1817 lines
47 KiB
Perl
1817 lines
47 KiB
Perl
package Sys::Syslog;
|
|
use strict;
|
|
use warnings;
|
|
use warnings::register;
|
|
use Carp;
|
|
use Config;
|
|
use Exporter ();
|
|
use File::Basename;
|
|
use POSIX qw< strftime setlocale LC_TIME >;
|
|
use Socket qw< :all >;
|
|
require 5.005;
|
|
|
|
|
|
*import = \&Exporter::import;
|
|
|
|
|
|
{ no strict 'vars';
|
|
$VERSION = '0.36';
|
|
|
|
%EXPORT_TAGS = (
|
|
standard => [qw(openlog syslog closelog setlogmask)],
|
|
extended => [qw(setlogsock)],
|
|
macros => [
|
|
# levels
|
|
qw(
|
|
LOG_ALERT LOG_CRIT LOG_DEBUG LOG_EMERG LOG_ERR
|
|
LOG_INFO LOG_NOTICE LOG_WARNING
|
|
),
|
|
|
|
# standard facilities
|
|
qw(
|
|
LOG_AUTH LOG_AUTHPRIV LOG_CRON LOG_DAEMON LOG_FTP LOG_KERN
|
|
LOG_LOCAL0 LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4
|
|
LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_LPR LOG_MAIL LOG_NEWS
|
|
LOG_SYSLOG LOG_USER LOG_UUCP
|
|
),
|
|
# Mac OS X specific facilities
|
|
qw( LOG_INSTALL LOG_LAUNCHD LOG_NETINFO LOG_RAS LOG_REMOTEAUTH ),
|
|
# modern BSD specific facilities
|
|
qw( LOG_CONSOLE LOG_NTP LOG_SECURITY ),
|
|
# IRIX specific facilities
|
|
qw( LOG_AUDIT LOG_LFMT ),
|
|
|
|
# options
|
|
qw(
|
|
LOG_CONS LOG_PID LOG_NDELAY LOG_NOWAIT LOG_ODELAY LOG_PERROR
|
|
),
|
|
|
|
# others macros
|
|
qw(
|
|
LOG_FACMASK LOG_NFACILITIES LOG_PRIMASK
|
|
LOG_MASK LOG_UPTO
|
|
),
|
|
],
|
|
);
|
|
|
|
@EXPORT = (
|
|
@{$EXPORT_TAGS{standard}},
|
|
);
|
|
|
|
@EXPORT_OK = (
|
|
@{$EXPORT_TAGS{extended}},
|
|
@{$EXPORT_TAGS{macros}},
|
|
);
|
|
|
|
eval {
|
|
require XSLoader;
|
|
XSLoader::load('Sys::Syslog', $VERSION);
|
|
1
|
|
} or do {
|
|
require DynaLoader;
|
|
push @ISA, 'DynaLoader';
|
|
bootstrap Sys::Syslog $VERSION;
|
|
};
|
|
}
|
|
|
|
|
|
#
|
|
# Constants
|
|
#
|
|
use constant HAVE_GETPROTOBYNAME => $Config::Config{d_getpbyname};
|
|
use constant HAVE_GETPROTOBYNUMBER => $Config::Config{d_getpbynumber};
|
|
use constant HAVE_SETLOCALE => $Config::Config{d_setlocale};
|
|
use constant HAVE_IPPROTO_TCP => defined &Socket::IPPROTO_TCP ? 1 : 0;
|
|
use constant HAVE_IPPROTO_UDP => defined &Socket::IPPROTO_UDP ? 1 : 0;
|
|
use constant HAVE_TCP_NODELAY => defined &Socket::TCP_NODELAY ? 1 : 0;
|
|
|
|
use constant SOCKET_IPPROTO_TCP =>
|
|
HAVE_IPPROTO_TCP ? Socket::IPPROTO_TCP
|
|
: HAVE_GETPROTOBYNAME ? scalar getprotobyname("tcp")
|
|
: 6;
|
|
|
|
use constant SOCKET_IPPROTO_UDP =>
|
|
HAVE_IPPROTO_UDP ? Socket::IPPROTO_UDP
|
|
: HAVE_GETPROTOBYNAME ? scalar getprotobyname("udp")
|
|
: 17;
|
|
|
|
use constant SOCKET_TCP_NODELAY => HAVE_TCP_NODELAY ? Socket::TCP_NODELAY : 1;
|
|
|
|
|
|
#
|
|
# Public variables
|
|
#
|
|
use vars qw($host); # host to send syslog messages to (see notes at end)
|
|
|
|
#
|
|
# Prototypes
|
|
#
|
|
sub silent_eval (&);
|
|
|
|
#
|
|
# Global variables
|
|
#
|
|
use vars qw($facility);
|
|
my $connected = 0; # flag to indicate if we're connected or not
|
|
my $syslog_send; # coderef of the function used to send messages
|
|
my $syslog_path = undef; # syslog path for "stream" and "unix" mechanisms
|
|
my $syslog_xobj = undef; # if defined, holds the external object used to send messages
|
|
my $transmit_ok = 0; # flag to indicate if the last message was transmitted
|
|
my $sock_port = undef; # socket port
|
|
my $sock_timeout = 0; # socket timeout, see below
|
|
my $current_proto = undef; # current mechanism used to transmit messages
|
|
my $ident = ''; # identifiant prepended to each message
|
|
$facility = ''; # current facility
|
|
my $maskpri = LOG_UPTO(&LOG_DEBUG); # current log mask
|
|
|
|
my %options = (
|
|
ndelay => 0,
|
|
noeol => 0,
|
|
nofatal => 0,
|
|
nonul => 0,
|
|
nowait => 0,
|
|
perror => 0,
|
|
pid => 0,
|
|
);
|
|
|
|
# Default is now to first use the native mechanism, so Perl programs
|
|
# behave like other normal Unix programs, then try other mechanisms.
|
|
my @connectMethods = qw(native tcp udp unix pipe stream console);
|
|
if ($^O eq "freebsd" or $^O eq "linux") {
|
|
@connectMethods = grep { $_ ne 'udp' } @connectMethods;
|
|
}
|
|
|
|
# And on Win32 systems, we try to use the native mechanism for this
|
|
# platform, the events logger, available through Win32::EventLog.
|
|
EVENTLOG: {
|
|
my $verbose_if_Win32 = $^O =~ /Win32/i;
|
|
|
|
if (can_load_sys_syslog_win32($verbose_if_Win32)) {
|
|
unshift @connectMethods, 'eventlog';
|
|
}
|
|
}
|
|
|
|
my @defaultMethods = @connectMethods;
|
|
my @fallbackMethods = ();
|
|
|
|
# The timeout in connection_ok() was pushed up to 0.25 sec in
|
|
# Sys::Syslog v0.19 in order to address a heisenbug on MacOSX:
|
|
# http://london.pm.org/pipermail/london.pm/Week-of-Mon-20061211/005961.html
|
|
#
|
|
# However, this also had the effect of slowing this test for
|
|
# all other operating systems, which apparently impacted some
|
|
# users (cf. CPAN-RT #34753). So, in order to make everybody
|
|
# happy, the timeout is now zero by default on all systems
|
|
# except on OSX where it is set to 250 msec, and can be set
|
|
# with the infamous setlogsock() function.
|
|
#
|
|
# Update 2011-08: this issue is also been seen on multiprocessor
|
|
# Debian GNU/kFreeBSD systems. See http://bugs.debian.org/627821
|
|
# and https://rt.cpan.org/Ticket/Display.html?id=69997
|
|
# Also, lowering the delay to 1 ms, which should be enough.
|
|
|
|
$sock_timeout = 0.001 if $^O =~ /darwin|gnukfreebsd/;
|
|
|
|
|
|
# Perl 5.6.0's warnings.pm doesn't have warnings::warnif()
|
|
if (not defined &warnings::warnif) {
|
|
*warnings::warnif = sub {
|
|
goto &warnings::warn if warnings::enabled(__PACKAGE__)
|
|
}
|
|
}
|
|
|
|
# coderef for a nicer handling of errors
|
|
my $err_sub = $options{nofatal} ? \&warnings::warnif : \&croak;
