diff options
Diffstat (limited to 'docs')
-rw-r--r-- | docs/cmdline.md | 12 | ||||
-rw-r--r-- | docs/defconfig.md | 11 | ||||
-rw-r--r-- | docs/usyslogd.md | 103 |
3 files changed, 5 insertions, 121 deletions
diff --git a/docs/cmdline.md b/docs/cmdline.md index e1500aa..e47cd8e 100644 --- a/docs/cmdline.md +++ b/docs/cmdline.md @@ -33,15 +33,3 @@ The option `-f` or `--force` can be used to by pass the init system entirely and force a hard reset or power off by directly signalling the kernel. Running any one of those programs requires superuser privileges. - - -## syslog - -If the `usyslogd` service is built as part of this package, a program called -`syslog` is built that can be used from the command line to send syslog -messages. - -This can for instance be used to produce log messages from shell scripts. - -The log level, facility and identity string can be specified. -See `syslog --help` for more information. diff --git a/docs/defconfig.md b/docs/defconfig.md index a2c790f..346e900 100644 --- a/docs/defconfig.md +++ b/docs/defconfig.md @@ -21,7 +21,7 @@ The pseudo targets are (in the order that they are executed): The system has reached a sane state, i.e. the hostname is set, the system clock has a sane value, modules and kernel parameters are loaded, some - very basic, fundamental services are running (e.g. syslog). + very basic, fundamental services are running. Everything that is part of that setup process goes between `vfs` and `sysinit`, everything that requires a sane setup goes *after* `sysinit`. @@ -55,10 +55,6 @@ the `vfs` target and *before* the `sysinit` target: * hostname - reload hostname `/etc/hostname` * loopback - bring the loopback device up - * usyslogd - if the `usyslogd` service is compiled with this package, this - service is enabled by default and starts `usyslogd`. - * klogd - if the `klogd` daemon is compiled with this package, this service - is enabled by default and starts after `usyslogd`. * modules - iterate over the file `/etc/modules` and try to load each module using modprobe. * sysctl - restore kernel parameters using `sysctl --system`. See `sysctl(8)` @@ -117,4 +113,7 @@ For the shutdown and reboot targets, the following services are executed: * sshd - Starts an OpenSSH server after the network pseudo service and after the sshd_keygen service. * nginx - Starts the Nginx server after the network pseudo serivce. - + * usyslogd - Starts and supervises the `usyslogd` syslog implementation as + part of the `sysinit` target. + * klogd - Stats and supervises the `klogd` daemon as part of the `sysinit` + target. The `klogd` daemon is part of the `usyslog` package. diff --git a/docs/usyslogd.md b/docs/usyslogd.md deleted file mode 100644 index 525c475..0000000 --- a/docs/usyslogd.md +++ /dev/null @@ -1,103 +0,0 @@ -# Syslogd Implementation - -A tiny syslogd implementation `usyslogd` is provided as part of this package. - -It opens a socket in `/dev/log`, processes syslog messages and forwards the -parsed message to a modular backend interface. - -Currently, there is only one implementation of the backend interface that dumps -the log messages into files in the processes working directory (by default -`/var/log`). - -A simple log rotation scheme has been implemented. - - -## Kernel Message Logging - -An additional small `klogd` daemon is provided that redirects kernel messages -to the syslog daemon. - -It can be enabled or disabled independently of the `usyslogd` daemon and is -designed to work with any other syslogd implementation. - - -## Security Considerations - -By default, the daemon switches its working directory to `/var/log`. The -directory is created if it doesn't exist and the daemon always tries to -change its mode to one that doesn't allow other users (except group members) -to access the directory. - -If told to so on the command line, the daemon chroots to the log directory. - -By default, the daemon then tries to drop privileges by switching to user and -group named `syslogd` if they exist (any other user or group can be specified -on the command line; doing so causes syslogd to fail if they don't exist). - - -On a system that hosts accounts for multiple users that may be more or less -trusted, one may consider only giving system services access to the syslog -socket and not allowing regular users. Otherwise, a user may flood the syslog -daemon with messages, possibly leading to resource starvation, or (in the case -of size limited log rotation outlined below) to the loss of otherwise critical -log messages. Since this is not the primary target of the Pygos system, such -a mechanism is not yet implemented. - -In case of a system where only daemons are running, the above mentioned -security measure is useless. If a remote attacker manages to get regular user -privileges, you already have a different, much greater problem. Also, a remote -attacker would have to compromise a local daemon that already has special -access to the syslog socket, which is again your least concern in this -scenario. - - -## Logrotation - -The backend can be configured to do log rotation in a continuous fashion (i.e. -in a way that log messages aren't lost), or in a way where it drops old -messages. Furthermore, the backend can be configured to automatically do a log -rotation if a certain size threshold is hit. - -If the `usyslogd` receives a `SIGHUP`, it tells the backend to do log rotation. - -In the case of the size threshold, the backend is expected to do the rotation -on its own if the predetermined limit is hit. - - -## File Based Backend - -The file based backend writes log messages to files in the current working -directory (by default `/var/log`), named either after the ident string (if -specified) or the facility name. - -Log messages are prefixed with an ISO 8601 time stamp, optionally the facility -name (unless part of the file name), the log level and the senders PID. Each -of those fields is enclosed in brackets. - -Log rotation in a continuous fashion means renaming the existing log file to -one suffixed with the current time stamp. Overwriting old messages renaming -the log file by appending a constant `.1` suffix. - - -## Default Configuration - -The default service configuration limits the log file size to 8 KiB and -configures the daemon to overwrite old messages when rotating log files, -effectively limiting the amount of log data to 16 KiB per source or facility. - -The intended use case in the Pygos system is logging to a ramdisk without -exhausting available memory. - - -## Possible Future Directions - -In the near term future, the daemon probably requires more fine grained control -over logging such as setting a minimum log level or a way to configure limits -per facility or service. - -In the medium term future, extended resource control using c-groups might be -a possibility. - -Future directions may include adding other backends, such as forwarding the -log messages to a central server, for instance using syslog over UDP/TCP or -using the front end of some time series database. |