Yes, you can create a custom facility. In fact. your experiment
was 99% correct. The only thing you needed to do differently was
to use the "syslog" command rather than the "logger" command. Try
this:
syslog -s -k Facility radius Message test
It should do exactly what you want.
We introduced a new Apple System Log message service in Mac OS X
10.4 (Tiger). See the syslogd(8) man page for a description of
the components of ASL, and details on the operation of the
server. See the asl(3) man page for details on the API.
Before Tiger, Mac OS X used the same syslog system that's used on
many other OS platforms. It used a list of Facility codes that
were found in /usr/include/sys/syslog.h. To add a new facility
code in the old system, you would need to change the header file,
and then recompile syslogd and anything else that needed to be
aware of the new facility - including the "logger" command.
We still support the old syslog(3) API, and some utilities like
the logger command, but underneath them is the new ASL service.
Amongst many other changes, ASL does not have a hard-coded list of
facilities. The facility may now be any string. The only policy
that is enforced with regards to facility names is that only root
(UID 0) processes may use "com.apple.system" as a facility name,
or as the prefix for a facility name. We're encouraging
developers to try to use a "Reverse ICANN" naming convention for
facility names to avoid namespace conflicts.
Here's a small test program that will also send a "test" message
with the "raduis" facility:
#include <asl.h>
#include <string.h>
int main()
{
aslmsg m = asl_new(ASL_TYPE_MSG);
asl_set_filter(NULL, ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG));
asl_set(m, "Facility", "radius");
asl_log(NULL, m, ASL_LEVEL_DEBUG, "test");
return(0);
}
See the asl(3) man page for details on the API, but I'll add a
couple of notes.
The reason for the call to asl_set_filter() is that, by default,
the client side of the ASL library filters out messages with level
ASL_LEVEL_DEBUG and ASL_LEVEL_NOTICE. Unless you set the filter
to pass debug messages to syslogd, then nothing would actually get
through to the log file.
If you read through the man page, you'd also find that the
following code *should* work:
aslclient a = asl_open(NULL, "radius", 0);
asl_set_filter(NULL, ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG));
asl_log(a, NULL, ASL_LEVEL_DEBUG, "test");
asl_close(a);
return(0);
But due to a bug in asl_open(), it doesn't. Sorry about that!
The bug will be fixed in 10.5 (Leopard).
--
Marc Majka
On 1 Oct, 2006, at 22:45, Terry Simons wrote:
Hi,
Is it possible to configure the Mac OS X syslogd for custom
facilities? (Specifically Tiger)
I've tried doing the following:
radius.* /var/log/
radiator/authlog/syslog.log
My tests with "logger" fail: 'logger -p radius.info test'
logger: unknown facility name: radius.
I've been digging through the archives for an answer to this
question, but I haven't had much luck with this specific problem.
From the syslog.conf manpage:
The facility describes the part of the system generating the
message, and
is one of the following keywords: auth, authpriv, cron,
daemon, kern,
lpr, mail, mark, news, syslog, user, uucp and local0 through
local7.
Does this mean that custom logs using other keywords for the
facility name aren't allowed?
I've double checked the following:
I'm using tabs, not spaces, in the facility line.
I've HUP'd the syslogd server.
The file exists and has correct permissions.
Is it possible to do what I want on Mac OS X 10.4?
Thanks,
- Terry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/darwin-dev/email@hidden
This email sent to email@hidden