|
|
|
|
|
|
sub AUTOLOAD {
|
|
# This AUTOLOAD is used to 'autoload' constants from the constant()
|
|
# XS function.
|
|
no strict 'vars';
|
|
my $constname;
|
|
($constname = $AUTOLOAD) =~ s/.*:://;
|
|
croak "Sys::Syslog::constant() not defined" if $constname eq 'constant';
|
|
my ($error, $val) = constant($constname);
|
|
croak $error if $error;
|
|
no strict 'refs';
|
|
*$AUTOLOAD = sub { $val };
|
|
goto &$AUTOLOAD;
|
|
}
|
|
|
|
|
|
sub openlog {
|
|
($ident, my $logopt, $facility) = @_;
|
|
|
|
# default values
|
|
$ident ||= basename($0) || getlogin() || getpwuid($<) || 'syslog';
|
|
$logopt ||= '';
|
|
$facility ||= LOG_USER();
|
|
|
|
for my $opt (split /\b/, $logopt) {
|
|
$options{$opt} = 1 if exists $options{$opt}
|
|
}
|
|
|
|
$err_sub = delete $options{nofatal} ? \&warnings::warnif : \&croak;
|
|
return 1 unless $options{ndelay};
|
|
connect_log();
|
|
}
|
|
|
|
sub closelog {
|
|
disconnect_log() if $connected;
|
|
$options{$_} = 0 for keys %options;
|
|
$facility = $ident = "";
|
|
$connected = 0;
|
|
return 1
|
|
}
|
|
|
|
sub setlogmask {
|
|
my $oldmask = $maskpri;
|
|
$maskpri = shift unless $_[0] == 0;
|
|
$oldmask;
|
|
}
|
|
|
|
|
|
my %mechanism = (
|
|
console => {
|
|
check => sub { 1 },
|
|
},
|
|
eventlog => {
|
|
check => sub { return can_load_sys_syslog_win32() },
|
|
err_msg => "no Win32 API available",
|
|
},
|
|
inet => {
|
|
check => sub { 1 },
|
|
},
|
|
native => {
|
|
check => sub { 1 },
|
|
},
|
|
pipe => {
|
|
check => sub {
|
|
($syslog_path) = grep { defined && length && -p && -w _ }
|
|
$syslog_path, &_PATH_LOG, "/dev/log";
|
|
return $syslog_path ? 1 : 0
|
|
},
|
|
err_msg => "path not available",
|
|
},
|
|
stream => {
|
|
check => sub {
|
|
if (not defined $syslog_path) {
|
|
my @try = qw(/dev/log /dev/conslog);
|
|
unshift @try, &_PATH_LOG if length &_PATH_LOG;
|
|
($syslog_path) = grep { -w } @try;
|
|
}
|
|
return defined $syslog_path && -w $syslog_path
|
|
},
|
|
err_msg => "could not find any writable device",
|
|
},
|
|
tcp => {
|
|
check => sub {
|
|
return 1 if defined $sock_port;
|
|
|
|
if (eval { local $SIG{__DIE__};
|
|
getservbyname('syslog','tcp') || getservbyname('syslogng','tcp')
|
|
}) {
|
|
$host = $syslog_path;
|
|
return 1
|
|
}
|
|
else {
|
|
return
|
|
}
|
|
},
|
|
err_msg => "TCP service unavailable",
|
|
},
|
|
udp => {
|
|
check => sub {
|
|
return 1 if defined $sock_port;
|
|
|
|
if (eval { local $SIG{__DIE__}; getservbyname('syslog', 'udp') }) {
|
|
$host = $syslog_path;
|
|
return 1
|
|
}
|
|
else {
|
|
return
|
|
}
|
|
},
|
|
err_msg => "UDP service unavailable",
|
|
},
|
|
unix => {
|
|
check => sub {
|
|
my @try = ($syslog_path, &_PATH_LOG);
|
|
($syslog_path) = grep { defined && length && -w } @try;
|
|
return defined $syslog_path && -w $syslog_path
|
|
},
|
|
err_msg => "path not available",
|
|
},
|
|
);
|
|
|
|
sub setlogsock {
|
|
my %opt;
|
|
|
|
# handle arguments
|
|
# - old API: setlogsock($sock_type, $sock_path, $sock_timeout)
|
|
# - new API: setlogsock(\%options)
|
|
croak "setlogsock(): Invalid number of arguments"
|
|
unless @_ >= 1 and @_ <= 3;
|
|
|
|
if (my $ref = ref $_[0]) {
|
|
if ($ref eq "HASH") {
|
|
%opt = %{ $_[0] };
|
|
croak "setlogsock(): No argument given" unless keys %opt;
|
|
}
|
|
elsif ($ref eq "ARRAY") {
|
|
@opt{qw< type path timeout >} = @_;
|
|
}
|
|
else {
|
|
croak "setlogsock(): Unexpected \L$ref\E reference"
|
|
}
|
|
}
|
|
else {
|
|
@opt{qw< type path timeout >} = @_;
|
|
}
|
|
|
|
# check socket type, remove invalid ones
|
|
my $diag_invalid_type = "setlogsock(): Invalid type%s; must be one of "
|
|
. join ", ", map { "'$_'" } sort keys %mechanism;
|
|
croak sprintf $diag_invalid_type, "" unless defined $opt{type};
|
|
my @sock_types = ref $opt{type} eq "ARRAY" ? @{$opt{type}} : ($opt{type});
|
|
my @tmp;
|
|
|
|
for my $sock_type (@sock_types) {
|
|
carp sprintf $diag_invalid_type, " '$sock_type'" and next
|
|
unless exists $mechanism{$sock_type};
|
|
push @tmp, "tcp", "udp" and next if $sock_type eq "inet";
|
|
push @tmp, $sock_type;
|
|
}
|
|
|
|
@sock_types = @tmp;
|
|
|
|
# set global options
|
|
$syslog_path = $opt{path} if defined $opt{path};
|
|
$host = $opt{host} if defined $opt{host};
|
|
$sock_timeout = $opt{timeout} if defined $opt{timeout};
|
|
$sock_port = $opt{port} if defined $opt{port};
|
|
|
|
disconnect_log() if $connected;
|
|
$transmit_ok = 0;
|
|
@fallbackMethods = ();
|
|
@connectMethods = ();
|
|
my $found = 0;
|
|
|
|
# check each given mechanism and test if it can be used on the current system
|
|
for my $sock_type (@sock_types) {
|
|
if ( $mechanism{$sock_type}{check}->() ) {
|
|
push @connectMethods, $sock_type;
|
|
$found = 1;
|
|
}
|
|
else {
|
|
warnings::warnif("setlogsock(): type='$sock_type': "
|
|
. $mechanism{$sock_type}{err_msg});
|
|
}
|
|
}
|
|
|
|
# if no mechanism worked from the given ones, use the default ones
|
|
@connectMethods = @defaultMethods unless @connectMethods;
|
|
|
|
return $found;
|
|
}
|
|
|
|
sub syslog {
|
|
my ($priority, $mask, @args) = @_;
|
|
my ($message, $buf);
|
|
my (@words, $num, $numpri, $numfac, $sum);
|
|
my $failed = undef;
|
|
my $fail_time = undef;
|
|
my $error = $!;
|
|
|
|
# if $ident is undefined, it means openlog() wasn't previously called
|
|
# so do it now in order to have sensible defaults
|
|
openlog() unless $ident;
|
|
|
|
local $facility = $facility; # may need to change temporarily.
|
|
|
|
croak "syslog: expecting argument \$priority" unless defined $priority;
|
|
croak "syslog: expecting argument \$format" unless defined $mask;
|
|
|
|
if ($priority =~ /^\d+$/) {
|
|
$numpri = LOG_PRI($priority);
|
|
$numfac = LOG_FAC($priority) << 3;
|
|
undef $numfac if $numfac == 0; # no facility given => use default
|
|
}
|
|
elsif ($priority =~ /^\w+/) {
|
|
# Allow "level" or "level|facility".
|
|
@words = split /\W+/, $priority, 2;
|
|
|
|
undef $numpri;
|
|
undef $numfac;
|
|
|
|
for my $word (@words) {
|
|
next if length $word == 0;
|
|
|
|
# Translate word to number.
|
|
$num = xlate($word);
|
|
|
|
if ($num < 0) {
|
|
croak "syslog: invalid level/facility: $word"
|
|
}
|
|
elsif ($num <= LOG_PRIMASK() and $word ne "kern") {
|
|
croak "syslog: too many levels given: $word"
|
|
if defined $numpri;
|
|
$numpri = $num;
|
|
}
|
|
else {
|
|
croak "syslog: too many facilities given: $word"
|
|
if defined $numfac;
|
|
$facility = $word if $word =~ /^[A-Za-z]/;
|
|
$numfac = $num;
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
croak "syslog: invalid level/facility: $priority"
|
|
}
|
|
|
|
croak "syslog: level must be given" unless defined $numpri;
|
|
|
|
# don't log if priority is below mask level
|
|
return 0 unless LOG_MASK($numpri) & $maskpri;
|
|
|
|
if (not defined $numfac) { # Facility not specified in this call.
