At some point hitherto, Mark Polhamus hath spake thusly: > Are there any conventions for the use of syslog facility codes LOG_LOCAL0 > thru LOG_LOCAL7?
That depends on how you define convention; those facilities are used
as generic syslog facilities, allowing for the ability of the system
administration staff to very finely control where log output goes.
Generally, applications should allow the user (the system
administrator) to define what facility they want messages logged to,
while picking a reasonable default. This allows for maximum
flexibility.
> Pppd apparently uses LOG_LOCAL2. (Does anyone know if that is
> compiled in or in some configuration file that I haven't found?).
> Any other examples of popular software that is using one of the
> local codes?
From the pppd man page:
DIAGNOSTICS
Messages are sent to the syslog daemon using facility
LOG_DAEMON. (This can be overriden by recompiling pppd
with the macro LOG_PPP defined as the desired facility.)
In order to see the error and debug messages, you will
need to edit your /etc/syslog.conf file to direct the mes
sages to the desired output device or file.
> I was suprised to learn there were only 24 codes, I just thought the
> facility identifier would be a string.
You're not counting them correctly -- the facility and the level are
chosen independently. There are 16 facilities, and 8 levels, thus
there are 16 x 8 or 128 different combinations. It is also possible
that the number of facilities may be different on some systems. Not
all variants of Unix, IIRC, support both the AUTH and AUTHPRIV
facilities. Some variants may define others...
> I'm writing a backup utility. I think I would be best to use syslog,
> except maybe for larger output which it could write to a file in /var/log/.
> Does that sound right? I'll make the facility code configurable.
There's very little point to logging seperately to a file,
particularly if you're just going to put it in /var/log anyway... just
let syslog do the work for you. I.E. log the "larger" output to a
different level and/or facility, and let the sysadmin configure where
to send that info...
You might want to provide the ability to have the admin configure the
utility to NOT use syslog, but doing so (that is, the configuring -- not
the providing) is generally regarded as bad practice, as it defeats
the whole purpose of having a central syslog server. IMNSHO, best not
to encourage bad practices... For user processes, this doesn't apply,
as users often don't have access to read the system logs. But for
system processes (like back-up utilities), generally syslog is the way
to go.
Aside from that, yes; this does sound right.
--
Derek Martin [EMAIL PROTECTED]
---------------------------------------------
I prefer mail encrypted with PGP/GPG!
GnuPG Key ID: 0x81CFE75D
Retrieve my public key at http://pgp.mit.edu
Learn more about it at http://www.gnupg.org
msg00685/pgp00000.pgp
Description: PGP signature
