Logging levels used in cgrulesengd daemon are taken from syslog.h. LOG_EMERG is used just for convenient way to turn the logging off.
I've unified the logging levels in the last patch of the v4 patchset. peter On 03/14/2013 12:22 PM, Ivana Varekova wrote: > Seems to be really puzzled for me - there is a mixture of cgrulesengd logging > (5 levels) x default logging (4 levels). LOG_WARNING is not in any of them > but it is used (LOG_NOTICE as well). LOG_EMERG not used at all. > > ----- Original Message ----- >> From: "Peter Schiffer" <pschi...@redhat.com> >> To: libcg-devel@lists.sourceforge.net >> Sent: Friday, March 8, 2013 5:09:42 PM >> Subject: [Libcg-devel] [PATCH 07/14] Fixed cgrulesengd to log libcgroup log >> messages to syslog >> >> Now we have the infrastructure, libcgroup log messages should be sent >> together with cgrulesengd ones to syslog. >> >> As side effect, all flog messages must end with '\n' to match >> libcgroup >> standards. >> >> Signed-off-by: Peter Schiffer <pschi...@redhat.com> >> --- >> src/daemon/cgrulesengd.c | 146 >> +++++++++++++++++++++++++++++++--------------- >> 1 file changed, 99 insertions(+), 47 deletions(-) >> >> diff --git a/src/daemon/cgrulesengd.c b/src/daemon/cgrulesengd.c >> index 1e2a7c9..270caaf 100644 >> --- a/src/daemon/cgrulesengd.c >> +++ b/src/daemon/cgrulesengd.c >> @@ -112,28 +112,31 @@ static void usage(FILE* fd, const char* msg, >> ...) >> } >> >> /** >> - * Prints a formatted message (like printf()) to all log >> destinations. >> + * Prints a formatted message (like vprintf()) to all log >> destinations. >> * Flushes the file stream's buffer so that the message is >> immediately >> * readable. >> * @param level The log level (LOG_EMERG ... LOG_DEBUG) >> - * @param format The format for the message (printf style) >> - * @param ... Any args to format (printf style) >> + * @param format The format for the message (vprintf style) >> + * @param ap Any args to format (vprintf style) >> */ >> -void flog(int level, const char *format, ...) >> +void flog_write(int level, const char *format, va_list ap) >> { >> - /* List of args to format */ >> - va_list ap; >> + va_list cap; >> + int copy = 0; >> >> /* Check the log level */ >> if (level > loglevel) >> return; >> >> + /* copy the argument list if needed - it can be processed only once >> */ >> + if (logfile && logfacility) { >> + copy = 1; >> + va_copy(cap, ap); >> + } >> + >> if (logfile) { >> /* Print the message to the given stream. */ >> - va_start(ap, format); >> vfprintf(logfile, format, ap); >> - va_end(ap); >> - fprintf(logfile, "\n"); >> >> /* >> * Flush the stream's buffer, so the data is readable >> @@ -143,12 +146,55 @@ void flog(int level, const char *format, ...) >> } >> >> if (logfacility) { >> - va_start(ap, format); >> - vsyslog(LOG_MAKEPRI(logfacility, level), format, ap); >> - va_end(ap); >> + if (copy) { >> + vsyslog(LOG_MAKEPRI(logfacility, level), format, cap); >> + va_end(cap); >> + } else >> + vsyslog(LOG_MAKEPRI(logfacility, level), format, ap); >> } >> } >> >> +/** >> + * Prints a formatted message (like printf()) to all log >> destinations. >> + * Flushes the file stream's buffer so that the message is >> immediately >> + * readable. >> + * @param level The log level (LOG_EMERG ... LOG_DEBUG) >> + * @param format The format for the message (printf style) >> + * @param ... Any args to format (printf style) >> + */ >> +void flog(int level, const char *format, ...) >> +{ >> + va_list ap; >> + va_start(ap, format); >> + flog_write(level, format, ap); >> + va_end(ap); >> +} >> + >> +/** >> + * Libcgroup