Kerala Cyber
Warriors
KCW Uploader V1.1
package Sys::Syslog;
use strict;
use warnings;
use warnings::register;
use Carp;
use Config;
use Exporter ();
use File::Basename;
use POSIX qw< strftime setlocale LC_TIME >;
use Socket qw< :all >;
require 5.005;
*import = \&Exporter::import;
{ no strict 'vars';
$VERSION = '0.35';
%EXPORT_TAGS = (
standard => [qw(openlog syslog closelog setlogmask)],
extended => [qw(setlogsock)],
macros => [
# levels
qw(
LOG_ALERT LOG_CRIT LOG_DEBUG LOG_EMERG LOG_ERR
LOG_INFO LOG_NOTICE LOG_WARNING
),
# standard facilities
qw(
LOG_AUTH LOG_AUTHPRIV LOG_CRON LOG_DAEMON LOG_FTP LOG_KERN
LOG_LOCAL0 LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4
LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_LPR LOG_MAIL LOG_NEWS
LOG_SYSLOG LOG_USER LOG_UUCP
),
# Mac OS X specific facilities
qw( LOG_INSTALL LOG_LAUNCHD LOG_NETINFO LOG_RAS LOG_REMOTEAUTH ),
# modern BSD specific facilities
qw( LOG_CONSOLE LOG_NTP LOG_SECURITY ),
# IRIX specific facilities
qw( LOG_AUDIT LOG_LFMT ),
# options
qw(
LOG_CONS LOG_PID LOG_NDELAY LOG_NOWAIT LOG_ODELAY LOG_PERROR
),
# others macros
qw(
LOG_FACMASK LOG_NFACILITIES LOG_PRIMASK
LOG_MASK LOG_UPTO
),
],
);
@EXPORT = (
@{$EXPORT_TAGS{standard}},
);
@EXPORT_OK = (
@{$EXPORT_TAGS{extended}},
@{$EXPORT_TAGS{macros}},
);
eval {
require XSLoader;
XSLoader::load('Sys::Syslog', $VERSION);
1
} or do {
require DynaLoader;
push @ISA, 'DynaLoader';
bootstrap Sys::Syslog $VERSION;
};
}
#
# Constants
#
use constant HAVE_GETPROTOBYNAME => $Config::Config{d_getpbyname};
use constant HAVE_GETPROTOBYNUMBER => $Config::Config{d_getpbynumber};
use constant HAVE_SETLOCALE => $Config::Config{d_setlocale};
use constant HAVE_IPPROTO_TCP => defined &Socket::IPPROTO_TCP ? 1 : 0;
use constant HAVE_IPPROTO_UDP => defined &Socket::IPPROTO_UDP ? 1 : 0;
use constant HAVE_TCP_NODELAY => defined &Socket::TCP_NODELAY ? 1 : 0;
use constant SOCKET_IPPROTO_TCP =>
HAVE_IPPROTO_TCP ? Socket::IPPROTO_TCP
: HAVE_GETPROTOBYNAME ? scalar getprotobyname("tcp")
: 6;
use constant SOCKET_IPPROTO_UDP =>
HAVE_IPPROTO_UDP ? Socket::IPPROTO_UDP
: HAVE_GETPROTOBYNAME ? scalar getprotobyname("udp")
: 17;
use constant SOCKET_TCP_NODELAY => HAVE_TCP_NODELAY ? Socket::TCP_NODELAY : 1;
#
# Public variables
#
use vars qw($host); # host to send syslog messages to (see notes at end)
#
# Prototypes
#
sub silent_eval (&);
#
# Global variables
#
use vars qw($facility);
my $connected = 0; # flag to indicate if we're connected or not
my $syslog_send; # coderef of the function used to send messages
my $syslog_path = undef; # syslog path for "stream" and "unix" mechanisms
my $syslog_xobj = undef; # if defined, holds the external object used to send messages
my $transmit_ok = 0; # flag to indicate if the last message was transmitted
my $sock_port = undef; # socket port
my $sock_timeout = 0; # socket timeout, see below
my $current_proto = undef; # current mechanism used to transmit messages
my $ident = ''; # identifiant prepended to each message
$facility = ''; # current facility
my $maskpri = LOG_UPTO(&LOG_DEBUG); # current log mask
my %options = (
ndelay => 0,
noeol => 0,
nofatal => 0,
nonul => 0,
nowait => 0,
perror => 0,
pid => 0,
);
# Default is now to first use the native mechanism, so Perl programs
# behave like other normal Unix programs, then try other mechanisms.
my @connectMethods = qw(native tcp udp unix pipe stream console);
if ($^O eq "freebsd" or $^O eq "linux") {
@connectMethods = grep { $_ ne 'udp' } @connectMethods;
