|LOG_EMERG||A panic condition. This is normally broadcast to all users.|
|LOG_ALERT||A condition that should be corrected immediately, such as a corrupted system database.|
|LOG_CRIT||Critical conditions, e.g., hard device errors.|
|LOG_NOTICE||Conditions that are not error conditions, but should possibly be handled specially.|
|LOG_DEBUG||Messages that contain information normally of use only when debugging a program.|
The openlog function provides for more specialized processing of the messages sent by syslog and vsyslog. The ident argument is a string that will be prepended to every message. The logopt argument is a bit field specifying logging options, which is formed by OR ing one or more of the following values:
|LOG_CONS||If syslog cannot pass the message to syslogd(8) it will attempt to write the message to the console ("/dev/console").|
|LOG_NDELAY||Open the connection to syslogd(8) immediately. Normally the open is delayed until the first message is logged. Useful for programs that need to manage the order in which file descriptors are allocated.|
|LOG_PERROR||Write the message to standard error output as well to the system log.|
|LOG_PID||Log the process id with each message: useful for identifying instantiations of daemons.|
The facility argument encodes a default facility to be assigned to all messages that do not have an explicit facility encoded:
|LOG_AUTH||The authorization system: login(1), su(1), getty(8), etc.|
|The same as LOG_AUTH, but logged to a file readable only by selected individuals.|
|LOG_CONSOLE||Messages written to /dev/console by the kernel console output driver.|
|LOG_CRON||The cron daemon: cron(8).|
|LOG_DAEMON||System daemons, such as routed(8), that are not provided for explicitly by other facilities.|
|LOG_FTP||The file transfer protocol daemons: ftpd(8), tftpd(8).|
|LOG_KERN||Messages generated by the kernel. These cannot be generated by any user processes.|
|LOG_LPR||The line printer spooling system: lpr(1), lpc(8), lpd(8), etc.|
|LOG_MAIL||The mail system.|
|LOG_NEWS||The network news system.|
|LOG_NTP||The network time protocol system.|
|Security subsystems, such as ipfw(4).|
|LOG_SYSLOG||Messages generated internally by syslogd(8).|
|LOG_USER||Messages generated by random user processes. This is the default facility identifier if none is specified.|
|LOG_UUCP||The uucp system.|
|LOG_LOCAL0||Reserved for local use. Similarly for LOG_LOCAL1 through LOG_LOCAL7.|
The closelog function can be used to close the log file.
The setlogmask function sets the log priority mask to maskpri and returns the previous mask. Calls to syslog with a priority not set in maskpri are rejected. The mask for an individual priority pri is calculated by the macro LOG_MASK pri; the mask for all priorities up to and including toppri is given by the macro LOG_UPTO toppri;. The default allows all priorities to be logged.
The routines closelog, openlog, syslog and vsyslog return no value.
The routine setlogmask always returns the previous log mask level.
syslog(LOG_ALERT, "who: internal error 23");
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
syslog(LOG_INFO, "Connection from host %d", CallingHost);
syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
These functions appeared in BSD 4.2 .
Never pass a string with user-supplied data as a format without using %s. An attacker can put format specifiers in the string to mangle your stack, leading to a possible security hole. This holds true even if the string was built using a function like snprintf, as the resulting string may still contain user-supplied conversion specifiers for later interpolation by syslog.
Always use the proper secure idiom:
syslog( %s, string);