sysklogd/syslog.conf
Joachim Wiberg a5bf845118 Enforce 'secure_mode 1' in default syslog.conf file
This disables the "unauthenticated remote disk-filling service" by
default.  A user can easily change this to 0 (or 2) to allow other
systems to log to their syslogd.

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
2022-05-22 22:29:43 +02:00

81 lines
2.0 KiB
Plaintext

# /etc/syslog.conf - Configuration file for syslogd(8)
#
# For information about the format of this file, see syslog.conf(5)
#
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
# Everything except debug and security tokens, re-enable debug by
# dropping '*.!=debug;', or enable /var/log/debug below
*.*;*.!=debug;\
auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
#daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
#lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
#user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
#mail.info -/var/log/mail.info
#mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#mail.*;mail.!=info -/var/log/mail
#mail,news.=info -/var/log/info
# The tcp wrapper loggs with mail.info, we display all
# the connections on tty12
#
#mail.=info /dev/tty12
#
# Some "catch-all" log files.
#
#*.=debug;\
# auth,authpriv.none;\
# news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
# Store all critical eventes, except kernel logs in critical
#
#*.=crit;kern.none /var/log/critical
# Example of sending events to remote syslog server.
# All events from notice and above, except auth, authpriv
# and any kernel message are sent to server finlandia in
# RFC5424 formatted output.
#
#*.notice;auth,authpriv.none;
# kern.none\ @finlandia ;RFC5424
# Emergencies are sent to anyone logged in
#
*.=emerg *
# Priority alert and above are sent to the operator
#
#*.alert root,joey
#
# Secure mode, same as -s, none(0), on(1), full(2). When enabled
# only logging to remote syslog server possible, with full secure
# mode, not even that is possible. We default to prevent syslogd
# from opening UDP/514 and receving messages from other systems.
#
secure_mode 1
#
# Include all config files in /etc/syslog.d/
#
include /etc/syslog.d/*.conf