|
|
$facility = 'user' unless $facility;
|
|
$numfac = xlate($facility);
|
|
}
|
|
|
|
connect_log() unless $connected;
|
|
|
|
if ($mask =~ /%m/) {
|
|
# escape percent signs for sprintf()
|
|
$error =~ s/%/%%/g if @args;
|
|
# replace %m with $error, if preceded by an even number of percent signs
|
|
$mask =~ s/(?<!%)((?:%%)*)%m/$1$error/g;
|
|
}
|
|
|
|
# add (or not) a newline
|
|
$mask .= "\n" if !$options{noeol} and rindex($mask, "\n") == -1;
|
|
$message = @args ? sprintf($mask, @args) : $mask;
|
|
|
|
if ($current_proto eq 'native') {
|
|
$buf = $message;
|
|
}
|
|
elsif ($current_proto eq 'eventlog') {
|
|
$buf = $message;
|
|
}
|
|
else {
|
|
my $whoami = $ident;
|
|
$whoami .= "[$$]" if $options{pid};
|
|
|
|
$sum = $numpri + $numfac;
|
|
|
|
my $oldlocale;
|
|
if (HAVE_SETLOCALE) {
|
|
$oldlocale = setlocale(LC_TIME);
|
|
setlocale(LC_TIME, 'C');
|
|
}
|
|
|
|
# %e format isn't available on all systems (Win32, cf. CPAN RT #69310)
|
|
my $day = strftime "%e", localtime;
|
|
|
|
if (index($day, "%") == 0) {
|
|
$day = strftime "%d", localtime;
|
|
$day =~ s/^0/ /;
|
|
}
|
|
|
|
my $timestamp = strftime "%b $day %H:%M:%S", localtime;
|
|
setlocale(LC_TIME, $oldlocale) if HAVE_SETLOCALE;
|
|
|
|
# construct the stream that will be transmitted
|
|
$buf = "<$sum>$timestamp $whoami: $message";
|
|
|
|
# add (or not) a NUL character
|
|
$buf .= "\0" if !$options{nonul};
|
|
}
|
|
|
|
# handle PERROR option
|
|
# "native" mechanism already handles it by itself
|
|
if ($options{perror} and $current_proto ne 'native') {
|
|
my $whoami = $ident;
|
|
$whoami .= "[$$]" if $options{pid};
|
|
print STDERR "$whoami: $message";
|
|
print STDERR "\n" if rindex($message, "\n") == -1;
|
|
}
|
|
|
|
# it's possible that we'll get an error from sending
|
|
# (e.g. if method is UDP and there is no UDP listener,
|
|
# then we'll get ECONNREFUSED on the send). So what we
|
|
# want to do at this point is to fallback onto a different
|
|
# connection method.
|
|
while (scalar @fallbackMethods || $syslog_send) {
|
|
if ($failed && (time - $fail_time) > 60) {
|
|
# it's been a while... maybe things have been fixed
|
|
@fallbackMethods = ();
|
|
disconnect_log();
|
|
$transmit_ok = 0; # make it look like a fresh attempt
|
|
connect_log();
|
|
}
|
|
|
|
if ($connected && !connection_ok()) {
|
|
# Something was OK, but has now broken. Remember coz we'll
|
|
# want to go back to what used to be OK.
|
|
$failed = $current_proto unless $failed;
|
|
$fail_time = time;
|
|
disconnect_log();
|
|
}
|
|
|
|
connect_log() unless $connected;
|
|
$failed = undef if ($current_proto && $failed && $current_proto eq $failed);
|
|
|
|
if ($syslog_send) {
|
|
if ($syslog_send->($buf, $numpri, $numfac)) {
|
|
$transmit_ok++;
|
|
return 1;
|
|
}
|
|
# typically doesn't happen, since errors are rare from write().
|
|
disconnect_log();
|
|
}
|
|
}
|
|
# could not send, could not fallback onto a working
|
|
# connection method. Lose.
|
|
return 0;
|
|
}
|
|
|
|
sub _syslog_send_console {
|
|
my ($buf) = @_;
|
|
|
|
# The console print is a method which could block
|
|
# so we do it in a child process and always return success
|
|
# to the caller.
|
|
if (my $pid = fork) {
|
|
|
|
if ($options{nowait}) {
|
|
return 1;
|
|
} else {
|
|
if (waitpid($pid, 0) >= 0) {
|
|
return ($? >> 8);
|
|
} else {
|
|
# it's possible that the caller has other
|
|
# plans for SIGCHLD, so let's not interfere
|
|
return 1;
|
|
}
|
|
}
|
|
} else {
|
|
if (open(CONS, ">/dev/console")) {
|
|
my $ret = print CONS $buf . "\r"; # XXX: should this be \x0A ?
|
|
POSIX::_exit($ret) if defined $pid;
|
|
close CONS;
|
|
}
|
|
|
|
POSIX::_exit(0) if defined $pid;
|
|
}
|
|
}
|
|
|
|
sub _syslog_send_stream {
|
|
my ($buf) = @_;
|
|
# XXX: this only works if the OS stream implementation makes a write
|
|
# look like a putmsg() with simple header. For instance it works on
|
|
# Solaris 8 but not Solaris 7.
|
|
# To be correct, it should use a STREAMS API, but perl doesn't have one.
|
|
return syswrite(SYSLOG, $buf, length($buf));
|
|
}
|
|
|
|
sub _syslog_send_pipe {
|
|
my ($buf) = @_;
|
|
return print SYSLOG $buf;
|
|
}
|
|
|
|
sub _syslog_send_socket {
|
|
my ($buf) = @_;
|
|
return syswrite(SYSLOG, $buf, length($buf));
|
|
#return send(SYSLOG, $buf, 0);
|
|
}
|
|
|
|
sub _syslog_send_native {
|
|
my ($buf, $numpri, $numfac) = @_;
|
|
syslog_xs($numpri|$numfac, $buf);
|
|
return 1;
|
|
}
|
|
|
|
|
|
# xlate()
|
|
# -----
|
|
# private function to translate names to numeric values
|
|
#
|
|
sub xlate {
|
|
my ($name) = @_;
|
|
|
|
return $name+0 if $name =~ /^\s*\d+\s*$/;
|
|
$name = uc $name;
|
|
$name = "LOG_$name" unless $name =~ /^LOG_/;
|
|
|
|
# ExtUtils::Constant 0.20 introduced a new way to implement
|
|
# constants, called ProxySubs. When it was used to generate
|
|
# the C code, the constant() function no longer returns the
|
|
# correct value. Therefore, we first try a direct call to
|
|
# constant(), and if the value is an error we try to call the
|
|
# constant by its full name.
|
|
my $value = constant($name);
|
|
|
|
if (index($value, "not a valid") >= 0) {
|
|
$name = "Sys::Syslog::$name";
|
|
$value = eval { no strict "refs"; &$name };
|
|
$value = $@ unless defined $value;
|
|
}
|
|
|
|
$value = -1 if index($value, "not a valid") >= 0;
|
|
|
|
return defined $value ? $value : -1;
|
|
}
|
|
|
|
|
|
# connect_log()
|
|
# -----------
|
|
# This function acts as a kind of front-end: it tries to connect to
|
|
# a syslog service using the selected methods, trying each one in the
|
|
# selected order.
|
|
#
|
|
sub connect_log {
|
|
@fallbackMethods = @connectMethods unless scalar @fallbackMethods;
