be
consistant with chown(8).
1999-06-28 03:15:02 +00:00
David E. O'Brien
eadcd25f72 Fix minor alignment problem. 1999-06-28 03:03:17 +00:00
Ruslan Ermilov
3390b499a2 Damn, forgot this: time -> when. 1999-06-01 11:20:15 +00:00
Ruslan Ermilov
d65a665e4d Sync header line with newsyslog(8).
PR:		11511
Reviewed by:	des
1999-06-01 10:57:38 +00:00
Garrett Wollman
19f1101052 Now that newsyslog is capable of doing this at a specific time,
let it rotate /var/log/wtmp again, and update monthly/200.accounting to
take this into account.  (Some sites might want to change the parameters
of the rotation; it's easier to do this when it's all centralized in
newsyslog.conf.)
1999-01-28 20:03:31 +00:00
Andrey A. Chernov
81fa3bb440 Indicate optional signal number field 1998-06-09 18:26:16 +00:00
Jonathan M. Bresler
f647ad5d86 rotate sendmail statistics file weekly.
keep the last ten weeks of data.
Submitted by:	jmb
1998-04-14 23:08:29 +00:00
Daniel O'Callaghan
8e035c500f PR: 1708, 5448
Remove wtmp
1998-02-09 11:47:51 +00:00
Andrey A. Chernov
2dfeae46e9 Fix ppp log name 1997-06-10 20:39:10 +00:00
Andrey A. Chernov
f61b62f2b6 Not kill ppp now, it uses syslog 1997-06-10 20:06:40 +00:00