}
# And on Win32 systems, we try to use the native mechanism for this
# platform, the events logger, available through Win32::EventLog.
EVENTLOG: {
my $verbose_if_Win32 = $^O =~ /Win32/i;
if (can_load_sys_syslog_win32($verbose_if_Win32)) {
unshift @connectMethods, 'eventlog';
}
}
my @defaultMethods = @connectMethods;
my @fallbackMethods = ();
# The timeout in connection_ok() was pushed up to 0.25 sec in
# Sys::Syslog v0.19 in order to address a heisenbug on MacOSX:
# http://london.pm.org/pipermail/london.pm/Week-of-Mon-20061211/005961.html
#
# However, this also had the effect of slowing this test for
# all other operating systems, which apparently impacted some
# users (cf. CPAN-RT #34753). So, in order to make everybody
# happy, the timeout is now zero by default on all systems
# except on OSX where it is set to 250 msec, and can be set
# with the infamous setlogsock() function.
#
# Update 2011-08: this issue is also been seen on multiprocessor
# Debian GNU/kFreeBSD systems. See http://bugs.debian.org/627821
# and https://rt.cpan.org/Ticket/Display.html?id=69997
# Also, lowering the delay to 1 ms, which should be enough.
$sock_timeout = 0.001 if $^O =~ /darwin|gnukfreebsd/;
# Perl 5.6.0's warnings.pm doesn't have warnings::warnif()
if (not defined &warnings::warnif) {
*warnings::warnif = sub {
goto &warnings::warn if warnings::enabled(__PACKAGE__)
}
}
# coderef for a nicer handling of errors
my $err_sub = $options{nofatal} ? \&warnings::warnif : \&croak;
sub AUTOLOAD {
# This AUTOLOAD is used to 'autoload' constants from the constant()
# XS function.
no strict 'vars';
my $constname;
($constname = $AUTOLOAD) =~ s/.*:://;
croak "Sys::Syslog::constant() not defined" if $constname eq 'constant';
my ($error, $val) = constant($constname);
croak $error if $error;
no strict 'refs';
*$AUTOLOAD = sub { $val };
goto &$AUTOLOAD;
}
sub openlog {
($ident, my $logopt, $facility) = @_;
# default values
$ident ||= basename($0) || getlogin() || getpwuid($<) || 'syslog';
$logopt ||= '';
$facility ||= LOG_USER();
for my $opt (split /\b/, $logopt) {
$options{$opt} = 1 if exists $options{$opt}
}
$err_sub = delete $options{nofatal} ? \&warnings::warnif : \&croak;
return 1 unless $options{ndelay};
connect_log();
}
sub closelog {
disconnect_log() if $connected;
$options{$_} = 0 for keys %options;
$facility = $ident = "";
$connected = 0;
return 1
}
sub setlogmask {
my $oldmask = $maskpri;
$maskpri = shift unless $_[0] == 0;
$oldmask;
}
my %mechanism = (
console => {
check => sub { 1 },
},
eventlog => {
check => sub { return can_load_sys_syslog_win32() },
err_msg => "no Win32 API available",
},
inet => {
check => sub { 1 },
},
native => {
check => sub { 1 },
},
pipe => {
check => sub {
($syslog_path) = grep { defined && length && -p && -w _ }
$syslog_path, &_PATH_LOG, "/dev/log";
return $syslog_path ? 1 : 0
},
err_msg => "path not available",
},
stream => {
check => sub {
if (not defined $syslog_path) {
my @try = qw(/dev/log /dev/conslog);
unshift @try, &_PATH_LOG if length &_PATH_LOG;
($syslog_path) = grep { -w } @try;
}
return defined $syslog_path && -w $syslog_path
},
err_msg => "could not find any writable device",
},
tcp => {
check => sub {
return 1 if defined $sock_port;
if (eval { local $SIG{__DIE__};
getservbyname('syslog','tcp') || getservbyname('syslogng','tcp')
}) {
$host = $syslog_path;
return 1
}
else {
return
}
},
err_msg => "TCP service unavailable",
},
udp => {
check => sub {
return 1 if defined $sock_port;
if (eval { local $SIG{__DIE__}; getservbyname('syslog', 'udp') }) {
$host = $syslog_path;
return 1
}
else {
return
}
},