|
|
|
|
if ($transmit_ok && $current_proto) {
|
|
# Retry what we were on, because it has worked in the past.
|
|
unshift(@fallbackMethods, $current_proto);
|
|
}
|
|
|
|
$connected = 0;
|
|
my @errs = ();
|
|
my $proto = undef;
|
|
|
|
while ($proto = shift @fallbackMethods) {
|
|
no strict 'refs';
|
|
my $fn = "connect_$proto";
|
|
$connected = &$fn(\@errs) if defined &$fn;
|
|
last if $connected;
|
|
}
|
|
|
|
$transmit_ok = 0;
|
|
if ($connected) {
|
|
$current_proto = $proto;
|
|
my ($old) = select(SYSLOG); $| = 1; select($old);
|
|
} else {
|
|
@fallbackMethods = ();
|
|
$err_sub->(join "\n\t- ", "no connection to syslog available", @errs);
|
|
return undef;
|
|
}
|
|
}
|
|
|
|
sub connect_tcp {
|
|
my ($errs) = @_;
|
|
|
|
my $port = $sock_port
|
|
|| eval { local $SIG{__DIE__}; getservbyname('syslog', 'tcp') }
|
|
|| eval { local $SIG{__DIE__}; getservbyname('syslogng', 'tcp') };
|
|
if (!defined $port) {
|
|
push @$errs, "getservbyname failed for syslog/tcp and syslogng/tcp";
|
|
return 0;
|
|
}
|
|
|
|
my $addr;
|
|
if (defined $host) {
|
|
$addr = inet_aton($host);
|
|
if (!$addr) {
|
|
push @$errs, "can't lookup $host";
|
|
return 0;
|
|
}
|
|
} else {
|
|
$addr = INADDR_LOOPBACK;
|
|
}
|
|
$addr = sockaddr_in($port, $addr);
|
|
|
|
if (!socket(SYSLOG, AF_INET, SOCK_STREAM, SOCKET_IPPROTO_TCP)) {
|
|
push @$errs, "tcp socket: $!";
|
|
return 0;
|
|
}
|
|
|
|
setsockopt(SYSLOG, SOL_SOCKET, SO_KEEPALIVE, 1);
|
|
setsockopt(SYSLOG, SOCKET_IPPROTO_TCP, SOCKET_TCP_NODELAY, 1);
|
|
|
|
if (!connect(SYSLOG, $addr)) {
|
|
push @$errs, "tcp connect: $!";
|
|
return 0;
|
|
}
|
|
|
|
$syslog_send = \&_syslog_send_socket;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_udp {
|
|
my ($errs) = @_;
|
|
|
|
my $port = $sock_port
|
|
|| eval { local $SIG{__DIE__}; getservbyname('syslog', 'udp') };
|
|
if (!defined $port) {
|
|
push @$errs, "getservbyname failed for syslog/udp";
|
|
return 0;
|
|
}
|
|
|
|
my $addr;
|
|
if (defined $host) {
|
|
$addr = inet_aton($host);
|
|
if (!$addr) {
|
|
push @$errs, "can't lookup $host";
|
|
return 0;
|
|
}
|
|
} else {
|
|
$addr = INADDR_LOOPBACK;
|
|
}
|
|
$addr = sockaddr_in($port, $addr);
|
|
|
|
if (!socket(SYSLOG, AF_INET, SOCK_DGRAM, SOCKET_IPPROTO_UDP)) {
|
|
push @$errs, "udp socket: $!";
|
|
return 0;
|
|
}
|
|
if (!connect(SYSLOG, $addr)) {
|
|
push @$errs, "udp connect: $!";
|
|
return 0;
|
|
}
|
|
|
|
# We want to check that the UDP connect worked. However the only
|
|
# way to do that is to send a message and see if an ICMP is returned
|
|
_syslog_send_socket("");
|
|
if (!connection_ok()) {
|
|
push @$errs, "udp connect: nobody listening";
|
|
return 0;
|
|
}
|
|
|
|
$syslog_send = \&_syslog_send_socket;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_stream {
|
|
my ($errs) = @_;
|
|
# might want syslog_path to be variable based on syslog.h (if only
|
|
# it were in there!)
|
|
$syslog_path = '/dev/conslog' unless defined $syslog_path;
|
|
|
|
if (!-w $syslog_path) {
|
|
push @$errs, "stream $syslog_path is not writable";
|
|
return 0;
|
|
}
|
|
|
|
require Fcntl;
|
|
|
|
if (!sysopen(SYSLOG, $syslog_path, Fcntl::O_WRONLY(), 0400)) {
|
|
push @$errs, "stream can't open $syslog_path: $!";
|
|
return 0;
|
|
}
|
|
|
|
$syslog_send = \&_syslog_send_stream;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_pipe {
|
|
my ($errs) = @_;
|
|
|
|
$syslog_path ||= &_PATH_LOG || "/dev/log";
|
|
|
|
if (not -w $syslog_path) {
|
|
push @$errs, "$syslog_path is not writable";
|
|
return 0;
|
|
}
|
|
|
|
if (not open(SYSLOG, ">$syslog_path")) {
|
|
push @$errs, "can't write to $syslog_path: $!";
|
|
return 0;
|
|
}
|
|
|
|
$syslog_send = \&_syslog_send_pipe;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_unix {
|
|
my ($errs) = @_;
|
|
|
|
$syslog_path ||= _PATH_LOG() if length _PATH_LOG();
|
|
|
|
if (not defined $syslog_path) {
|
|
push @$errs, "_PATH_LOG not available in syslog.h and no user-supplied socket path";
|
|
return 0;
|
|
}
|
|
|
|
if (not (-S $syslog_path or -c _)) {
|
|
push @$errs, "$syslog_path is not a socket";
|
|
return 0;
|
|
}
|
|
|
|
my $addr = sockaddr_un($syslog_path);
|
|
if (!$addr) {
|
|
push @$errs, "can't locate $syslog_path";
|
|
return 0;
|
|
}
|
|
if (!socket(SYSLOG, AF_UNIX, SOCK_STREAM, 0)) {
|
|
push @$errs, "unix stream socket: $!";
|
|
return 0;
|
|
}
|
|
|
|
if (!connect(SYSLOG, $addr)) {
|
|
if (!socket(SYSLOG, AF_UNIX, SOCK_DGRAM, 0)) {
|
|
push @$errs, "unix dgram socket: $!";
|
|
return 0;
|
|
}
|
|
if (!connect(SYSLOG, $addr)) {
|
|
push @$errs, "unix dgram connect: $!";
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
$syslog_send = \&_syslog_send_socket;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_native {
|
|
my ($errs) = @_;
|
|
my $logopt = 0;
|
|
|
|
# reconstruct the numeric equivalent of the options
|
|
for my $opt (keys %options) {
|
|
$logopt += xlate($opt) if $options{$opt}
|
|
}
|
|
|
|
openlog_xs($ident, $logopt, xlate($facility));
|
|
$syslog_send = \&_syslog_send_native;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_eventlog {
|
|
my ($errs) = @_;
|
|
|
|
$syslog_xobj = Sys::Syslog::Win32::_install();
|
|
$syslog_send = \&Sys::Syslog::Win32::_syslog_send;
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub connect_console {
|
|
my ($errs) = @_;
|
|
if (!-w '/dev/console') {
|
|
push @$errs, "console is not writable";
|
|
return 0;
|
|
}
|
|
$syslog_send = \&_syslog_send_console;
|
|
return 1;
