control system log
Standard C Library (libc, -lc)
() function writes
to the system message logger. The
message is then written to the system console, log files, logged-in users, or
forwarded to other machines as appropriate. (See
The message is identical to a
format string, except that ‘
replaced by the current error message. (As denoted by the global variable
A trailing newline is added if none is present.
() function is an alternate form
in which the arguments have already been captured using the variable-length
argument facilities of
The message is tagged with priority
are encoded as a facility
. The facility describes the part of the
system generating the message. The level is selected from the following
(high to low) list:
- A panic condition. This is normally broadcast to all users.
- A condition that should be corrected immediately, such as a corrupted
- Critical conditions, e.g., hard device errors.
- Warning messages.
- Conditions that are not error conditions, but should possibly be handled
- Informational messages.
- Messages that contain information normally of use only when debugging a
() function provides for more
specialized processing of the messages sent by
argument is a string that will be
prepended to every message. The logopt
argument is a bit field specifying logging options, which is formed by OR'ing
one or more of the following values:
syslog() cannot pass the message to
it will attempt to write the message to the console
- Open the connection to
immediately. Normally the open is delayed until the first message is
logged. Useful for programs that need to manage the order in which file
descriptors are allocated.
- Write the message to standard error output as well to the system log.
- Log the process id with each message: useful for identifying
instantiations of daemons. On FreeBSD, this option
is enabled by default.
argument encodes a default
facility to be assigned to all messages that do not have an explicit facility
- The authorization system:
- The same as
LOG_AUTH, but logged to a
file readable only by selected individuals.
- Messages written to /dev/console by the
kernel console output driver.
- The cron daemon:
- System daemons, such as
that are not provided for explicitly by other facilities.
- The file transfer protocol daemons:
- Messages generated by the kernel. These cannot be generated by any user
- The line printer spooling system:
- The mail system.
- The network news system.
- The network time protocol system.
- Security subsystems, such as
- Messages generated internally by
- Messages generated by random user processes. This is the default facility
identifier if none is specified.
- The uucp system.
- Reserved for local use. Similarly for
() function can be used to close
the log file.
() function sets the log
priority mask to maskpri
and returns the
previous mask. Calls to
() with a
priority not set in maskpri
are rejected. The
mask for an individual priority pri
calculated by the macro
the mask for all priorities up to and including
is given by the macro
The default allows all priorities to be logged.
() return no value.
() always returns the
previous log mask level.
syslog(LOG_ALERT, "who: internal error 23");
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
syslog(LOG_INFO, "Connection from host %d", CallingHost);
syslog(LOG_ERR|LOG_LOCAL2, "foobar error: %m");
These functions appeared in 4.2BSD
Never pass a string with user-supplied data as a format without using
’. An attacker can put format
specifiers in the string to mangle your stack, leading to a possible security
hole. This holds true even if the string was built using a function like
(), as the resulting string may
still contain user-supplied conversion specifiers for later interpolation by
Always use the proper secure idiom: