On Thursday 21 June 2007 21:07, Dennis Smith wrote: > Hello, > > I am using busybox ver. 1.00 > > I am using syslogd with some logging code I wrote for my project. > > Currently I can configure the logging level... to say 4, then all log > messages at levels > higher then that, 5, 6, and 7 do not show up in my /var/log/messages file. > > What I want to be able to do, is change the configured logging level, and > have that change > what files the log messages go to. That way anyone looking at the messages > file will not > see higher level logging, but the log messages are not lost, but rather just > sent to a different file. > > To do this, I need syslogd to support the /etc/syslog.conf file.
My thoughts on the subject. Sending log messages from various daemons with different facility and priority levels to one common logging daemon, and THEN trying to sort out the mess sounds... eh... like "let's create a problem and then devise means to solve it", don't you think? Think what will happen if a bug or flood attack to e.g. sshd will make it send zillions high-prio messages to syslog. What will happen? Either you fill up you /var filesystem (if you are naive enough to not use rotating logfile feature), losing ALL recent syslog messages, or (if you do have rotating logfiles) all other daemons' logs are lost, flushed out by message flood from sshd. Just beautiful. The solution, IMO, is to NOT log everything thru syslog. Log every daemon/service you have separately. You do not need and additional code in your daemon. Just log meesages to stderr. Pipe stderr to svlogd applet, and configure it to save log to a set of rotated logfiles. This way, all logs are sorted by daemon/service, and you are protected from syslog flood. It works so well in practice that when one of my daemons broke and started to flood its log, it was so non-catastrophic that I barely noticed that something is not right. Only nmeter's hint that I have strange ~1 fork/second process creation rate brought my attention to it. > 1. My understanding is that the syslogd in busybox ignores syslog.conf, is > that right? > 2. If so, will a future release support the syslog.conf file? It can be supported, if someone will send a patch. I personally don't need that feature, but is not going to prevent others from using it. > 3. If not, is there some other way my goal can be accomplished with the > syslogd included with busybox? > 4. If not, if the size of syslogd is a problem, perhaps an option be > included with busybox to select either the syslogd that supports syslog.conf, > or the one that does not? > 5. If someone will look into this, approximately how long will it be before > they do? -- vda _______________________________________________ busybox mailing list [email protected] http://busybox.net/cgi-bin/mailman/listinfo/busybox
