At some point hitherto, Mark Polhamus hath spake thusly: > Are there any conventions for the use of syslog facility codes LOG_LOCAL0 > thru LOG_LOCAL7?
That depends on how you define convention; those facilities are used as generic syslog facilities, allowing for the ability of the system administration staff to very finely control where log output goes. Generally, applications should allow the user (the system administrator) to define what facility they want messages logged to, while picking a reasonable default. This allows for maximum flexibility. > Pppd apparently uses LOG_LOCAL2. (Does anyone know if that is > compiled in or in some configuration file that I haven't found?). > Any other examples of popular software that is using one of the > local codes? From the pppd man page: DIAGNOSTICS Messages are sent to the syslog daemon using facility LOG_DAEMON. (This can be overriden by recompiling pppd with the macro LOG_PPP defined as the desired facility.) In order to see the error and debug messages, you will need to edit your /etc/syslog.conf file to direct the mes sages to the desired output device or file. > I was suprised to learn there were only 24 codes, I just thought the > facility identifier would be a string. You're not counting them correctly -- the facility and the level are chosen independently. There are 16 facilities, and 8 levels, thus there are 16 x 8 or 128 different combinations. It is also possible that the number of facilities may be different on some systems. Not all variants of Unix, IIRC, support both the AUTH and AUTHPRIV facilities. Some variants may define others... > I'm writing a backup utility. I think I would be best to use syslog, > except maybe for larger output which it could write to a file in /var/log/. > Does that sound right? I'll make the facility code configurable. There's very little point to logging seperately to a file, particularly if you're just going to put it in /var/log anyway... just let syslog do the work for you. I.E. log the "larger" output to a different level and/or facility, and let the sysadmin configure where to send that info... You might want to provide the ability to have the admin configure the utility to NOT use syslog, but doing so (that is, the configuring -- not the providing) is generally regarded as bad practice, as it defeats the whole purpose of having a central syslog server. IMNSHO, best not to encourage bad practices... For user processes, this doesn't apply, as users often don't have access to read the system logs. But for system processes (like back-up utilities), generally syslog is the way to go. Aside from that, yes; this does sound right. -- Derek Martin [EMAIL PROTECTED] --------------------------------------------- I prefer mail encrypted with PGP/GPG! GnuPG Key ID: 0x81CFE75D Retrieve my public key at http://pgp.mit.edu Learn more about it at http://www.gnupg.org
msg00685/pgp00000.pgp
Description: PGP signature