err_msg => "UDP service unavailable",
},
unix => {
check => sub {
my @try = ($syslog_path, &_PATH_LOG);
($syslog_path) = grep { defined && length && -w } @try;
return defined $syslog_path && -w $syslog_path
},
err_msg => "path not available",
},
);
sub setlogsock {
my %opt;
# handle arguments
# - old API: setlogsock($sock_type, $sock_path, $sock_timeout)
# - new API: setlogsock(\%options)
croak "setlogsock(): Invalid number of arguments"
unless @_ >= 1 and @_ <= 3;
if (my $ref = ref $_[0]) {
if ($ref eq "HASH") {
%opt = %{ $_[0] };
croak "setlogsock(): No argument given" unless keys %opt;
}
elsif ($ref eq "ARRAY") {
@opt{qw< type path timeout >} = @_;
}
else {
croak "setlogsock(): Unexpected \L$ref\E reference"
}
}
else {
@opt{qw< type path timeout >} = @_;
}
# check socket type, remove invalid ones
my $diag_invalid_type = "setlogsock(): Invalid type%s; must be one of "
. join ", ", map { "'$_'" } sort keys %mechanism;
croak sprintf $diag_invalid_type, "" unless defined $opt{type};
my @sock_types = ref $opt{type} eq "ARRAY" ? @{$opt{type}} : ($opt{type});
my @tmp;
for my $sock_type (@sock_types) {
carp sprintf $diag_invalid_type, " '$sock_type'" and next
unless exists $mechanism{$sock_type};
push @tmp, "tcp", "udp" and next if $sock_type eq "inet";
push @tmp, $sock_type;
}
@sock_types = @tmp;
# set global options
$syslog_path = $opt{path} if defined $opt{path};
$host = $opt{host} if defined $opt{host};
$sock_timeout = $opt{timeout} if defined $opt{timeout};
$sock_port = $opt{port} if defined $opt{port};
disconnect_log() if $connected;
$transmit_ok = 0;
@fallbackMethods = ();
@connectMethods = ();
my $found = 0;
# check each given mechanism and test if it can be used on the current system
for my $sock_type (@sock_types) {
if ( $mechanism{$sock_type}{check}->() ) {
push @connectMethods, $sock_type;
$found = 1;
}
else {
warnings::warnif("setlogsock(): type='$sock_type': "
. $mechanism{$sock_type}{err_msg});
}
}
# if no mechanism worked from the given ones, use the default ones
@connectMethods = @defaultMethods unless @connectMethods;
return $found;
}
sub syslog {
my ($priority, $mask, @args) = @_;
my ($message, $buf);
my (@words, $num, $numpri, $numfac, $sum);
my $failed = undef;
my $fail_time = undef;
my $error = $!;
# if $ident is undefined, it means openlog() wasn't previously called
# so do it now in order to have sensible defaults
openlog() unless $ident;
local $facility = $facility; # may need to change temporarily.
croak "syslog: expecting argument \$priority" unless defined $priority;
croak "syslog: expecting argument \$format" unless defined $mask;
if ($priority =~ /^\d+$/) {
$numpri = LOG_PRI($priority);
$numfac = LOG_FAC($priority) << 3;
undef $numfac if $numfac == 0; # no facility given => use default
}
elsif ($priority =~ /^\w+/) {
# Allow "level" or "level|facility".
@words = split /\W+/, $priority, 2;
undef $numpri;
undef $numfac;
for my $word (@words) {
next if length $word == 0;
# Translate word to number.
$num = xlate($word);
if ($num < 0) {
croak "syslog: invalid level/facility: $word"
}
elsif ($num <= LOG_PRIMASK() and $word ne "kern") {
croak "syslog: too many levels given: $word"
if defined $numpri;
$numpri = $num;
}
else {
croak "syslog: too many facilities given: $word"
if defined $numfac;
$facility = $word if $word =~ /^[A-Za-z]/;
$numfac = $num;
}
}
}
else {
croak "syslog: invalid level/facility: $priority"
}
croak "syslog: level must be given" unless defined $numpri;
# don't log if priority is below mask level
return 0 unless LOG_MASK($numpri) & $maskpri;
if (not defined $numfac) { # Facility not specified in this call.
