| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
- Include /etc/newsyslog.conf.d/* and /usr/local/etc/newsyslog.conf.d/* by
default for newsyslog(8).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sbin/devd/devd.cc
All output will now go to syslog(3) if devd is daemonized, or stderr
if it's running in the foreground.
sbin/devd/devd.8
Remove the "-D" flag. Filtering messages by priority now
happens in the usual syslog way. For performance reasons, a few
extra-verbose debugging statements are now conditional on the "-d" (do
not daemonize) flag.
etc/syslog.conf
etc/newsyslog.conf
Direct messages from devd(8) to /var/log/devd.log, but leave it
disabled by default
Reviewed by: eadler
Approved by: gibbs (co-mentor)
MFC after: never (removed a command-line option from devd)
|
|
|
|
|
| |
PR: conf/178504
Requested by: many
|
|
|
|
|
|
| |
PR: conf/178504
Submitted by: ak
Reviewed by: smh
|
|
|
|
|
|
|
|
| |
managed by syslogd.
PR: conf/169973
Approved by: rstone (co-mentor)
MFC after: 1 week
|
|
|
|
|
| |
PR: conf/173857
Submitted by: Matt Smith <matt xtaz.co.uk>
|
|
|
|
|
| |
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the environment doesn't offer a working /dev/console, the existing
version of init(8) will simply refuse running rc(8) scripts. This means
you'll only have a system running init(8) and nothing else.
Change the code to do the following:
- Open /dev/console like we used to do, but make it more robust to use
O_NONBLOCK to prevent blocking on a carrier.
- If this fails, use /dev/null as stdin and /var/log/init.log as stdout
and stderr.
- If even this fails, use /dev/null as stdin, stdout and stderr.
So why us this useful? Well, if you remove the `getpid() == 1' check in
main(), you can now use init(8) inside jails to properly execute rc(8).
It still requires some polishing, as existing tools assume init(8) has
PID 1.
Also it is now possible to use use init(8) on `headless' devices that
don't even have a serial boot console.
|
| |
|
| |
|
|
|
|
|
|
| |
does ever come back it's probably best if its log file be something that
gets added if the user decided they want to run slip instead of having
it here unconditionally.
|
|
|
|
|
| |
justify the presence of a (usually empty) /var/log/slip.log on every
FreeBSD box.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Enable it by default, running newsyslog with -CN which creates files
that have the C flag specified in /etc/newsyslog.conf.
- Remove the "newsyslog -CC" call from etc/rc.d/var and the check for
newsyslog.
- Add the C flag to entries in /etc/newsyslog.conf that are currently
installed as part of the base system.
There are two effects from this change:
- Users who delete default syslog files to stop logging to them
will need to set newsyslog_enable=NO in rc.conf or remove the C
flag from those file in /etc/newsyslog.conf or they will come back
on the next boot.
- Diskless systems now create the same set of files that ordinary
systems have by default instead of every file in newsyslog.conf.
|
|
|
|
|
|
|
|
| |
- do not comment out entries in newsyslog.conf
- use tabs to line up inetd.conf
Requested by: bde
Approved by: bms(mentor)
|
|
|
|
|
|
|
| |
rc.conf(5) and put a sample entry to newsyslog.conf
Reviewed by: -current
Approved by: bms(mentor)
|
|
|
|
|
|
| |
/etc/syslogd.conf -> /etc/syslog.conf
MFC after: 3 days
|
|
|
|
|
|
| |
written to by syslogd: /var/log/{daily.log,weekly.log,monthly.log}
MFC after: 1 week
|
|
|
|
|
|
| |
newsyslog.
MFC after: 1 week
|
|
|
|
| |
to the great bit-bucket in the sky)
|
| |
|
|
|
|
| |
Requested by: ru
|
|
|
|
| |
are attacked for us to throw away this sort of evidence.
|
|
|
|
| |
Basic idea agreed to by: rwatson
|
|
|
|
|
|
|
|
| |
instead of 0644 to help protect users against a file locking local
denial of service.
MFC after: 1 day
pending RE approval
|
|
|
|
|
|
|
|
|
|
| |
'authentication.log' as 'auth.log'.
This is also more consistent with syslog facility names.
Sigh. :-)
Submitted by: asmodai, aeonflux, green, ....
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.
o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).
This creates a special authentication log, which can now be searched
by scripts for authentication events.
|
| |
|
|
|
|
| |
eavesdrop on other users' communications.
|
|
|
|
| |
Suggested by: Jesper Skriver <jesper@FreeBSD.org>
|
|
|
|
|
|
| |
permissions on some files, and give hints as to what those permissions
might be. Note also that the current more liberal permissions might
get changed in future revisions.
|
|
|
|
| |
Reviewed by: peter
|
|
|
|
|
| |
PR: 27901
Submitted by: Anders Nordby <anders@fix.no> (stylistic changes by me)
|
|
|
|
|
|
| |
PR: 25329
Submitted by: Yoshihiro Koya Yoshihiro.Koya@math.yokohama-cu.ac.jp
MFC after: 1 week
|
|
|
|
| |
(MFC candidate)
|
|
|
|
|
|
|
|
|
|
|
| |
default syslog target for console messages (when enabled in
syslog.conf). Use the same rotation defaults as with
/var/log/messages -- every 100kb of log, compress back logs,
and keep five rotated logs.
o Note: phk also thought it would be useful to force rotation
each boot. This commit does not introduce such a rotation.
Reviewed by: phk
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8). Output may be masked based on variable values in
periodic.conf.
It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.
The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).
PR: 21250
|
|
|
|
|
|
|
|
|
|
|
| |
wheel to trash logfiles is not exactly good security policy. There have
been several gid wheel holes in ports. Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them. utmp and
wtmp are mode 644 already on all the systems we checked.
Submitted by: jkb
Reviewed by: kris
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.
Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism. Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.
Approved by: jkh
Reviewed by: freebsd-security
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
|
|
|
|
| |
consistant with chown(8).
|
| |
|
| |
|
|
|
|
|
| |
PR: 11511
Reviewed by: des
|
|
|
|
|
|
|
| |
let it rotate /var/log/wtmp again, and update monthly/200.accounting to
take this into account. (Some sites might want to change the parameters
of the rotation; it's easier to do this when it's all centralized in
newsyslog.conf.)
|
| |
|
|
|
|
|
| |
keep the last ten weeks of data.
Submitted by: jmb
|
|
|
|
| |
Remove wtmp
|
| |
|