Fix #42: add option to always trust kernel timestamp
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This commit is contained in:
parent
e69b0fe812
commit
9856e07e40
@ -38,7 +38,7 @@
|
|||||||
.Nd log systems messages
|
.Nd log systems messages
|
||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl ?46AdFHknsTv
|
.Op Fl ?46AdFHKknsTv
|
||||||
.Op Fl a Ar addr[/len][:port]
|
.Op Fl a Ar addr[/len][:port]
|
||||||
.Op Fl a Ar name[:port]
|
.Op Fl a Ar name[:port]
|
||||||
.Op Fl b Ar addr[:port]
|
.Op Fl b Ar addr[:port]
|
||||||
@ -255,6 +255,24 @@ and wants to monitor when and how it exits.
|
|||||||
.It Fl H
|
.It Fl H
|
||||||
When logging remote messages use hostname from the message (if supplied)
|
When logging remote messages use hostname from the message (if supplied)
|
||||||
instead of using address from which the message was received.
|
instead of using address from which the message was received.
|
||||||
|
.It Fl K
|
||||||
|
Keep (trust) kernel timestamp.
|
||||||
|
.Pp
|
||||||
|
On Linux systems the
|
||||||
|
.Pa /dev/kmsg
|
||||||
|
timestamp is a monotonic clock, in microseconds, relative to the boot of
|
||||||
|
the system. This timestamp is, among other things,
|
||||||
|
.Sy not
|
||||||
|
adjusted for suspend/resume cycles, meaning the kernel logs can start to
|
||||||
|
go out of sync with the rest of the system. This in turn can make it
|
||||||
|
really hard to correlate events.
|
||||||
|
.Pp
|
||||||
|
.Nm
|
||||||
|
by default only trusts the kernel timestamp when starting up the first
|
||||||
|
time. As soon as the the kernel ring buffer has been emptied,
|
||||||
|
.Nm
|
||||||
|
uses its own current time for each received kernel log message. This
|
||||||
|
option disables that behavior.
|
||||||
.It Fl k
|
.It Fl k
|
||||||
Disable the translation of
|
Disable the translation of
|
||||||
messages received with facility
|
messages received with facility
|
||||||
|
@ -141,6 +141,7 @@ static int RemoteAddDate; /* Always set the date on remote messages */
|
|||||||
static int RemoteHostname; /* Log remote hostname from the message */
|
static int RemoteHostname; /* Log remote hostname from the message */
|
||||||
|
|
||||||
static int KeepKernFac; /* Keep remotely logged kernel facility */
|
static int KeepKernFac; /* Keep remotely logged kernel facility */
|
||||||
|
static int KeepKernTime; /* Keep kernel timestamp, evern after initial read */
|
||||||
|
|
||||||
static off_t RotateSz = 0; /* Max file size (bytes) before rotating, disabled by default */
|
static off_t RotateSz = 0; /* Max file size (bytes) before rotating, disabled by default */
|
||||||
static int RotateCnt = 5; /* Max number (count) of log files to keep, set with -c <NUM> */
|
static int RotateCnt = 5; /* Max number (count) of log files to keep, set with -c <NUM> */
|
||||||
@ -253,8 +254,8 @@ static void sys_seqno_save(void)
|
|||||||
int usage(int code)
|
int usage(int code)
|
||||||
{
|
{
|
||||||
printf("Usage:\n"
|
printf("Usage:\n"
|
||||||
" syslogd [-46AdFknsTv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n"
|
" syslogd [-46AdFKknsTv?] [-a PEER] [-b NAME] [-f FILE] [-m INTERVAL]\n"
|
||||||
" [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n"
|
" [-P PID_FILE] [-p SOCK_PATH] [-r SIZE[:NUM]]\n"
|
||||||
"Options:\n"
|
"Options:\n"
|
||||||
" -4 Force IPv4 only\n"
|
" -4 Force IPv4 only\n"
|
||||||
" -6 Force IPv6 only\n"
|
" -6 Force IPv6 only\n"
|
||||||
@ -284,6 +285,7 @@ int usage(int code)
|
|||||||
" -F Run in foreground, required when monitored by init(1)\n"
|
" -F Run in foreground, required when monitored by init(1)\n"
|
||||||
" -f FILE Alternate .conf file, default: %s\n"
|
" -f FILE Alternate .conf file, default: %s\n"
|
||||||
" -k Allow logging with facility 'kernel', otherwise remapped to 'user'\n"
|
" -k Allow logging with facility 'kernel', otherwise remapped to 'user'\n"
|
||||||
|
" -K Keep kernel timestamp, even after initial ring buffer emptying\n"
|
||||||
" -m MINS Interval between MARK messages, 0 to disable, default: 20 min\n"
|
" -m MINS Interval between MARK messages, 0 to disable, default: 20 min\n"
|
||||||
" -n Disable DNS query for every request\n"
|
" -n Disable DNS query for every request\n"
|
||||||
" -P FILE File to store the process ID, default: %s\n"
|
" -P FILE File to store the process ID, default: %s\n"
|
||||||
@ -315,7 +317,7 @@ int main(int argc, char *argv[])
|
|||||||
int pflag = 0, bflag = 0;
|
int pflag = 0, bflag = 0;
|
||||||
int ch;
|
int ch;
|
||||||
|
|
||||||
while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:km:nP:p:r:sTv?")) != EOF) {
|
while ((ch = getopt(argc, argv, "46Aa:b:C:dHFf:Kkm:nP:p:r:sTv?")) != EOF) {
|
||||||
switch ((char)ch) {
|
switch ((char)ch) {
|
||||||
case '4':
|
case '4':
|
||||||
family = PF_INET;
|
family = PF_INET;
|
||||||
@ -370,6 +372,10 @@ int main(int argc, char *argv[])
|
|||||||
KeepKernFac = 1;
|
KeepKernFac = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'K': /* keep/trust kernel timestamp always */
|
||||||
|
KeepKernTime = 1;
|
||||||
|
break;
|
||||||
|
|
||||||
case 'm': /* mark interval */
|
case 'm': /* mark interval */
|
||||||
MarkInterval = atoi(optarg) * 60;
|
MarkInterval = atoi(optarg) * 60;
|
||||||
break;
|
break;
|
||||||
@ -1238,7 +1244,7 @@ void printsys(char *msg)
|
|||||||
* current time of any new kernel messages.
|
* current time of any new kernel messages.
|
||||||
* -- Joachim Wiberg Nov 23, 2021
|
* -- Joachim Wiberg Nov 23, 2021
|
||||||
*/
|
*/
|
||||||
if (!sys_seqno_init) {
|
if (KeepKernTime || !sys_seqno_init) {
|
||||||
now = boot_time + ustime / 1000000;
|
now = boot_time + ustime / 1000000;
|
||||||
buffer.timestamp.usec = ustime % 1000000;
|
buffer.timestamp.usec = ustime % 1000000;
|
||||||
localtime_r(&now, &buffer.timestamp.tm);
|
localtime_r(&now, &buffer.timestamp.tm);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user