From 4fd55cd1acd0ae8ea6b8a469991a104b17da37f3 Mon Sep 17 00:00:00 2001
From: Joachim Wiberg <troglobit@gmail.com>
Date: Tue, 29 Mar 2022 20:14:56 +0200
Subject: [PATCH] syslog.conf: disable debug messages by default from
 /var/log/syslog

Many projects use sysklogd with the shipped syslog.conf as their own
default /etc/syslog.conf.  This is fine of course, but for many small
embedded systems getting all debug messages in the log by default is not
desirable.

This change drops debug messages from /var/log/syslog by default and
recommends admins to use /var/log/debug, or drop the debug filter.

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
---
 syslog.conf | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/syslog.conf b/syslog.conf
index 8e4f9e2..2513a38 100644
--- a/syslog.conf
+++ b/syslog.conf
@@ -7,7 +7,11 @@
 # First some standard log files.  Log by facility.
 #
 auth,authpriv.*			 /var/log/auth.log
-*.*;auth,authpriv.none		-/var/log/syslog
+
+# Everything except debug and security tokens, re-enable debug by
+# dropping '*.!=debug;', or enable /var/log/debug below
+*.*;*.!=debug;\
+	auth,authpriv.none	-/var/log/syslog
 
 #cron.*				/var/log/cron.log
 #daemon.*			-/var/log/daemon.log