Go to file
Joachim Nilsson 49968d977e syslogd.8: Update section on SECURITY and .conf differences
- We have the -a PEER and -s to limit exposure to remote attacks
- Mention include file syntax in .conf file differences section
- Mention SECURITY section in BUGS, there are countermeasures

Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
2019-11-15 09:44:15 +01:00
docs Support for sending messages to a custom port on remote server 2019-11-06 14:23:03 +01:00
example Relicense example code/readme/makefile as public domain 2019-11-08 13:43:37 +01:00
lib Mark strlcat() and strlcpy() as weak functions, for libsyslog 2019-11-04 11:04:13 +01:00
man syslogd.8: Update section on SECURITY and .conf differences 2019-11-15 09:44:15 +01:00
src syslogd: Fix broken wallmsg(), off-by one iov 2019-11-15 08:31:46 +01:00
test test: Sender randomizes port, allow any in FWD test syslogd 2019-11-15 09:11:53 +01:00
.gitignore Silence autoconf, use an m4/ sub-directory for macros 2019-11-03 17:30:59 +01:00
.travis.yml Travis-CI: Fix build w/o messing up example code build 2019-11-13 17:54:35 +01:00
autogen.sh Relocate files to man/ and src/ and change to GNU configure & build 2018-08-02 22:52:40 +02:00
ChangeLog.md Final touches to ChangeLog for v2.0 release 2019-11-15 08:58:41 +01:00
configure.ac Drop --with-syslogd-pidfile from configure, use -P option to syslogd 2019-11-13 11:52:15 +01:00
COPYING Update GPL to latest revision, FSF address change + minor fixups 2019-10-12 10:42:24 +02:00
klogd.service.in Add pointers to service man pages in unit files 2018-08-05 19:20:17 +02:00
Makefile.am Install systemd unit files, follow-up to cda4c6a 2019-11-13 10:18:10 +01:00
README.md Update feature list and add <PRI> field to logo :) 2019-11-15 08:58:16 +01:00
syslog.conf Update example syslog.conf with relevant and modern defaults 2019-11-03 12:19:37 +01:00
syslogd.service.in syslogd: Adopt FreeBSD -F instead of -n to run in foreground 2019-11-13 17:08:47 +01:00

                  .--.  .--.              .--.
.-----.--.--.-----|  |--|  :-----.-----.--|  |
|__ --|  |  |__ --|    <|  |  _  |  _  |  _  |    RFC3164 :: syslogd for Linux
|_____|___  |_____|__|__|__|_____|___  |_____|    RFC5424 :: w/NetBSD syslogp()
      |_____|                    |_____|

<23>Aug 24 05:14:15 192.0.2.1 myproc[8710]: Kilroy was here.
<23>1 2019-11-04T00:50:15.001234+01:00 troglobit myproc 8710 - - Kilroy was here.

BSD Badge License Badge Travis Status Coverity Status

Table of Contents

Introduction

This is the continuation of the original Debian/Ubuntu syslog daemon, updated with full RFC3164 and RFC5424 support from NetBSD and FreeBSD. The package includes the libsyslog.{a,so} library and a syslog.h header file replacement, two system log daemons, syslogd and klogd (optional), and one command line tool called logger.

libsyslog and syslog/syslog.h, derived directly from NetBSD, expose syslogp() and other new features available only in RFC5424:

The syslogd daemon is an enhanced version of the standard Berkeley utility program, updated with DNA from FreeBSD. It is responsible for providing logging of messages received from programs and facilities on the local host as well as from remote hosts. Although compatible with standard C-library implementations of the syslog() API (GLIBC, musl libc, uClibc), libsyslog must be used in your application to unlock the new RFC5424 syslogp() API.

The optional klogd daemon, enabled with configure --with-klogd, supports the GLIBC klogctl() API to read kernel log messages and can also decode EIP addresses on Linux Oops, provided a System.map file. The syslogd daemon can run stand-alone without klogd, this is the default.

The included logger tool can be used from the command line, or script, to send RFC5424 formatted messages using libsyslog to syslogd for local or remote logging.

Main differences from the original sysklogd package are:

  • klogd no longer built by default (optional) syslogd is stand-alone
  • Major command line changes to syslogd, for compatibilty with *BSD
  • Supports include /etc/syslog.d/*.conf directuve, see example .conf
  • Built-in log-rotation support, with compression by default, useful for embedded systems. No need for cron and a separate log rotate daemon
  • Full RFC3164 and RFC5424 support from NetBSD and FreeBSD
  • Support for sending RFC3164 style remote syslog messages, including timestamp and hostname. Defaults to send w/o for compatibility
  • Support for sending RFC5424 style remote syslog messages
  • Support for sending messages to a custom port on a remote server
  • Support for listening to a custom port
  • Support for remote peer filtering, from FreeBSD
  • Support for disabling DNS reverse lookups for each remote log message
  • Support for FreeBSD Secure Mode
  • Includes a logger tool with RFC5424 capabilities (msgid etc.)
  • Includes a syslog library and system header replacement for logging
  • FreeBSD socket receive buffer size patch
  • Avoid blocking syslogd if console is backed up
  • Touch PID file on SIGHUP, for integration with Finit
  • GNU configure & build system to ease porting/cross-compiling
  • Support for configuring remote syslog timeout

Using -lsyslog

libsyslog is by default installed as a library with a header file:

#include <syslog/syslog.h>

The output from the pkg-config tool holds no surprises:

$ pkg-config --libs --static --cflags libsyslog
-I/usr/local/include -L/usr/local/lib -lsyslog

The prefix path /usr/local/ shown here is only the default. Use the configure script to select a different prefix when installing libsyslog.

For GNU autotools based projects, use the following in configure.ac:

# Check for required libraries
PKG_CHECK_MODULES([syslog], [libsyslog >= 2.0])

and in your Makefile.am:

proggy_CFLAGS = $(syslog_CFLAGS)
proggy_LDADD  = $(syslog_LIBS)

The distribution comes with an example program that utilizes the NetBSD API and links against libsyslog.

Build & Install

The GNU Configure & Build system use /usr/local as the default install prefix. In many cases this is useful, but this means the configuration files and cache files will also use that same prefix. Most users have come to expect those files in /etc/ and /var/run/ and configure has a few useful options that are recommended to use:

$ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
$ make -j5
$ sudo make install-strip

You may want to remove the --prefix=/usr option.

Building from GIT

If you want to contribute, or just try out the latest but unreleased features, then you need to know a few things about the GNU build system:

  • configure.ac and a per-directory Makefile.am are key files
  • configure and Makefile.in are generated from autogen.sh, they are not stored in GIT but automatically generated for the release tarballs
  • Makefile is generated by configure script

To build from GIT you first need to clone the repository and run the autogen.sh script. This requires automake and autoconf to be installed on your system.

git clone https://github.com/troglobit/sysklogd.git
cd sysklogd/
./autogen.sh
./configure && make

GIT sources are a moving target and are not recommended for production systems, unless you know what you are doing!

Origin & References

This is the continuation of the original sysklogd by Dr. G.W. Wettstein and Martin Schulze. Currently maintained, and heavily updated with the latest features from NetBSD and FreeBSD, by Joachim Nilsson. Please file bug reports, or send pull requests for bug fixes and proposed extensions at GitHub.

The project is licensed under the GPL, but the main syslogd daemon and syslogp() API:s are 3-clause BSD licensed.