To: inetutils-syslogd@packages.debian.org
To: socklog-run@packages.debian.org
To: syslog-ng-core@packages.debian.org

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------3KAOeNg8tA5AJTcCuZ2EYNmh
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

SGkgcHJvdmlkZXJzIG9mIHN5c3RlbS1sb2ctZGFlbW9uLA0KDQp3aGVuIEkgc3RhcnRlZCBw YWNrYWdpbmcgcnN5c2xvZyBmb3IgRGViaWFuIEkgYmFzZWQgL2V0Yy9yc3lzbG9nLmNvbmYg b24gDQp3aGF0J3MgYmVlbiBpbiAvZXRjL3N5c2xvZy5jb25mIGF0IHRoYXQgdGltZSAoYXMg cHJvdmlkZWQgYnkgdGhlIG5vIA0KbG9uZ2VyIGV4aXN0aW5nIHN5c2tsb2dkKS4NCg0KVW5m b3J0dW5hdGVseSwgdGhpcyBhbHNvIG1lYW50LCB0aGVyZSB3YXMgYSBsb3Qgb2YgZHVwbGlj YXRpb24gKHNheSBtYWlsIA0KbWVzc2FnZXMgYmVpbmcgbG9nZ2VkIHRvIDQgZGlmZmVyZW50 IGZpbGVzKSBhbmQgbm8gb25lIGNvdWxkIGV4cGxhaW4gdG8gDQptZSwgd2h5IHdlIGhhZCB0 aGlzIGR1cGxpY2F0aW9uIC8gcGFydGljdWxhciBzZXR1cC4NCg0KSSB0cmllZCB0byBjbGVh biB0aGF0IHVwIGZvciByc3lzbG9nIGR1cmluZyB0aGUgYm9va3dvcm0gcmVsZWFzZSBjeWNs ZS4NCk15IGd1aWRpbmcgcHJpbmNpcGxlIHdhcyB0byBoYXZlIGEgc2luZ2xlIGxvZyBmaWxl IGNvbnRhaW5pbmcgZXZlcnl0aGluZyANCihtaW51cyBzZWN1cml0eSBzZW5zaXRpdmUgaW5m b3JtYXRpb24pIGFuZCBzZXBhcmF0ZSBsb2cgZmlsZXMgZm9yIA0KY29tbW9ubHkgdXNlZCBm YWNpbGl0aWVzIHRoYXQgYXJlIGluIHVzZSBhcyBvZiB0b2RheS4NCg0KSSBlbmRlZCB1cCB3 aXRoDQoNCiMNCiMgTG9nIGFueXRoaW5nIGJlc2lkZXMgcHJpdmF0ZSBhdXRoZW50aWNhdGlv biBtZXNzYWdlcyB0byBhIHNpbmdsZSBsb2cgZmlsZQ0KIw0KKi4qO2F1dGgsYXV0aHByaXYu bm9uZQkJLS92YXIvbG9nL3N5c2xvZw0KDQojDQojIExvZyBjb21tb25seSB1c2VkIGZhY2ls aXRpZXMgdG8gdGhlaXIgb3duIGxvZyBmaWxlDQojDQphdXRoLGF1dGhwcml2LioJCQkvdmFy L2xvZy9hdXRoLmxvZw0KY3Jvbi4qCQkJCS0vdmFyL2xvZy9jcm9uLmxvZw0Ka2Vybi4qCQkJ CS0vdmFyL2xvZy9rZXJuLmxvZw0KbWFpbC4qCQkJCS0vdmFyL2xvZy9tYWlsLmxvZw0KdXNl ci4qCQkJCS0vdmFyL2xvZy91c2VyLmxvZw0KDQpbMV0gY29udGFpbnMgYSBtb3JlIGRldGFp bGVkIGxvZyBvZiB0aGUgaW5kaXZpZHVhbCBjaGFuZ2VzLg0KSWYgeW91IHdhbnQgdG8gYXBw bHkgdGhlIHNhbWUgc2V0IG9mIHJ1bGVzIHRvIHlvdXIgbG9nIGRhZW1vbiBpcyANCm9idmlv dXNseSB1cCB0byB5b3UuDQpJIGp1c3Qgd2FudGVkIHRvIGdpdmUgeW91IGEgaGVhZHMgdXAs IGFzIEkgdGhpbmsgdGhhdCBzb21lIGNvbnNpc3RlbmN5IA0KYmV0d2VlbiBkaWZmZXJlbnQg c3lzbG9nIGltcGxlbWVudGF0aW9ucyB3aXRoaW4gRGViaWFuIG1pZ2h0IGJlIGJlbmVmaWNp YWwuDQoNClJlZ2FyZHMsDQpNaWNoYWVsDQoNCg0KWzFdIA0KaHR0cHM6Ly9zYWxzYS5kZWJp YW4ub3JnL2RlYmlhbi9yc3lzbG9nLy0vY29tbWl0cy9kZWJpYW4vbWFzdGVyL2RlYmlhbi9y c3lzbG9nLmNvbmYNCg==