|
|
}
|
|
|
|
# To test if the connection is still good, we need to check if any
|
|
# errors are present on the connection. The errors will not be raised
|
|
# by a write. Instead, sockets are made readable and the next read
|
|
# would cause the error to be returned. Unfortunately the syslog
|
|
# 'protocol' never provides anything for us to read. But with
|
|
# judicious use of select(), we can see if it would be readable...
|
|
sub connection_ok {
|
|
return 1 if defined $current_proto and (
|
|
$current_proto eq 'native' or $current_proto eq 'console'
|
|
or $current_proto eq 'eventlog'
|
|
);
|
|
|
|
my $rin = '';
|
|
vec($rin, fileno(SYSLOG), 1) = 1;
|
|
my $ret = select $rin, undef, $rin, $sock_timeout;
|
|
return ($ret ? 0 : 1);
|
|
}
|
|
|
|
sub disconnect_log {
|
|
$connected = 0;
|
|
$syslog_send = undef;
|
|
|
|
if (defined $current_proto and $current_proto eq 'native') {
|
|
closelog_xs();
|
|
unshift @fallbackMethods, $current_proto;
|
|
$current_proto = undef;
|
|
return 1;
|
|
}
|
|
elsif (defined $current_proto and $current_proto eq 'eventlog') {
|
|
$syslog_xobj->Close();
|
|
unshift @fallbackMethods, $current_proto;
|
|
$current_proto = undef;
|
|
return 1;
|
|
}
|
|
|
|
return close SYSLOG;
|
|
}
|
|
|
|
|
|
#
|
|
# Wrappers around eval() that makes sure that nobody, ever knows that
|
|
# we wanted to poke & test if something was here or not. This is needed
|
|
# because some applications are trying to be too smart, install their
|
|
# own __DIE__ handler, and mysteriously, things are starting to fail
|
|
# when they shouldn't. SpamAssassin among them.
|
|
#
|
|
sub silent_eval (&) {
|
|
local($SIG{__DIE__}, $SIG{__WARN__}, $@);
|
|
return eval { $_[0]->() }
|
|
}
|
|
|
|
sub can_load_sys_syslog_win32 {
|
|
my ($verbose) = @_;
|
|
local($SIG{__DIE__}, $SIG{__WARN__}, $@);
|
|
(my $module_path = __FILE__) =~ s:Syslog.pm$:Syslog/Win32.pm:;
|
|
my $loaded = eval { require $module_path } ? 1 : 0;
|
|
warn $@ if not $loaded and $verbose;
|
|
return $loaded
|
|
}
|
|
|
|
|
|
"Eighth Rule: read the documentation."
|
|
|
|
__END__
|
|
|
|
=head1 NAME
|
|
|
|
Sys::Syslog - Perl interface to the UNIX syslog(3) calls
|
|
|
|
=head1 VERSION
|
|
|
|
This is the documentation of version 0.36
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
use Sys::Syslog; # all except setlogsock()
|
|
use Sys::Syslog qw(:standard :macros); # standard functions & macros
|
|
|
|
openlog($ident, $logopt, $facility); # don't forget this
|
|
syslog($priority, $format, @args);
|
|
$oldmask = setlogmask($mask_priority);
|
|
closelog();
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
C<Sys::Syslog> is an interface to the UNIX C<syslog(3)> program.
|
|
Call C<syslog()> with a string priority and a list of C<printf()> args
|
|
just like C<syslog(3)>.
|
|
|
|
|
|
=head1 EXPORTS
|
|
|
|
C<Sys::Syslog> exports the following C<Exporter> tags:
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
C<:standard> exports the standard C<syslog(3)> functions:
|
|
|
|
openlog closelog setlogmask syslog
|
|
|
|
=item *
|
|
|
|
C<:extended> exports the Perl specific functions for C<syslog(3)>:
|
|
|
|
setlogsock
|
|
|
|
=item *
|
|
|
|
C<:macros> exports the symbols corresponding to most of your C<syslog(3)>
|
|
macros and the C<LOG_UPTO()> and C<LOG_MASK()> functions.
|
|
See L<"CONSTANTS"> for the supported constants and their meaning.
|
|
|
|
=back
|
|
|
|
By default, C<Sys::Syslog> exports the symbols from the C<:standard> tag.
|
|
|
|
|
|
=head1 FUNCTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<openlog($ident, $logopt, $facility)>
|
|
|
|
Opens the syslog.
|
|
C<$ident> is prepended to every message. C<$logopt> contains zero or
|
|
more of the options detailed below. C<$facility> specifies the part
|
|
of the system to report about, for example C<LOG_USER> or C<LOG_LOCAL0>:
|
|
see L<"Facilities"> for a list of well-known facilities, and your
|
|
C<syslog(3)> documentation for the facilities available in your system.
|
|
Check L<"SEE ALSO"> for useful links. Facility can be given as a string
|
|
or a numeric macro.
|
|
|
|
This function will croak if it can't connect to the syslog daemon.
|
|
|
|
Note that C<openlog()> now takes three arguments, just like C<openlog(3)>.
|
|
|
|
B<You should use C<openlog()> before calling C<syslog()>.>
|
|
|
|
B<Options>
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
C<cons> - This option is ignored, since the failover mechanism will drop
|
|
down to the console automatically if all other media fail.
|
|
|
|
=item *
|
|
|
|
C<ndelay> - Open the connection immediately (normally, the connection is
|
|
opened when the first message is logged).
|
|
|
|
=item *
|
|
|
|
C<noeol> - When set to true, no end of line character (C<\n>) will be
|
|
appended to the message. This can be useful for some syslog daemons.
|
|
Added in C<Sys::Syslog> 0.29.
|
|
|
|
=item *
|
|
|
|
C<nofatal> - When set to true, C<openlog()> and C<syslog()> will only
|
|
emit warnings instead of dying if the connection to the syslog can't
|
|
be established. Added in C<Sys::Syslog> 0.15.
|
|
|
|
=item *
|
|
|
|
C<nonul> - When set to true, no C<NUL> character (C<\0>) will be
|
|
appended to the message. This can be useful for some syslog daemons.
|
|
Added in C<Sys::Syslog> 0.29.
|
|
|
|
=item *
|
|
|
|
C<nowait> - Don't wait for child processes that may have been created
|
|
while logging the message. (The GNU C library does not create a child
|
|
process, so this option has no effect on Linux.)
|
|
|
|
=item *
|
|
|
|
C<perror> - Write the message to standard error output as well to the
|
|
system log. Added in C<Sys::Syslog> 0.22.
|
|
|
|
=item *
|
|
|
|
C<pid> - Include PID with each message.
|
|
|
|
=back
|
|
|
|
B<Examples>
|
|
|
|
Open the syslog with options C<ndelay> and C<pid>, and with facility C<LOCAL0>:
|
|
|
|
openlog($name, "ndelay,pid", "local0");
|
|
|
|
Same thing, but this time using the macro corresponding to C<LOCAL0>:
|
|
|
|
openlog($name, "ndelay,pid", LOG_LOCAL0);
|
|
|
|
|
|
=item B<syslog($priority, $message)>
|
|
|
|
=item B<syslog($priority, $format, @args)>
|
|
|
|
If C<$priority> permits, logs C<$message> or C<sprintf($format, @args)>
|
|
with the addition that C<%m> in $message or C<$format> is replaced with
|
|
C<"$!"> (the latest error message).
|
|
|
|
C<$priority> can specify a level, or a level and a facility. Levels and
|
|
facilities can be given as strings or as macros. When using the C<eventlog>
|
|
mechanism, priorities C<DEBUG> and C<INFO> are mapped to event type
|
|
C<informational>, C<NOTICE> and C<WARNING> to C<warning> and C<ERR> to
|
|
C<EMERG> to C<error>.
|
|
|
|
If you didn't use C<openlog()> before using C<syslog()>, C<syslog()> will
|
|
try to guess the C<$ident> by extracting the shortest prefix of
|
|
C<$format> that ends in a C<":">.
|
|
|
|
B<Examples>
|
|
|
|
# informational level
|
|
syslog("info", $message);
|
|
syslog(LOG_INFO, $message);
|
|
|
|
# information level, Local0 facility
|
|
syslog("info|local0", $message);
|
|
syslog(LOG_INFO|LOG_LOCAL0, $message);
|
|
|
|
=over 4
|
|
|
|
=item B<Note>
|
|
|
|
C<Sys::Syslog> version v0.07 and older passed the C<$message> as the
|
|
formatting string to C<sprintf()> even when no formatting arguments
|
|
were provided. If the code calling C<syslog()> might execute with
|
|
older versions of this module, make sure to call the function as
|
|
C<syslog($priority, "%s", $message)> instead of C<syslog($priority,
|
|
$message)>. This protects against hostile formatting sequences that
|
|
might show up if $message contains tainted data.
|
|
|
|
=back
|
|
|
|
|
|
=item B<setlogmask($mask_priority)>
|
|
|
|
Sets the log mask for the current process to C<$mask_priority> and
|
|
returns the old mask. If the mask argument is 0, the current log mask
|
|
is not modified. See L<"Levels"> for the list of available levels.