$facility = 'user' unless $facility;
$numfac = xlate($facility);
}
connect_log() unless $connected;
if ($mask =~ /%m/) {
# escape percent signs for sprintf()
$error =~ s/%/%%/g if @args;
# replace %m with $error, if preceded by an even number of percent signs
$mask =~ s/(?<!%)((?:%%)*)%m/$1$error/g;
}
# add (or not) a newline
$mask .= "\n" if !$options{noeol} and rindex($mask, "\n") == -1;
$message = @args ? sprintf($mask, @args) : $mask;
if ($current_proto eq 'native') {
$buf = $message;
}
elsif ($current_proto eq 'eventlog') {
$buf = $message;
}
else {
my $whoami = $ident;
$whoami .= "[$$]" if $options{pid};
$sum = $numpri + $numfac;
my $oldlocale;
if (HAVE_SETLOCALE) {
$oldlocale = setlocale(LC_TIME);
setlocale(LC_TIME, 'C');
}
# %e format isn't available on all systems (Win32, cf. CPAN RT #69310)
my $day = strftime "%e", localtime;
if (index($day, "%") == 0) {
$day = strftime "%d", localtime;
$day =~ s/^0/ /;
}
my $timestamp = strftime "%b $day %H:%M:%S", localtime;
setlocale(LC_TIME, $oldlocale) if HAVE_SETLOCALE;
# construct the stream that will be transmitted
$buf = "<$sum>$timestamp $whoami: $message";
# add (or not) a NUL character
$buf .= "\0" if !$options{nonul};
}
# handle PERROR option
# "native" mechanism already handles it by itself
if ($options{perror} and $current_proto ne 'native') {
my $whoami = $ident;
$whoami .= "[$$]" if $options{pid};
print STDERR "$whoami: $message";
print STDERR "\n" if rindex($message, "\n") == -1;
}
# it's possible that we'll get an error from sending
# (e.g. if method is UDP and there is no UDP listener,
# then we'll get ECONNREFUSED on the send). So what we
# want to do at this point is to fallback onto a different
# connection method.
while (scalar @fallbackMethods || $syslog_send) {
if ($failed && (time - $fail_time) > 60) {
# it's been a while... maybe things have been fixed
@fallbackMethods = ();
disconnect_log();
$transmit_ok = 0; # make it look like a fresh attempt
connect_log();
}
if ($connected && !connection_ok()) {
# Something was OK, but has now broken. Remember coz we'll
# want to go back to what used to be OK.
$failed = $current_proto unless $failed;
$fail_time = time;
disconnect_log();
}
connect_log() unless $connected;
$failed = undef if ($current_proto && $failed && $current_proto eq $failed);
if ($syslog_send) {
if ($syslog_send->($buf, $numpri, $numfac)) {
$transmit_ok++;
return 1;
}
# typically doesn't happen, since errors are rare from write().
disconnect_log();
}
}
# could not send, could not fallback onto a working
# connection method. Lose.
return 0;
}
sub _syslog_send_console {
my ($buf) = @_;
# The console print is a method which could block
# so we do it in a child process and always return success
# to the caller.
if (my $pid = fork) {
if ($options{nowait}) {
return 1;
} else {
if (waitpid($pid, 0) >= 0) {
return ($? >> 8);
} else {
# it's possible that the caller has other
# plans for SIGCHLD, so let's not interfere
return 1;
}
}
} else {
if (open(CONS, ">/dev/console")) {
my $ret = print CONS $buf . "\r"; # XXX: should this be \x0A ?
