On 23.05.2012 17:42, jor...@apache.org wrote: > Author: jorton > Date: Wed May 23 15:42:33 2012 > New Revision: 1341905 > > URL: http://svn.apache.org/viewvc?rev=1341905&view=rev > Log: > suexec: Add support for logging to syslog as an alternative to a > logfile. > > * support/suexec.c (err_output) [AP_LOG_SYSLOG]: Log to syslog. > (main): Close syslog fd if open, before execv. Add -V output > for AP_LOG_SYSLOG.
[...] > @@ -137,7 +146,14 @@ static void err_output(int is_error, con > > static void err_output(int is_error, const char *fmt, va_list ap) > { > -#ifdef AP_LOG_EXEC > +#if defined(AP_LOG_SYSLOG) > + if (!log_open) { > + openlog("suexec", LOG_PID, LOG_DAEMON); > + log_open = 1; > + } > + > + vsyslog(is_error ? LOG_ERR : LOG_INFO, fmt, ap); > +#elif defined(AP_LOG_EXEC) > time_t timevar; > struct tm *lt; > Wouldn't it be preferrable to use LOG_AUTH/LOG_AUTHPRIV instead? suexec's log messages are mostly about authorization, and sometimes include information which should probably be hidden from the eyes of unprivileged users. Kaspar