aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/cmdline.md12
-rw-r--r--docs/defconfig.md11
-rw-r--r--docs/usyslogd.md103
3 files changed, 5 insertions, 121 deletions
diff --git a/docs/cmdline.md b/docs/cmdline.md
index e1500aa..e47cd8e 100644
--- a/docs/cmdline.md
+++ b/docs/cmdline.md
@@ -33,15 +33,3 @@ The option `-f` or `--force` can be used to by pass the init system entirely
and force a hard reset or power off by directly signalling the kernel.
Running any one of those programs requires superuser privileges.
-
-
-## syslog
-
-If the `usyslogd` service is built as part of this package, a program called
-`syslog` is built that can be used from the command line to send syslog
-messages.
-
-This can for instance be used to produce log messages from shell scripts.
-
-The log level, facility and identity string can be specified.
-See `syslog --help` for more information.
diff --git a/docs/defconfig.md b/docs/defconfig.md
index a2c790f..346e900 100644
--- a/docs/defconfig.md
+++ b/docs/defconfig.md
@@ -21,7 +21,7 @@ The pseudo targets are (in the order that they are executed):
The system has reached a sane state, i.e. the hostname is set, the system
clock has a sane value, modules and kernel parameters are loaded, some
- very basic, fundamental services are running (e.g. syslog).
+ very basic, fundamental services are running.
Everything that is part of that setup process goes between `vfs` and
`sysinit`, everything that requires a sane setup goes *after* `sysinit`.
@@ -55,10 +55,6 @@ the `vfs` target and *before* the `sysinit` target:
* hostname - reload hostname `/etc/hostname`
* loopback - bring the loopback device up
- * usyslogd - if the `usyslogd` service is compiled with this package, this
- service is enabled by default and starts `usyslogd`.
- * klogd - if the `klogd` daemon is compiled with this package, this service
- is enabled by default and starts after `usyslogd`.
* modules - iterate over the file `/etc/modules` and try to load each module
using modprobe.
* sysctl - restore kernel parameters using `sysctl --system`. See `sysctl(8)`
@@ -117,4 +113,7 @@ For the shutdown and reboot targets, the following services are executed:
* sshd - Starts an OpenSSH server after the network pseudo service and after
the sshd_keygen service.
* nginx - Starts the Nginx server after the network pseudo serivce.
-
+ * usyslogd - Starts and supervises the `usyslogd` syslog implementation as
+ part of the `sysinit` target.
+ * klogd - Stats and supervises the `klogd` daemon as part of the `sysinit`
+ target. The `klogd` daemon is part of the `usyslog` package.
diff --git a/docs/usyslogd.md b/docs/usyslogd.md
deleted file mode 100644
index 525c475..0000000
--- a/docs/usyslogd.md
+++ /dev/null
@@ -1,103 +0,0 @@
-# Syslogd Implementation
-
-A tiny syslogd implementation `usyslogd` is provided as part of this package.
-
-It opens a socket in `/dev/log`, processes syslog messages and forwards the
-parsed message to a modular backend interface.
-
-Currently, there is only one implementation of the backend interface that dumps
-the log messages into files in the processes working directory (by default
-`/var/log`).
-
-A simple log rotation scheme has been implemented.
-
-
-## Kernel Message Logging
-
-An additional small `klogd` daemon is provided that redirects kernel messages
-to the syslog daemon.
-
-It can be enabled or disabled independently of the `usyslogd` daemon and is
-designed to work with any other syslogd implementation.
-
-
-## Security Considerations
-
-By default, the daemon switches its working directory to `/var/log`. The
-directory is created if it doesn't exist and the daemon always tries to
-change its mode to one that doesn't allow other users (except group members)
-to access the directory.
-
-If told to so on the command line, the daemon chroots to the log directory.
-
-By default, the daemon then tries to drop privileges by switching to user and
-group named `syslogd` if they exist (any other user or group can be specified
-on the command line; doing so causes syslogd to fail if they don't exist).
-
-
-On a system that hosts accounts for multiple users that may be more or less
-trusted, one may consider only giving system services access to the syslog
-socket and not allowing regular users. Otherwise, a user may flood the syslog
-daemon with messages, possibly leading to resource starvation, or (in the case
-of size limited log rotation outlined below) to the loss of otherwise critical
-log messages. Since this is not the primary target of the Pygos system, such
-a mechanism is not yet implemented.
-
-In case of a system where only daemons are running, the above mentioned
-security measure is useless. If a remote attacker manages to get regular user
-privileges, you already have a different, much greater problem. Also, a remote
-attacker would have to compromise a local daemon that already has special
-access to the syslog socket, which is again your least concern in this
-scenario.
-
-
-## Logrotation
-
-The backend can be configured to do log rotation in a continuous fashion (i.e.
-in a way that log messages aren't lost), or in a way where it drops old
-messages. Furthermore, the backend can be configured to automatically do a log
-rotation if a certain size threshold is hit.
-
-If the `usyslogd` receives a `SIGHUP`, it tells the backend to do log rotation.
-
-In the case of the size threshold, the backend is expected to do the rotation
-on its own if the predetermined limit is hit.
-
-
-## File Based Backend
-
-The file based backend writes log messages to files in the current working
-directory (by default `/var/log`), named either after the ident string (if
-specified) or the facility name.
-
-Log messages are prefixed with an ISO 8601 time stamp, optionally the facility
-name (unless part of the file name), the log level and the senders PID. Each
-of those fields is enclosed in brackets.
-
-Log rotation in a continuous fashion means renaming the existing log file to
-one suffixed with the current time stamp. Overwriting old messages renaming
-the log file by appending a constant `.1` suffix.
-
-
-## Default Configuration
-
-The default service configuration limits the log file size to 8 KiB and
-configures the daemon to overwrite old messages when rotating log files,
-effectively limiting the amount of log data to 16 KiB per source or facility.
-
-The intended use case in the Pygos system is logging to a ramdisk without
-exhausting available memory.
-
-
-## Possible Future Directions
-
-In the near term future, the daemon probably requires more fine grained control
-over logging such as setting a minimum log level or a way to configure limits
-per facility or service.
-
-In the medium term future, extended resource control using c-groups might be
-a possibility.
-
-Future directions may include adding other backends, such as forwarding the
-log messages to a central server, for instance using syslog over UDP/TCP or
-using the front end of some time series database.