POSIX::_exit($ret) if defined $pid;
close CONS;
}
POSIX::_exit(0) if defined $pid;
}
}
sub _syslog_send_stream {
my ($buf) = @_;
# XXX: this only works if the OS stream implementation makes a write
# look like a putmsg() with simple header. For instance it works on
# Solaris 8 but not Solaris 7.
# To be correct, it should use a STREAMS API, but perl doesn't have one.
return syswrite(SYSLOG, $buf, length($buf));
}
sub _syslog_send_pipe {
my ($buf) = @_;
return print SYSLOG $buf;
}
sub _syslog_send_socket {
my ($buf) = @_;
return syswrite(SYSLOG, $buf, length($buf));
#return send(SYSLOG, $buf, 0);
}
sub _syslog_send_native {
my ($buf, $numpri, $numfac) = @_;
syslog_xs($numpri|$numfac, $buf);
return 1;
}
# xlate()
# -----
# private function to translate names to numeric values
#
sub xlate {
my ($name) = @_;
return $name+0 if $name =~ /^\s*\d+\s*$/;
$name = uc $name;
$name = "LOG_$name" unless $name =~ /^LOG_/;
# ExtUtils::Constant 0.20 introduced a new way to implement
# constants, called ProxySubs. When it was used to generate
# the C code, the constant() function no longer returns the
# correct value. Therefore, we first try a direct call to
# constant(), and if the value is an error we try to call the
# constant by its full name.
my $value = constant($name);
if (index($value, "not a valid") >= 0) {
$name = "Sys::Syslog::$name";
$value = eval { no strict "refs"; &$name };
$value = $@ unless defined $value;
}
$value = -1 if index($value, "not a valid") >= 0;
return defined $value ? $value : -1;
}
# connect_log()
# -----------
# This function acts as a kind of front-end: it tries to connect to
# a syslog service using the selected methods, trying each one in the
# selected order.
#
sub connect_log {
@fallbackMethods = @connectMethods unless scalar @fallbackMethods;
if ($transmit_ok && $current_proto) {
# Retry what we were on, because it has worked in the past.
unshift(@fallbackMethods, $current_proto);
}
$connected = 0;
my @errs = ();
my $proto = undef;
while ($proto = shift @fallbackMethods) {
no strict 'refs';
my $fn = "connect_$proto";
$connected = &$fn(\@errs) if defined &$fn;
last if $connected;
}
$transmit_ok = 0;
if ($connected) {
$current_proto = $proto;
my ($old) = select(SYSLOG); $| = 1; select($old);
} else {
@fallbackMethods = ();
$err_sub->(join "\n\t- ", "no connection to syslog available", @errs);
return undef;
}
}
sub connect_tcp {
my ($errs) = @_;
my $port = $sock_port
|| eval { local $SIG{__DIE__}; getservbyname('syslog', 'tcp') }
|| eval { local $SIG{__DIE__}; getservbyname('syslogng', 'tcp') };
if (!defined $port) {
push @$errs, "getservbyname failed for syslog/tcp and syslogng/tcp";
return 0;
}
my $addr;
if (defined $host) {
$addr = inet_aton($host);
if (!$addr) {
push @$errs, "can't lookup $host";
return 0;
}
} else {
$addr = INADDR_LOOPBACK;
}
$addr = sockaddr_in($port, $addr);
if (!socket(SYSLOG, AF_INET, SOCK_STREAM, SOCKET_IPPROTO_TCP)) {
push @$errs, "tcp socket: $!";
return 0;
}
setsockopt(SYSLOG, SOL_SOCKET, SO_KEEPALIVE, 1);
setsockopt(SYSLOG, SOCKET_IPPROTO_TCP, SOCKET_TCP_NODELAY, 1);
if (!connect(SYSLOG, $addr)) {
push @$errs, "tcp connect: $!";
return 0;
}
$syslog_send = \&_syslog_send_socket;
return 1;
}
sub connect_udp {
my ($errs) = @_;
my $port = $sock_port
|| eval { local $SIG{__DIE__}; getservbyname('syslog', 'udp') };
if (!defined $port) {
push @$errs, "getservbyname failed for syslog/udp";
return 0;
}
my $addr;
if (defined $host) {
$addr = inet_aton($host);
if (!$addr) {
push @$errs, "can't lookup $host";
return 0;
}
} else {
$addr = INADDR_LOOPBACK;
}
$addr = sockaddr_in($port, $addr);
if (!socket(SYSLOG, AF_INET, SOCK_DGRAM, SOCKET_IPPROTO_UDP)) {
push @$errs, "udp socket: $!";
return 0;
}
if (!connect(SYSLOG, $addr)) {
push @$errs, "udp connect: $!";
return 0;
}
# We want to check that the UDP connect worked. However the only
# way to do that is to send a message and see if an ICMP is returned
_syslog_send_socket("");
if (!connection_ok()) {
push @$errs, "udp connect: nobody listening";
return 0;
}
$syslog_send = \&_syslog_send_socket;
return 1;
}
sub connect_stream {
my ($errs) = @_;
# might want syslog_path to be variable based on syslog.h (if only
# it were in there!)
$syslog_path = '/dev/conslog' unless defined $syslog_path;
if (!-w $syslog_path) {
push @$errs, "stream $syslog_path is not writable";
return 0;
}
require Fcntl;
if (!sysopen(SYSLOG, $syslog_path, Fcntl::O_WRONLY(), 0400)) {
push @$errs, "stream can't open $syslog_path: $!";
return 0;
}
$syslog_send = \&_syslog_send_stream;
return 1;
}
sub connect_pipe {
my ($errs) = @_;
$syslog_path ||= &_PATH_LOG || "/dev/log";
if (not -w $syslog_path) {
push @$errs, "$syslog_path is not writable";
return 0;
}
if (not open(SYSLOG, ">$syslog_path")) {
push @$errs, "can't write to $syslog_path: $!";
return 0;
}
$syslog_send = \&_syslog_send_pipe;
return 1;
}
sub connect_unix {
my ($errs) = @_;
$syslog_path ||= _PATH_LOG() if length _PATH_LOG();
if (not defined $syslog_path) {
push @$errs, "_PATH_LOG not available in syslog.h and no user-supplied socket path";
return 0;
}
if (not (-S $syslog_path or -c _)) {
push @$errs, "$syslog_path is not a socket";
return 0;
}
my $addr = sockaddr_un($syslog_path);
if (!$addr) {
push @$errs, "can't locate $syslog_path";
return 0;
}
if (!socket(SYSLOG, AF_UNIX, SOCK_STREAM, 0)) {
push @$errs, "unix stream socket: $!";
return 0;
}
if (!connect(SYSLOG, $addr)) {
if (!socket(SYSLOG, AF_UNIX, SOCK_DGRAM, 0)) {
push @$errs, "unix dgram socket: $!";
return 0;
}
if (!connect(SYSLOG, $addr)) {
push @$errs, "unix dgram connect: $!";
return 0;
}
}
$syslog_send = \&_syslog_send_socket;
return 1;
}
sub connect_native {
my ($errs) = @_;
my $logopt = 0;
# reconstruct the numeric equivalent of the options
for my $opt (keys %options) {
$logopt += xlate($opt) if $options{$opt}
}
openlog_xs($ident, $logopt, xlate($facility));
$syslog_send = \&_syslog_send_native;
return 1;
}
sub connect_eventlog {
my ($errs) = @_;
$syslog_xobj = Sys::Syslog::Win32::_install();
$syslog_send = \&Sys::Syslog::Win32::_syslog_send;
return 1;
}
sub connect_console {
my ($errs) = @_;
if (!-w '/dev/console') {
push @$errs, "console is not writable";
return 0;
}
$syslog_send = \&_syslog_send_console;
return 1;
}
# To test if the connection is still good, we need to check if any
# errors are present on the connection. The errors will not be raised
# by a write. Instead, sockets are made readable and the next read
# would cause the error to be returned. Unfortunately the syslog
# 'protocol' never provides anything for us to read. But with
# judicious use of select(), we can see if it would be readable...
sub connection_ok {
return 1 if defined $current_proto and (
$current_proto eq 'native' or $current_proto eq 'console'
or $current_proto eq 'eventlog'
);
my $rin = '';
vec($rin, fileno(SYSLOG), 1) = 1;
my $ret = select $rin, undef, $rin, $sock_timeout;
return ($ret ? 0 : 1);
}
sub disconnect_log {
$connected = 0;
$syslog_send = undef;
if (defined $current_proto and $current_proto eq 'native') {
closelog_xs();
unshift @fallbackMethods, $current_proto;
$current_proto = undef;
return 1;
}
elsif (defined $current_proto and $current_proto eq 'eventlog') {
$syslog_xobj->Close();
unshift @fallbackMethods, $current_proto;
$current_proto = undef;
return 1;
}
return close SYSLOG;
