diff options
author | ru <ru@FreeBSD.org> | 2004-07-02 23:13:00 +0000 |
---|---|---|
committer | ru <ru@FreeBSD.org> | 2004-07-02 23:13:00 +0000 |
commit | 6294018a208cf7742b1c021a9b75c26962505571 (patch) | |
tree | 502f17eb951b74c914af346cd4dbff252350c082 /usr.sbin/syslogd | |
parent | 3f44360851448f8816c22f6b72e8dd5c9924c27f (diff) | |
download | FreeBSD-src-6294018a208cf7742b1c021a9b75c26962505571.zip FreeBSD-src-6294018a208cf7742b1c021a9b75c26962505571.tar.gz |
Mechanically kill hard sentence breaks.
Diffstat (limited to 'usr.sbin/syslogd')
-rw-r--r-- | usr.sbin/syslogd/syslog.conf.5 | 29 | ||||
-rw-r--r-- | usr.sbin/syslogd/syslogd.8 | 40 |
2 files changed, 46 insertions, 23 deletions
diff --git a/usr.sbin/syslogd/syslog.conf.5 b/usr.sbin/syslogd/syslog.conf.5 index 789d63f..826c662 100644 --- a/usr.sbin/syslogd/syslog.conf.5 +++ b/usr.sbin/syslogd/syslog.conf.5 @@ -70,13 +70,13 @@ Note that if you use spaces as separators, your .Nm might be incompatible with other Unices or Unix-like systems. This functionality was added for ease of configuration -(e.g. it is possible to cut-and-paste into +(e.g.\& it is possible to cut-and-paste into .Nm ) , and to avoid possible mistakes. This change however preserves backwards compatibility with the old style of .Nm -(i.e. tab characters only). +(i.e., tab characters only). .Pp The .Em selectors @@ -352,10 +352,12 @@ Selected messages are written to all logged-in users. A vertical bar .Pq Dq \&| , followed by a command to pipe the selected -messages to. The command is passed to +messages to. +The command is passed to .Xr sh 1 for evaluation, so usual shell metacharacters or input/output -redirection can occur. (Note however that redirecting +redirection can occur. +(Note however that redirecting .Xr stdio 3 buffered output from the invoked command can cause additional delays, or even lost output data in case a logging subprocess exited with a @@ -368,23 +370,28 @@ redirected to Upon receipt of a .Dv SIGHUP , .Xr syslogd 8 -will close the pipe to the process. If the process didn't exit +will close the pipe to the process. +If the process didn't exit voluntarily, it will be sent a .Dv SIGTERM signal after a grace period of up to 60 seconds. .Pp The command will only be started once data arrives that should be piped -to it. If it exited later, it will be restarted as necessary. So if it +to it. +If it exited later, it will be restarted as necessary. +So if it is desired that the subprocess should get exactly one line of input only (which can be very resource-consuming if there are a lot of messages flowing quickly), this can be achieved by exiting after just one line of -input. If necessary, a script wrapper can be written to this effect. +input. +If necessary, a script wrapper can be written to this effect. .Pp Unless the command is a full pipeline, it's probably useful to start the command with .Em exec so that the invoking shell process does not wait for the command to -complete. Warning: the process is started under the UID invoking +complete. +Warning: the process is started under the UID invoking .Xr syslogd 8 , normally the superuser. .El @@ -477,9 +484,11 @@ or higher, not at the level of or higher. .Pp In networked environments, note that not all operating systems -implement the same set of facilities. The facilities +implement the same set of facilities. +The facilities authpriv, cron, ftp, and ntp that are known to this implementation -might be absent on the target system. Even worse, DEC UNIX uses +might be absent on the target system. +Even worse, DEC UNIX uses facility number 10 (which is authpriv in this implementation) to log events for their AdvFS file system. .Sh SEE ALSO diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8 index 80782d6..caef93d 100644 --- a/usr.sbin/syslogd/syslogd.8 +++ b/usr.sbin/syslogd/syslogd.8 @@ -77,7 +77,8 @@ Allow .Ar allowed_peer to log to this .Nm -using UDP datagrams. Multiple +using UDP datagrams. +Multiple .Fl a options may be specified. .Pp @@ -105,11 +106,13 @@ If specified, .Ar service is the name or number of an UDP service (see .Xr services 5 ) -the source packet must belong to. A +the source packet must belong to. +A .Ar service of .Ql \&* -allows packets being sent from any UDP port. The default +allows packets being sent from any UDP port. +The default .Ar service is .Ql syslog . @@ -120,7 +123,8 @@ is IPv4 address, a missing will be substituted by the historic class A or class B netmasks if .Ar ipaddr belongs into the address range of class A or B, respectively, or -by 24 otherwise. If +by 24 otherwise. +If .Ar ipaddr is IPv6 address, a missing .Ar masklen @@ -132,7 +136,8 @@ will be substituted by 128. .Xc Accept datagrams where the reverse address lookup yields .Ar domainname -for the sender address. The meaning of +for the sender address. +The meaning of .Ar service is as explained above. .It Xo @@ -165,7 +170,8 @@ If specified twice, disable this compression in all cases. .It Fl d Put .Nm -into debugging mode. This is probably only of use to developers working on +into debugging mode. +This is probably only of use to developers working on .Nm . .It Fl f Specify the pathname of an alternate configuration file; @@ -209,19 +215,24 @@ The primary use for this is to place additional log sockets in .Pa /var/run/log of various chroot filespaces. .It Fl s -Operate in secure mode. Do not log messages from remote machines. If +Operate in secure mode. +Do not log messages from remote machines. +If specified twice, no network socket will be opened at all, which also disables logging to remote machines. .It Fl u -Unique priority logging. Only log messages at the specified priority. +Unique priority logging. +Only log messages at the specified priority. Without this option, messages at the stated priority or higher are logged. This option changes the default comparison from .Dq => to .Dq = . .It Fl v -Verbose logging. If specified once, the numeric facility and priority are -logged with each locally-written message. If specified more than once, +Verbose logging. +If specified once, the numeric facility and priority are +logged with each locally-written message. +If specified more than once, the names of the facility and priority are logged with each locally-written message. .El @@ -307,9 +318,11 @@ extensions. .Sh BUGS The ability to log messages received in UDP packets is equivalent to an unauthenticated remote disk-filling service, and should probably be -disabled by default. Some sort of +disabled by default. +Some sort of .No inter- Ns Nm syslogd -authentication mechanism ought to be worked out. To prevent the worst +authentication mechanism ought to be worked out. +To prevent the worst abuse, use of the .Fl a option is therefore highly recommended. @@ -317,7 +330,8 @@ option is therefore highly recommended. The .Fl a matching algorithm doesn't pretend to be very efficient; use of numeric -IP addresses is faster than domain name comparison. Since the allowed +IP addresses is faster than domain name comparison. +Since the allowed peer list is being walked linearly, peer groups where frequent messages are being anticipated from should be put early into the .Fl a |