ptg10805159470 Daemon Processes Chapter 13
Thereare three ways to generate log messages:- Kernelroutines can call thelogfunction. These messages can be read by any
user process thatopensandreadsthe/dev/klogdevice. Wewon’t describe
this function any further,since we’renot interested in writing kernel routines. - Most user processes (daemons) call thesyslog( 3 ) function to generate log
messages. Wedescribe its calling sequence later.This causes the message to be
sent to the UNIX domain datagram socket/dev/log. - A user process on this host, or on some other host that is connected to this host
by a TCP/IP network, can send log messages to UDP port 514. Note that the
syslogfunction never generates these UDP datagrams: they requireexplicit
network programming by the process generating the log message.
Refer to Stevens, Fenner,and Rudoff[ 2004 ]for details on UNIX domain sockets and
UDP sockets.
Normally,thesyslogddaemon reads all three forms of log messages. On start-up,
this daemon reads a configuration file, usually/etc/syslog.conf,which determines
wheredifferent classes of messages are to be sent. For example, urgent messages can be
sent to the system administrator (if logged in) and printed on the console, whereas
warnings may be logged to a file.
Our interface to this facility is through thesyslogfunction.
#include <syslog.h>
void openlog(const char ident,intoption,intfacility);
void syslog(intpriority,const char format,...);
void closelog(void);
int setlogmask(intmaskpri);
Returns: previous log priority mask value
Callingopenlogis optional. If it’s not called, the first timesyslogis called,openlog
is called automatically.Callingcloselogis also optional—itjust closes the descriptor
that was being used to communicate with thesyslogddaemon.
Callingopenloglets us specify anidentthat is added to each log message. This is
normally the name of the program (e.g. cron,inetd). Theoptionargument is a
bitmask specifying various options. Figure13.3 describes the available options,
including a bullet in the XSI column if the option is included in theopenlogdefinition
in the Single UNIX Specification.
Thefacilityargument foropenlogis taken from Figure13.4. Note that the Single
UNIX Specification defines only a subset of the facility codes typically available on a
given platform. The reason for thefacilityargument is to let the configuration file
specify that messages from different facilities are to be handled differently.If we don’t
callopenlog, or if we call it with afacilityof 0, we can still specify the facility as part of
thepriorityargument tosyslog.
We callsyslogto generate a log message. Thepriorityargument is a combination
of thefacility,shown in Figure13.4, and alevel,shown in Figure13.5. Theselevelsare
ordered by priority,fromhighest to lowest.