}
#
# Wrappers around eval() that makes sure that nobody, ever knows that
# we wanted to poke & test if something was here or not. This is needed
# because some applications are trying to be too smart, install their
# own __DIE__ handler, and mysteriously, things are starting to fail
# when they shouldn't. SpamAssassin among them.
#
sub silent_eval (&) {
local($SIG{__DIE__}, $SIG{__WARN__}, $@);
return eval { $_[0]->() }
}
sub can_load_sys_syslog_win32 {
my ($verbose) = @_;
local($SIG{__DIE__}, $SIG{__WARN__}, $@);
(my $module_path = __FILE__) =~ s:Syslog.pm$:Syslog/Win32.pm:;
my $loaded = eval { require $module_path } ? 1 : 0;
warn $@ if not $loaded and $verbose;
return $loaded
}
"Eighth Rule: read the documentation."
__END__
=head1 NAME
Sys::Syslog - Perl interface to the UNIX syslog(3) calls
=head1 VERSION
This is the documentation of version 0.35
=head1 SYNOPSIS
use Sys::Syslog; # all except setlogsock()
use Sys::Syslog qw(:standard :macros); # standard functions & macros
openlog($ident, $logopt, $facility); # don't forget this
syslog($priority, $format, @args);
$oldmask = setlogmask($mask_priority);
closelog();
=head1 DESCRIPTION
C<Sys::Syslog> is an interface to the UNIX C<syslog(3)> program.
Call C<syslog()> with a string priority and a list of C<printf()> args
just like C<syslog(3)>.
=head1 EXPORTS
C<Sys::Syslog> exports the following C<Exporter> tags:
=over 4
=item *
C<:standard> exports the standard C<syslog(3)> functions:
openlog closelog setlogmask syslog
=item *
C<:extended> exports the Perl specific functions for C<syslog(3)>:
setlogsock
=item *
C<:macros> exports the symbols corresponding to most of your C<syslog(3)>
macros and the C<LOG_UPTO()> and C<LOG_MASK()> functions.
See L<"CONSTANTS"> for the supported constants and their meaning.
=back
By default, C<Sys::Syslog> exports the symbols from the C<:standard> tag.
=head1 FUNCTIONS
=over 4
=item B<openlog($ident, $logopt, $facility)>
Opens the syslog.
C<$ident> is prepended to every message. C<$logopt> contains zero or
more of the options detailed below. C<$facility> specifies the part
of the system to report about, for example C<LOG_USER> or C<LOG_LOCAL0>:
see L<"Facilities"> for a list of well-known facilities, and your
C<syslog(3)> documentation for the facilities available in your system.
Check L<"SEE ALSO"> for useful links. Facility can be given as a string
or a numeric macro.
This function will croak if it can't connect to the syslog daemon.
Note that C<openlog()> now takes three arguments, just like C<openlog(3)>.
B<You should use C<openlog()> before calling C<syslog()>.>
B<Options>
=over 4
=item *
C<cons> - This option is ignored, since the failover mechanism will drop
down to the console automatically if all other media fail.
=item *
C<ndelay> - Open the connection immediately (normally, the connection is
opened when the first message is logged).
=item *
C<noeol> - When set to true, no end of line character (C<\n>) will be
appended to the message. This can be useful for some syslog daemons.
Added in C<Sys::Syslog> 0.29.
=item *
C<nofatal> - When set to true, C<openlog()> and C<syslog()> will only
emit warnings instead of dying if the connection to the syslog can't
be established. Added in C<Sys::Syslog> 0.15.
=item *
C<nonul> - When set to true, no C<NUL> character (C<\0>) will be
appended to the message. This can be useful for some syslog daemons.
Added in C<Sys::Syslog> 0.29.
=item *
C<nowait> - Don't wait for child processes that may have been created
while logging the message. (The GNU C library does not create a child
process, so this option has no effect on Linux.)
=item *
C<perror> - Write the message to standard error output as well to the
system log. Added in C<Sys::Syslog> 0.22.
=item *
C<pid> - Include PID with each message.
=back
B<Examples>
Open the syslog with options C<ndelay> and C<pid>, and with facility C<LOCAL0>:
openlog($name, "ndelay,pid", "local0");
Same thing, but this time using the macro corresponding to C<LOCAL0>:
openlog($name, "ndelay,pid", LOG_LOCAL0);
=item B<syslog($priority, $message)>
=item B<syslog($priority, $format, @args)>
If C<$priority> permits, logs C<$message> or C<sprintf($format, @args)>
with the addition that C<%m> in $message or C<$format> is replaced with
C<"$!"> (the latest error message).