|
|
You can use the C<LOG_UPTO()> function to allow all levels up to a
|
|
given priority (but it only accept the numeric macros as arguments).
|
|
|
|
B<Examples>
|
|
|
|
Only log errors:
|
|
|
|
setlogmask( LOG_MASK(LOG_ERR) );
|
|
|
|
Log everything except informational messages:
|
|
|
|
setlogmask( ~(LOG_MASK(LOG_INFO)) );
|
|
|
|
Log critical messages, errors and warnings:
|
|
|
|
setlogmask( LOG_MASK(LOG_CRIT)
|
|
| LOG_MASK(LOG_ERR)
|
|
| LOG_MASK(LOG_WARNING) );
|
|
|
|
Log all messages up to debug:
|
|
|
|
setlogmask( LOG_UPTO(LOG_DEBUG) );
|
|
|
|
|
|
=item B<setlogsock()>
|
|
|
|
Sets the socket type and options to be used for the next call to C<openlog()>
|
|
or C<syslog()>. Returns true on success, C<undef> on failure.
|
|
|
|
Being Perl-specific, this function has evolved along time. It can currently
|
|
be called as follow:
|
|
|
|
=over
|
|
|
|
=item *
|
|
|
|
C<setlogsock($sock_type)>
|
|
|
|
=item *
|
|
|
|
C<setlogsock($sock_type, $stream_location)> (added in Perl 5.004_02)
|
|
|
|
=item *
|
|
|
|
C<setlogsock($sock_type, $stream_location, $sock_timeout)> (added in
|
|
C<Sys::Syslog> 0.25)
|
|
|
|
=item *
|
|
|
|
C<setlogsock(\%options)> (added in C<Sys::Syslog> 0.28)
|
|
|
|
=back
|
|
|
|
The available options are:
|
|
|
|
=over
|
|
|
|
=item *
|
|
|
|
C<type> - equivalent to C<$sock_type>, selects the socket type (or
|
|
"mechanism"). An array reference can be passed to specify several
|
|
mechanisms to try, in the given order.
|
|
|
|
=item *
|
|
|
|
C<path> - equivalent to C<$stream_location>, sets the stream location.
|
|
Defaults to standard Unix location, or C<_PATH_LOG>.
|
|
|
|
=item *
|
|
|
|
C<timeout> - equivalent to C<$sock_timeout>, sets the socket timeout
|
|
in seconds. Defaults to 0 on all systems except S<Mac OS X> where it
|
|
is set to 0.25 sec.
|
|
|
|
=item *
|
|
|
|
C<host> - sets the hostname to send the messages to. Defaults to
|
|
the local host.
|
|
|
|
=item *
|
|
|
|
C<port> - sets the TCP or UDP port to connect to. Defaults to the
|
|
first standard syslog port available on the system.
|
|
|
|
=back
|
|
|
|
|
|
The available mechanisms are:
|
|
|
|
=over
|
|
|
|
=item *
|
|
|
|
C<"native"> - use the native C functions from your C<syslog(3)> library
|
|
(added in C<Sys::Syslog> 0.15).
|
|
|
|
=item *
|
|
|
|
C<"eventlog"> - send messages to the Win32 events logger (Win32 only;
|
|
added in C<Sys::Syslog> 0.19).
|
|
|
|
=item *
|
|
|
|
C<"tcp"> - connect to a TCP socket, on the C<syslog/tcp> or C<syslogng/tcp>
|
|
service. See also the C<host>, C<port> and C<timeout> options.
|
|
|
|
=item *
|
|
|
|
C<"udp"> - connect to a UDP socket, on the C<syslog/udp> service.
|
|
See also the C<host>, C<port> and C<timeout> options.
|
|
|
|
=item *
|
|
|
|
C<"inet"> - connect to an INET socket, either TCP or UDP, tried in that
|
|
order. See also the C<host>, C<port> and C<timeout> options.
|
|
|
|
=item *
|
|
|
|
C<"unix"> - connect to a UNIX domain socket (in some systems a character
|
|
special device). The name of that socket is given by the C<path> option
|
|
or, if omitted, the value returned by the C<_PATH_LOG> macro (if your
|
|
system defines it), F</dev/log> or F</dev/conslog>, whichever is writable.
|
|
|
|
=item *
|
|
|
|
C<"stream"> - connect to the stream indicated by the C<path> option, or,
|
|
if omitted, the value returned by the C<_PATH_LOG> macro (if your system
|
|
defines it), F</dev/log> or F</dev/conslog>, whichever is writable. For
|
|
example Solaris and IRIX system may prefer C<"stream"> instead of C<"unix">.
|
|
|
|
=item *
|
|
|
|
C<"pipe"> - connect to the named pipe indicated by the C<path> option,
|
|
or, if omitted, to the value returned by the C<_PATH_LOG> macro (if your
|
|
system defines it), or F</dev/log> (added in C<Sys::Syslog> 0.21).
|
|
HP-UX is a system which uses such a named pipe.
|
|
|
|
=item *
|
|
|
|
C<"console"> - send messages directly to the console, as for the C<"cons">
|
|
option of C<openlog()>.
|
|
|
|
=back
|
|
|
|
The default is to try C<native>, C<tcp>, C<udp>, C<unix>, C<pipe>, C<stream>,
|
|
C<console>.
|
|
Under systems with the Win32 API, C<eventlog> will be added as the first
|
|
mechanism to try if C<Win32::EventLog> is available.
|
|
|
|
Giving an invalid value for C<$sock_type> will C<croak>.
|
|
|
|
B<Examples>
|
|
|
|
Select the UDP socket mechanism:
|
|
|
|
setlogsock("udp");
|
|
|
|
Send messages using the TCP socket mechanism on a custom port:
|
|
|
|
setlogsock({ type => "tcp", port => 2486 });
|
|
|
|
Send messages to a remote host using the TCP socket mechanism:
|
|
|
|
setlogsock({ type => "tcp", host => $loghost });
|
|
|
|
Try the native, UDP socket then UNIX domain socket mechanisms:
|
|
|
|
setlogsock(["native", "udp", "unix"]);
|
|
|
|
=over
|
|
|
|
=item B<Note>
|
|
|
|
Now that the "native" mechanism is supported by C<Sys::Syslog> and selected
|
|
by default, the use of the C<setlogsock()> function is discouraged because
|
|
other mechanisms are less portable across operating systems. Authors of
|
|
modules and programs that use this function, especially its cargo-cult form
|
|
C<setlogsock("unix")>, are advised to remove any occurrence of it unless they
|
|
specifically want to use a given mechanism (like TCP or UDP to connect to
|
|
a remote host).
|
|
|
|
=back
|
|
|
|
=item B<closelog()>
|
|
|
|
Closes the log file and returns true on success.
|
|
|
|
=back
|
|
|
|
|
|
=head1 THE RULES OF SYS::SYSLOG
|
|
|
|
I<The First Rule of Sys::Syslog is:>
|
|
You do not call C<setlogsock>.
|
|
|
|
I<The Second Rule of Sys::Syslog is:>
|
|
You B<do not> call C<setlogsock>.
|
|
|
|
I<The Third Rule of Sys::Syslog is:>
|
|
The program crashes, C<die>s, calls C<closelog>, the log is over.
|
|
|
|
I<The Fourth Rule of Sys::Syslog is:>
|
|
One facility, one priority.
|
|
|
|
I<The Fifth Rule of Sys::Syslog is:>
|
|
One log at a time.
|
|
|
|
I<The Sixth Rule of Sys::Syslog is:>
|
|
No C<syslog> before C<openlog>.
|
|
|
|
I<The Seventh Rule of Sys::Syslog is:>
|
|
Logs will go on as long as they have to.
|
|
|
|
I<The Eighth, and Final Rule of Sys::Syslog is:>
|
|
If this is your first use of Sys::Syslog, you must read the doc.