--------------3KAOeNg8tA5AJTcCuZ2EYNmh--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmSLAygFAwAAAAAACgkQauHfDWCPItwy dxAAhCmBPCJqqoVDrIrUujlyPG7g0HvEvT4cvOz4Z+yNrL1GRL1G+1H2OnMdpI57boUbdniwwVnF AI/7C/I+uDXm+SwZDesX3myZtCLCVoD+FqvUeB4rmtnH786k1AlhPNw4YlIaD5iIkMrhxoVNS4PV +8iK9okYFtYFGPZ9cfxjrb5x4HRFT53CTHP/ueyQnqH4n//p4Khs2zoOL4liXROjaDoGZgNCnvr8 wAAc4MGlelFnq42o/tKsfdGUJk/K3EwycCXxrR6kMO8BcjZLEdW4LPCE0yR9VOV+ClBqxy76QxTj N+CwbciHJAwGeEeMHWBOQZNj+oe39hXOt2jVjrXppvAaf62XUb1OqL9dcVWL+o26WfexFVc00g2+ pn977gCdKHUEhqA/uXA0djLYwqKXfwuXcS6TF7og77GpMqJYxarl0B0vp9JuuJHz/uNg2HwHgvDH hYwt+Ot6TnuHciWMcfZhprKE8qWW6LFLBm+pXUNIDlyyk277GrmLsWNZbzpIbH7/QHKkVZ6UBkR7 ls9mXmdaNpGFkZ4avMtWMt8PKFxGr13aD0VKKp53yI6Ry7QUsHjUNiWJ8w2JH1Vdkx7NObD8p+sE m58WE8srtSLm1Afk4cCJSCt17Sops9nsr7PApiELotXlW6iqOHpA0E/2q3+XyU3bl5RVU9vFcs67 Zq4=
=Vg3i
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

15.06.2023 15:25, Michael Biebl wrote:

Hi providers of system-log-daemon,

when I started packaging rsyslog for Debian I based /etc/rsyslog.conf on what's been in /etc/syslog.conf at that time (as provided by the no longer
existing sysklogd).

Unfortunately, this also meant, there was a lot of duplication (say mail messages being logged to 4 different files) and no one could explain to me,
why we had this duplication / particular setup.

I tried to clean that up for rsyslog during the bookworm release cycle.
My guiding principle was to have a single log file containing everything (minus security sensitive information) and separate log files for commonly
used facilities that are in use as of today.

I ended up with

#
# Log anything besides private authentication messages to a single log file
#
*.*;auth,authpriv.none        -/var/log/syslog

#
# Log commonly used facilities to their own log file
#
auth,authpriv.*            /var/log/auth.log cron.*                -/var/log/cron.log kern.*                -/var/log/kern.log mail.*                -/var/log/mail.log user.*                -/var/log/user.log

Hm. Guess I'll use this for busybox-syslogd too. Thank you for the heads-up, it come really timely, since just a few days ago I refreshed that package
and was now wondering what files needed to be there.

Another question is whenever to store files as root:adm, mode 0640 by default. I guess these permissions are set by logrotate, but I'm not sure.

Thank!

/mjt

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

15.06.2023 15:25, Michael Biebl wrote:

# Log anything besides private authentication messages to a single log file
#
*.*;auth,authpriv.none        -/var/log/syslog

#
# Log commonly used facilities to their own log file
#
auth,authpriv.*        /var/log/auth.log cron.*                -/var/log/cron.log kern.*                -/var/log/kern.log mail.*                -/var/log/mail.log user.*                -/var/log/user.log

There's no daemon.log. Is it because we already have syslog?

Thanks!

/mjt

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)