[syslog-ng] FreeBSD 8 LOG_SECURITY and LOG_AUTH confused
Balazs Scheidler
bazsi at balabit.hu
Mon Mar 22 18:00:10 CET 2010
On Thu, 2010-03-18 at 12:13 -0400, Brian A. Seklecki wrote:
> Guys something shit the bed with 3.0.3 on 8.0-PL:
syslog-ng thinks that "security" is equal to "auth"
{"security", LOG_AUTH}, /* DEPRECATED */
This comes from the original <sys/syslog.h> in Linux. Don't tell me, I
know.
However syslog-ng 3.1 got decoupled from the system installed syslog.h
as that proved to be less than reliable. It defines "security" as:
{"security", FACILITY_CODE(13) },
I guess the patch that introduces this behaviour can easily be
backported. I didn't touch the stable branch as I felt it was too risky.
And I may be right, if this means that the meaning of the "security"
facility has changed. (would have been quite a suprise if it happened in
the 3.0 maintenance releases).
To make it easier for you, here's the patch that made this change:
commit 8a02601f81791a519de568f900276ceedd3ca6c9
Author: Balazs Scheidler <bazsi at balabit.hu>
Date: Fri Sep 4 09:55:18 2009 +0200
[syslog-names] decouple the facility/severity codes known by syslog-ng from the system defined codes
Until now syslog-ng depended on the values defined in <syslog.h> to implement
the severity/facility name lookups.
Since BSD uses a couple of new facility codes which are not defined on
other system, this patch removes this dependency and hard-codes the
values defined by RFC3164, the Linux syslog.h header and the BSD syslog.h
header.
This makes syslog-ng know about "ntp", "security" and "console" facilities.
Even on non-BSD systems.
--
Bazsi
More information about the syslog-ng
mailing list