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
An example:
|
|
|
|
openlog($program, 'cons,pid', 'user');
|
|
syslog('info', '%s', 'this is another test');
|
|
syslog('mail|warning', 'this is a better test: %d', time);
|
|
closelog();
|
|
|
|
syslog('debug', 'this is the last test');
|
|
|
|
Another example:
|
|
|
|
openlog("$program $$", 'ndelay', 'user');
|
|
syslog('notice', 'fooprogram: this is really done');
|
|
|
|
Example of use of C<%m>:
|
|
|
|
$! = 55;
|
|
syslog('info', 'problem was %m'); # %m == $! in syslog(3)
|
|
|
|
Log to UDP port on C<$remotehost> instead of logging locally:
|
|
|
|
setlogsock("udp", $remotehost);
|
|
openlog($program, 'ndelay', 'user');
|
|
syslog('info', 'something happened over here');
|
|
|
|
|
|
=head1 CONSTANTS
|
|
|
|
=head2 Facilities
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
C<LOG_AUDIT> - audit daemon (IRIX); falls back to C<LOG_AUTH>
|
|
|
|
=item *
|
|
|
|
C<LOG_AUTH> - security/authorization messages
|
|
|
|
=item *
|
|
|
|
C<LOG_AUTHPRIV> - security/authorization messages (private)
|
|
|
|
=item *
|
|
|
|
C<LOG_CONSOLE> - C</dev/console> output (FreeBSD); falls back to C<LOG_USER>
|
|
|
|
=item *
|
|
|
|
C<LOG_CRON> - clock daemons (B<cron> and B<at>)
|
|
|
|
=item *
|
|
|
|
C<LOG_DAEMON> - system daemons without separate facility value
|
|
|
|
=item *
|
|
|
|
C<LOG_FTP> - FTP daemon
|
|
|
|
=item *
|
|
|
|
C<LOG_KERN> - kernel messages
|
|
|
|
=item *
|
|
|
|
C<LOG_INSTALL> - installer subsystem (Mac OS X); falls back to C<LOG_USER>
|
|
|
|
=item *
|
|
|
|
C<LOG_LAUNCHD> - launchd - general bootstrap daemon (Mac OS X);
|
|
falls back to C<LOG_DAEMON>
|
|
|
|
=item *
|
|
|
|
C<LOG_LFMT> - logalert facility; falls back to C<LOG_USER>
|
|
|
|
=item *
|
|
|
|
C<LOG_LOCAL0> through C<LOG_LOCAL7> - reserved for local use
|
|
|
|
=item *
|
|
|
|
C<LOG_LPR> - line printer subsystem
|
|
|
|
=item *
|
|
|
|
C<LOG_MAIL> - mail subsystem
|
|
|
|
=item *
|
|
|
|
C<LOG_NETINFO> - NetInfo subsystem (Mac OS X); falls back to C<LOG_DAEMON>
|
|
|
|
=item *
|
|
|
|
C<LOG_NEWS> - USENET news subsystem
|
|
|
|
=item *
|
|
|
|
C<LOG_NTP> - NTP subsystem (FreeBSD, NetBSD); falls back to C<LOG_DAEMON>
|
|
|
|
=item *
|
|
|
|
C<LOG_RAS> - Remote Access Service (VPN / PPP) (Mac OS X);
|
|
falls back to C<LOG_AUTH>
|
|
|
|
=item *
|
|
|
|
C<LOG_REMOTEAUTH> - remote authentication/authorization (Mac OS X);
|
|
falls back to C<LOG_AUTH>
|
|
|
|
=item *
|
|
|
|
C<LOG_SECURITY> - security subsystems (firewalling, etc.) (FreeBSD);
|
|
falls back to C<LOG_AUTH>
|
|
|
|
=item *
|
|
|
|
C<LOG_SYSLOG> - messages generated internally by B<syslogd>
|
|
|
|
=item *
|
|
|
|
C<LOG_USER> (default) - generic user-level messages
|
|
|
|
=item *
|
|
|
|
C<LOG_UUCP> - UUCP subsystem
|
|
|
|
=back
|
|
|
|
|
|
=head2 Levels
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
C<LOG_EMERG> - system is unusable
|
|
|
|
=item *
|
|
|
|
C<LOG_ALERT> - action must be taken immediately
|
|
|
|
=item *
|
|
|
|
C<LOG_CRIT> - critical conditions
|
|
|
|
=item *
|
|
|
|
C<LOG_ERR> - error conditions
|
|
|
|
=item *
|
|
|
|
C<LOG_WARNING> - warning conditions
|
|
|
|
=item *
|
|
|
|
C<LOG_NOTICE> - normal, but significant, condition
|
|
|
|
=item *
|
|
|
|
C<LOG_INFO> - informational message
|
|
|
|
=item *
|
|
|
|
C<LOG_DEBUG> - debug-level message
|
|
|
|
=back
|
|
|
|
|
|
=head1 DIAGNOSTICS
|
|
|
|
=over
|
|
|
|
=item C<Invalid argument passed to setlogsock>
|
|
|
|
B<(F)> You gave C<setlogsock()> an invalid value for C<$sock_type>.
|
|
|
|
=item C<eventlog passed to setlogsock, but no Win32 API available>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use the Win32 event logger but the
|
|
operating system running the program isn't Win32 or does not provides Win32
|
|
compatible facilities.
|
|
|
|
=item C<no connection to syslog available>
|
|
|
|
B<(F)> C<syslog()> failed to connect to the specified socket.
|
|
|
|
=item C<stream passed to setlogsock, but %s is not writable>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use a stream socket, but the given
|
|
path is not writable.
|
|
|
|
=item C<stream passed to setlogsock, but could not find any device>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use a stream socket, but didn't
|
|
provide a path, and C<Sys::Syslog> was unable to find an appropriate one.
|
|
|
|
=item C<tcp passed to setlogsock, but tcp service unavailable>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use a TCP socket, but the service
|
|
is not available on the system.
|
|
|
|
=item C<syslog: expecting argument %s>
|
|
|
|
B<(F)> You forgot to give C<syslog()> the indicated argument.
|
|
|
|
=item C<syslog: invalid level/facility: %s>
|
|
|
|
B<(F)> You specified an invalid level or facility.
|
|
|
|
=item C<syslog: too many levels given: %s>
|
|
|
|
B<(F)> You specified too many levels.
|
|
|
|
=item C<syslog: too many facilities given: %s>
|
|
|
|
B<(F)> You specified too many facilities.
|
|
|
|
=item C<syslog: level must be given>
|
|
|
|
B<(F)> You forgot to specify a level.
|
|
|
|
=item C<udp passed to setlogsock, but udp service unavailable>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use a UDP socket, but the service
|
|
is not available on the system.
|
|
|
|
=item C<unix passed to setlogsock, but path not available>
|
|
|
|
B<(W)> You asked C<setlogsock()> to use a UNIX socket, but C<Sys::Syslog>
|
|
was unable to find an appropriate an appropriate device.
|
|
|
|
=back
|
|
|
|
|
|
=head1 HISTORY
|
|
|
|
C<Sys::Syslog> is a core module, part of the standard Perl distribution
|
|
since 1990. At this time, modules as we know them didn't exist, the
|
|
Perl library was a collection of F<.pl> files, and the one for sending
|
|
syslog messages with was simply F<lib/syslog.pl>, included with Perl 3.0.
|
|
It was converted as a module with Perl 5.0, but had a version number
|
|
only starting with Perl 5.6. Here is a small table with the matching
|
|
Perl and C<Sys::Syslog> versions.