logging callback. It must translate libcgroup log >> levels to >> + * cgrulesengd native (=syslog). >> + */ >> +void flog_cgroup(void *userdata, int cgroup_level, const char >> *format, >> + va_list ap) >> +{ >> + int level = 0; >> + switch (cgroup_level) { >> + case CGROUP_LOG_ERROR: >> + level = LOG_ERR; >> + break; >> + case CGROUP_LOG_WARNING: >> + level = LOG_WARNING; >> + break; >> + case CGROUP_LOG_INFO: >> + level = LOG_INFO; >> + break; >> + case CGROUP_LOG_DEBUG: >> + level = LOG_DEBUG; >> + break; >> + } >> + flog_write(level, format, ap); >> +} >> + >> struct parent_info { >> __u64 timestamp; >> pid_t pid; >> @@ -167,7 +213,7 @@ static int cgre_store_parent_info(pid_t pid) >> struct parent_info *info; >> >> if (clock_gettime(CLOCK_MONOTONIC, &tp) < 0) { >> - flog(LOG_WARNING, "Failed to get time"); >> + flog(LOG_WARNING, "Failed to get time\n"); >> return 1; >> } >> uptime_ns = ((__u64)tp.tv_sec * 1000 * 1000 * 1000 ) + tp.tv_nsec; >> @@ -177,7 +223,7 @@ static int cgre_store_parent_info(pid_t pid) >> void *new_array = realloc(array_pi.parent_info, >> sizeof(info) * alloc); >> if (!new_array) { >> - flog(LOG_WARNING, "Failed to allocate memory"); >> + flog(LOG_WARNING, "Failed to allocate memory\n"); >> return 1; >> } >> array_pi.parent_info = new_array; >> @@ -185,7 +231,7 @@ static int cgre_store_parent_info(pid_t pid) >> } >> info = calloc(1, sizeof(struct parent_info)); >> if (!info) { >> - flog(LOG_WARNING, "Failed to allocate memory"); >> + flog(LOG_WARNING, "Failed to allocate memory\n"); >> return 1; >> } >> info->timestamp = uptime_ns; >> @@ -264,7 +310,7 @@ static int cgre_store_unchanged_process(pid_t >> pid, int flags) >> void *new_array = realloc(array_unch.proc, >> sizeof(unchanged_pid_t) * alloc); >> if (!new_array) { >> - flog(LOG_WARNING, "Failed to allocate memory"); >> + flog(LOG_WARNING, "Failed to allocate memory\n"); >> return 1; >> } >> array_unch.proc = new_array; >> @@ -273,7 +319,7 @@ static int cgre_store_unchanged_process(pid_t >> pid, int flags) >> array_unch.proc[array_unch.index].pid = pid; >> array_unch.proc[array_unch.index].flags = flags; >> array_unch.index++; >> - flog(LOG_DEBUG, "Store the unchanged process (PID: %d, FLAGS: %d)", >> + flog(LOG_DEBUG, "Store the unchanged process (PID: %d, FLAGS: >> %d)\n", >> pid, flags); >> return 0; >> } >> @@ -290,7 +336,8 @@ static void cgre_remove_unchanged_process(pid_t >> pid) >> &array_unch.proc[j + 1], >> sizeof(struct unchanged_pid)); >> array_unch.index--; >> - flog(LOG_DEBUG, "Remove the unchanged process (PID: %d)", pid); >> + flog(LOG_DEBUG, "Remove the unchanged process (PID: %d)\n", >> + pid); >> break; >> } >> return; >> @@ -430,12 +477,12 @@ int cgre_process_event(const struct proc_event >> *ev, const int type) >> /* A process finished already and that is not a problem. */ >> ret = 0; >> } else if (ret) { >> - flog(LOG_WARNING, "Cgroup change for PID: %d, UID: %d, GID: %d," >> - " PROCNAME: %s FAILED! (Error Code: %d)", >> + flog(LOG_WARNING, >> + "Cgroup change for PID: %d, UID: %d, GID: %d, PROCNAME: >> %s >> FAILED! (Error Code: %d)\n", >> log_pid, log_uid, log_gid, procname, ret); >> } else { >> - flog(LOG_INFO, "Cgroup change for PID: %d, UID: %d, GID: %d," >> - " PROCNAME: %s OK", >> + flog(LOG_INFO, >> + "Cgroup change for PID: %d, UID: %d, GID: %d, PROCNAME: >> %s OK\n", >> log_pid, log_uid, log_gid, procname); >> ret = cgre_store_parent_info(pid); >> } >> @@ -462,16 +509,18 @@ static int cgre_handle_msg(struct cn_msg >> *cn_hdr) >> ev = (struct proc_event*)cn_hdr->data; >> switch (ev->what) { >> case PROC_EVENT_UID: >> - flog(LOG_DEBUG, "UID Event: PID = %d, tGID = %d, rUID = %d," >> - " eUID = %d", ev->event_data.id.process_pid, >> + flog(LOG_DEBUG, >> + "UID Event: PID = %d, tGID = %d, rUID = %d, >> eUID = %d\n", >> + ev->event_data.id.process_pid, >> ev->event_data.id.process_tgid, >> ev->event_data.id.r.ruid, >> ev->event_data.id.e.euid); >> ret = cgre_process_event(ev, PROC_EVENT_UID); >> break; >> case PROC_EVENT_GID: >> - flog(LOG_DEBUG, "GID Event: PID = %d, tGID = %d, rGID = %d," >> - " eGID = %d", ev->event_data.id.process_pid, >> + flog(LOG_DEBUG, >> + "GID Event: PID = %d, tGID = %d, rGID = %d, >> eGID = %d\n", >> + ev->event_data.id.process_pid, >> ev->event_data.id.process_tgid, >> ev->event_data.id.r.rgid, >> ev->event_data.id.e.egid); >> @@ -484,7 +533,7 @@ static int cgre_handle_msg(struct cn_msg *cn_hdr) >> ret = cgre_process_event(ev, PROC_EVENT_EXIT); >> break; >> case PROC_EVENT_EXEC: >> - flog(LOG_DEBUG, "EXEC Event: PID = %d, tGID = %d", >> + flog(LOG_DEBUG, "EXEC Event: PID = %d, tGID = %d\n", >> ev->event_data.exec.process_pid, >> ev->event_data.exec.process_tgid); >> ret = cgre_process_event(ev, PROC_EVENT_EXEC); >> @@ -510,14 +559,14 @@ static int cgre_receive_netlink_msg(int sk_nl) >> recv_len = recvfrom(sk_nl, buff, sizeof(buff), 0, >> (struct sockaddr *)&from_nla, &from_nla_len); >> if (recv_len == ENOBUFS) { >> - flog(LOG_ERR, "ERROR: NETLINK BUFFER FULL, MESSAGE DROPPED!"); >> + flog(LOG_ERR, "ERROR: NETLINK BUFFER FULL, MESSAGE DROPPED!\n"); >> return 0; >> } >> if (recv_len < 1) >> return 0; >> >> if (from_nla_len != sizeof(from_nla)) { >> - flog(LOG_ERR, "Bad address size reading netlink socket"); >> + flog(LOG_ERR, "Bad address size reading netlink socket\n"); >> return 0; >> } >> if (from_nla.nl_groups != CN_IDX_PROC >> @@ -635,7 +684,7 @@ static int >> cgre_create_netlink_socket_process_msg(void) >> nl_hdr = (struct nlmsghdr *)buff; >> cn_hdr = (struct cn_msg *)NLMSG_DATA(nl_hdr); >> mcop_msg = (enum proc_cn_mcast_op*)&cn_hdr->data[0]; >> - flog(LOG_DEBUG, "Sending proc connector: PROC_CN_MCAST_LISTEN... >> "); >> + flog(LOG_DEBUG, "Sending proc connector: >> PROC_CN_MCAST_LISTEN...\n"); >> memset(buff, 0, sizeof(buff)); >> *mcop_msg = PROC_CN_MCAST_LISTEN; >> >> @@ -796,11 +845,12 @@ static void cgre_start_log(const char *logp, >> int logf, int logv) >> logv = sizeof(loglevels)/sizeof(int)-1; >> >> loglevel = loglevels[logv]; >> + cgroup_set_logger(flog_cgroup, CGROUP_LOG_DEBUG, NULL); >> >> - flog(LOG_DEBUG, "CGroup Rules Engine Daemon log started"); >> + flog(LOG_DEBUG, "CGroup Rules Engine Daemon log started\n"); >> tm = time(0); >> - flog(LOG_DEBUG, "Current time: %s", ctime(&tm)); >> - flog(LOG_DEBUG, "Opened log file: %s, log facility: %d, log level: >> %d", >> + flog(LOG_DEBUG, "Current time: %s\n", ctime(&tm)); >> + flog(LOG_DEBUG, "Opened log file: %s, log facility: %d,log level: >> %d\n", >> logp, logfacility, loglevel); >> } >> >> @@ -839,7 +889,7 @@ int cgre_start_daemon(const char *logp, const int >> logf, >> /* Change the file mode mask. */ >> umask(0); >> } else { >> - flog(LOG_DEBUG, "Not using daemon mode.