|
|
|
|
Sys::Syslog Perl
|
|
----------- ----
|
|
undef 5.0.0 ~ 5.5.4
|
|
0.01 5.6.*
|
|
0.03 5.8.0
|
|
0.04 5.8.1, 5.8.2, 5.8.3
|
|
0.05 5.8.4, 5.8.5, 5.8.6
|
|
0.06 5.8.7
|
|
0.13 5.8.8
|
|
0.22 5.10.0
|
|
0.27 5.8.9, 5.10.1 ~ 5.14.*
|
|
0.29 5.16.*
|
|
0.32 5.18.*
|
|
0.33 5.20.*
|
|
0.33 5.22.*
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
=head2 Other modules
|
|
|
|
L<Log::Log4perl> - Perl implementation of the Log4j API
|
|
|
|
L<Log::Dispatch> - Dispatches messages to one or more outputs
|
|
|
|
L<Log::Report> - Report a problem, with exceptions and language support
|
|
|
|
=head2 Manual Pages
|
|
|
|
L<syslog(3)>
|
|
|
|
SUSv3 issue 6, IEEE Std 1003.1, 2004 edition,
|
|
L<http://www.opengroup.org/onlinepubs/000095399/basedefs/syslog.h.html>
|
|
|
|
GNU C Library documentation on syslog,
|
|
L<http://www.gnu.org/software/libc/manual/html_node/Syslog.html>
|
|
|
|
FreeBSD documentation on syslog,
|
|
L<https://www.freebsd.org/cgi/man.cgi?query=syslog>
|
|
|
|
Solaris 11 documentation on syslog,
|
|
L<https://docs.oracle.com/cd/E53394_01/html/E54766/syslog-3c.html>
|
|
|
|
Mac OS X documentation on syslog,
|
|
L<http://developer.apple.com/documentation/Darwin/Reference/ManPages/man3/syslog.3.html>
|
|
|
|
IRIX documentation on syslog,
|
|
L<http://nixdoc.net/man-pages/IRIX/man3/syslog.3c.html>
|
|
|
|
AIX 5L 5.3 documentation on syslog,
|
|
L<http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.basetechref/doc/basetrf2/syslog.htm>
|
|
|
|
HP-UX 11i documentation on syslog,
|
|
L<http://docs.hp.com/en/B2355-60130/syslog.3C.html>
|
|
|
|
Tru64 documentation on syslog,
|
|
L<http://nixdoc.net/man-pages/Tru64/man3/syslog.3.html>
|
|
|
|
Stratus VOS 15.1,
|
|
L<http://stratadoc.stratus.com/vos/15.1.1/r502-01/wwhelp/wwhimpl/js/html/wwhelp.htm?context=r502-01&file=ch5r502-01bi.html>
|
|
|
|
=head2 RFCs
|
|
|
|
I<RFC 3164 - The BSD syslog Protocol>, L<http://www.faqs.org/rfcs/rfc3164.html>
|
|
-- Please note that this is an informational RFC, and therefore does not
|
|
specify a standard of any kind.
|
|
|
|
I<RFC 3195 - Reliable Delivery for syslog>, L<http://www.faqs.org/rfcs/rfc3195.html>
|
|
|
|
=head2 Articles
|
|
|
|
I<Syslogging with Perl>, L<http://lexington.pm.org/meetings/022001.html>
|
|
|
|
=head2 Event Log
|
|
|
|
Windows Event Log,
|
|
L<http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wes/wes/windows_event_log.asp>
|
|
|
|
|
|
=head1 AUTHORS & ACKNOWLEDGEMENTS
|
|
|
|
Tom Christiansen E<lt>F<tchrist (at) perl.com>E<gt> and Larry Wall
|
|
E<lt>F<larry (at) wall.org>E<gt>.
|
|
|
|
UNIX domain sockets added by Sean Robinson
|
|
E<lt>F<robinson_s (at) sc.maricopa.edu>E<gt> with support from Tim Bunce
|
|
E<lt>F<Tim.Bunce (at) ig.co.uk>E<gt> and the C<perl5-porters> mailing list.
|
|
|
|
Dependency on F<syslog.ph> replaced with XS code by Tom Hughes
|
|
E<lt>F<tom (at) compton.nu>E<gt>.
|
|
|
|
Code for C<constant()>s regenerated by Nicholas Clark E<lt>F<nick (at) ccl4.org>E<gt>.
|
|
|
|
Failover to different communication modes by Nick Williams
|
|
E<lt>F<Nick.Williams (at) morganstanley.com>E<gt>.
|
|
|
|
Extracted from core distribution for publishing on the CPAN by
|
|
SE<eacute>bastien Aperghis-Tramoni E<lt>sebastien (at) aperghis.netE<gt>.
|
|
|
|
XS code for using native C functions borrowed from C<L<Unix::Syslog>>,
|
|
written by Marcus Harnisch E<lt>F<marcus.harnisch (at) gmx.net>E<gt>.
|
|
|
|
Yves Orton suggested and helped for making C<Sys::Syslog> use the native
|
|
event logger under Win32 systems.
|
|
|
|
Jerry D. Hedden and Reini Urban provided greatly appreciated help to
|
|
debug and polish C<Sys::Syslog> under Cygwin.
|
|
|
|
|
|
=head1 BUGS
|
|
|
|
Please report any bugs or feature requests to
|
|
C<bug-sys-syslog (at) rt.cpan.org>, or through the web interface at
|
|
L<http://rt.cpan.org/Public/Dist/Display.html?Name=Sys-Syslog>.
|
|
I will be notified, and then you'll automatically be notified of progress on
|
|
your bug as I make changes.
|
|
|
|
|
|
=head1 SUPPORT
|
|
|
|
You can find documentation for this module with the perldoc command.
|
|
|
|
perldoc Sys::Syslog
|
|
|
|
You can also look for information at:
|
|
|
|
=over
|
|
|
|
=item * Perl Documentation
|
|
|
|
L<http://perldoc.perl.org/Sys/Syslog.html>
|
|
|
|
=item * MetaCPAN
|
|
|
|
L<https://metacpan.org/module/Sys::Syslog>
|
|
|
|
=item * Search CPAN
|
|
|
|
L<http://search.cpan.org/dist/Sys-Syslog/>
|
|
|
|
=item * AnnoCPAN: Annotated CPAN documentation
|
|
|
|
L<http://annocpan.org/dist/Sys-Syslog>
|
|
|
|
=item * CPAN Ratings
|
|
|
|
L<http://cpanratings.perl.org/d/Sys-Syslog>
|
|
|
|
=item * RT: CPAN's request tracker
|
|
|
|
L<http://rt.cpan.org/Dist/Display.html?Queue=Sys-Syslog>
|
|
|
|
=back
|
|
|
|
The source code is available on Git Hub:
|
|
L<https://github.com/maddingue/Sys-Syslog/>
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright (C) 1990-2012 by Larry Wall and others.
|
|
|
|
|
|
=head1 LICENSE
|
|
|
|
This program is free software; you can redistribute it and/or modify it
|
|
under the same terms as Perl itself.
|
|
|
|
=cut
|
|
|
|
=begin comment
|
|
|
|
Notes for the future maintainer (even if it's still me..)
|
|
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
Using Google Code Search, I search who on Earth was relying on $host being
|
|
public. It found 5 hits:
|
|
|
|
* First was inside Indigo Star Perl2exe documentation. Just an old version
|
|
of Sys::Syslog.
|
|
|
|
|
|
* One real hit was inside DalWeathDB, a weather related program. It simply
|
|
does a
|
|
|
|
$Sys::Syslog::host = '127.0.0.1';
|
|
|
|
- L<http://www.gallistel.net/nparker/weather/code/>
|
|
|
|
|
|
* Two hits were in TPC, a fax server thingy. It does a
|
|
|
|
$Sys::Syslog::host = $TPC::LOGHOST;
|
|
|
|
but also has this strange piece of code:
|
|
|
|
# work around perl5.003 bug
|
|
sub Sys::Syslog::hostname {}
|
|
|
|
I don't know what bug the author referred to.
|
|
|
|
- L<http://www.tpc.int/>
|
|
- L<ftp://ftp-usa.tpc.int/pub/tpc/server/UNIX/>
|
|
|
|
|
|
* Last hit was in Filefix, which seems to be a FIDOnet mail program (!).
|
|
This one does not use $host, but has the following piece of code:
|
|
|
|
sub Sys::Syslog::hostname
|
|
{
|
|
use Sys::Hostname;
|
|
return hostname;
|
|
}
|
|
|
|
I guess this was a more elaborate form of the previous bit, maybe because
|
|
of a bug in Sys::Syslog back then?
|
|
|
|
- L<ftp://ftp.kiae.su/pub/unix/fido/>
|
|
|
|
|
|
Links
|
|
-----
|
|
Linux Fast-STREAMS
|
|
- L<http://www.openss7.org/streams.html>
|
|
|
|
II12021: SYSLOGD HOWTO TCPIPINFO (z/OS, OS/390, MVS)
|
|
- L<http://www-1.ibm.com/support/docview.wss?uid=isg1II12021>
|
|
|
|
Getting the most out of the Event Viewer
|
|
- L<http://www.codeproject.com/dotnet/evtvwr.asp?print=true>
|
|
|
|
Log events to the Windows NT Event Log with JNI
|
|
- L<http://www.javaworld.com/javaworld/jw-09-2001/jw-0928-ntmessages.html>
|
|
|
|
=end comment
|
|
|