\n"); >> + flog(LOG_DEBUG, "Not using daemon mode\n"); >> pid = getpid(); >> } >> >> @@ -847,19 +897,19 @@ int cgre_start_daemon(const char *logp, const >> int logf, >> >> if (!daemon) { >> /* We can skip the rest, since we're not becoming a daemon. */ >> - flog(LOG_INFO, "Proceeding with PID %d", getpid()); >> + flog(LOG_INFO, "Proceeding with PID %d\n", getpid()); >> return 0; >> } else { >> /* Get a new SID for the child. */ >> if (setsid() < 0) { >> - flog(LOG_ERR, "Failed to get a new SID, error: %s", >> + flog(LOG_ERR, "Failed to get a new SID, error: %s\n", >> strerror(errno)); >> return 2; >> } >> >> /* Change to the root directory. */ >> if (chdir("/") < 0) { >> - flog(LOG_ERR, "Failed to chdir to /, error: %s", >> + flog(LOG_ERR, "Failed to chdir to /, error: %s\n", >> strerror(errno)); >> return 3; >> } >> @@ -872,7 +922,7 @@ int cgre_start_daemon(const char *logp, const int >> logf, >> } >> >> /* If we make it this far, we're a real daemon! Or we chose not to. >> */ >> - flog(LOG_INFO, "Proceeding with PID %d", getpid()); >> + flog(LOG_INFO, "Proceeding with PID %d\n", getpid()); >> return 0; >> } >> >> @@ -886,8 +936,8 @@ void cgre_flash_rules(int signum) >> /* Current time */ >> time_t tm = time(0); >> >> - flog(LOG_NOTICE, "Reloading rules configuration."); >> - flog(LOG_DEBUG, "Current time: %s", ctime(&tm)); >> + flog(LOG_NOTICE, "Reloading rules configuration\n"); >> + flog(LOG_DEBUG, "Current time: %s\n", ctime(&tm)); >> >> /* Ask libcgroup to reload the rules table. */ >> cgroup_reload_cached_rules(); >> @@ -929,7 +979,7 @@ void cgre_catch_term(int signum) >> /* Current time */ >> time_t tm = time(0); >> >> - flog(LOG_NOTICE, "Stopped CGroup Rules Engine Daemon at %s", >> + flog(LOG_NOTICE, "Stopped CGroup Rules Engine Daemon at %s\n", >> ctime(&tm)); >> >> /* Close the log file, if we opened one */ >> @@ -1162,8 +1212,9 @@ int main(int argc, char *argv[]) >> sa.sa_handler = &cgre_flash_rules; >> sigemptyset(&sa.sa_mask); >> if ((ret = sigaction(SIGUSR2, &sa, NULL))) { >> - flog(LOG_ERR, "Failed to set up signal handler for SIGUSR2." >> - " Error: %s", strerror(errno)); >> + flog(LOG_ERR, >> + "Failed to set up signal handler for SIGUSR2. >> Error: %s\n", >> + strerror(errno)); >> goto finished; >> } >> >> @@ -1187,8 +1238,9 @@ int main(int argc, char *argv[]) >> ret = sigaction(SIGINT, &sa, NULL); >> ret |= sigaction(SIGTERM, &sa, NULL); >> if (ret) { >> - flog(LOG_ERR, "Failed to set up the signal handler. Error:" >> - " %s", strerror(errno)); >> + flog(LOG_ERR, >> + "Failed to set up the signal handler. Error: >> %s\n", >> + strerror(errno)); >> goto finished; >> } >> >> @@ -1199,9 +1251,9 @@ int main(int argc, char *argv[]) >> /* Scan for running applications with rules */ >> ret = cgroup_change_all_cgroups(); >> if (ret) >> - flog(LOG_WARNING, "Failed to initialize running tasks."); >> + flog(LOG_WARNING, "Failed to initialize running tasks.\n"); >> >> - flog(LOG_NOTICE, "Started the CGroup Rules Engine Daemon."); >> + flog(LOG_NOTICE, "Started the CGroup Rules Engine Daemon.\n"); >> >> /* We loop endlesly in this function, unless we encounter an error. >> */ >> ret = cgre_create_netlink_socket_process_msg(); >> >> >> ------------------------------------------------------------------------------ >> Symantec Endpoint Protection 12 positioned as A LEADER in The >> Forrester >> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in >> the >> endpoint security space. For insight on selecting the right partner >> to >> tackle endpoint security challenges, access the full report. >> http://p.sf.net/sfu/symantec-dev2dev >> _______________________________________________ >> Libcg-devel mailing list >> Libcg-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/libcg-devel ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ Libcg-devel mailing list Libcg-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libcg-devel