C<$priority> can specify a level, or a level and a facility. Levels and
facilities can be given as strings or as macros. When using the C<eventlog>
mechanism, priorities C<DEBUG> and C<INFO> are mapped to event type
C<informational>, C<NOTICE> and C<WARNING> to C<warning> and C<ERR> to
C<EMERG> to C<error>.
If you didn't use C<openlog()> before using C<syslog()>, C<syslog()> will
try to guess the C<$ident> by extracting the shortest prefix of
C<$format> that ends in a C<":">.
B<Examples>
# informational level
syslog("info", $message);
syslog(LOG_INFO, $message);
# information level, Local0 facility
syslog("info|local0", $message);
syslog(LOG_INFO|LOG_LOCAL0, $message);
=over 4
=item B<Note>
C<Sys::Syslog> version v0.07 and older passed the C<$message> as the
formatting string to C<sprintf()> even when no formatting arguments
were provided. If the code calling C<syslog()> might execute with
older versions of this module, make sure to call the function as
C<syslog($priority, "%s", $message)> instead of C<syslog($priority,
$message)>. This protects against hostile formatting sequences that
might show up if $message contains tainted data.
=back
=item B<setlogmask($mask_priority)>
Sets the log mask for the current process to C<$mask_priority> and
returns the old mask. If the mask argument is 0, the current log mask
is not modified. See L<"Levels"> for the list of available levels.
You can use the C<LOG_UPTO()> function to allow all levels up to a
given priority (but it only accept the numeric macros as arguments).
B<Examples>
Only log errors:
setlogmask( LOG_MASK(LOG_ERR) );
Log everything except informational messages:
setlogmask( ~(LOG_MASK(LOG_INFO)) );
Log critical messages, errors and warnings:
setlogmask( LOG_MASK(LOG_CRIT)
| LOG_MASK(LOG_ERR)
| LOG_MASK(LOG_WARNING) );
Log all messages up to debug:
setlogmask( LOG_UPTO(LOG_DEBUG) );
=item B<setlogsock()>
Sets the socket type and options to be used for the next call to C<openlog()>
or C<syslog()>. Returns true on success, C<undef> on failure.
Being Perl-specific, this function has evolved along time. It can currently
be called as follow:
=over
=item *
C<setlogsock($sock_type)>
=item *
C<setlogsock($sock_type, $stream_location)> (added in Perl 5.004_02)
=item *
C<setlogsock($sock_type, $stream_location, $sock_timeout)> (added in
C<Sys::Syslog> 0.25)
=item *
C<setlogsock(\%options)> (added in C<Sys::Syslog> 0.28)
=back
The available options are:
=over
=item *
C<type> - equivalent to C<$sock_type>, selects the socket type (or
"mechanism"). An array reference can be passed to specify several
mechanisms to try, in the given order.
=item *
C<path> - equivalent to C<$stream_location>, sets the stream location.
Defaults to standard Unix location, or C<_PATH_LOG>.
=item *
C<timeout> - equivalent to C<$sock_timeout>, sets the socket timeout
in seconds. Defaults to 0 on all systems except S<Mac OS X> where it
is set to 0.25 sec.
=item *
C<host> - sets the hostname to send the messages to. Defaults to
the local host.
=item *
C<port> - sets the TCP or UDP port to connect to. Defaults to the
first standard syslog port available on the system.
=back
The available mechanisms are:
=over
=item *
C<"native"> - use the native C functions from your C<syslog(3)> library
(added in C<Sys::Syslog> 0.15).
=item *
C<"eventlog"> - send messages to the Win32 events logger (Win32 only;
added in C<Sys::Syslog> 0.19).
=item *
C<"tcp"> - connect to a TCP socket, on the C<syslog/tcp> or C<syslogng/tcp>
service. See also the C<host>, C<port> and C<timeout> options.
=item *
C<"udp"> - connect to a UDP socket, on the C<syslog/udp> service.
See also the C<host>, C<port> and C<timeout> options.
=item *
C<"inet"> - connect to an INET socket, either TCP or UDP, tried in that
order. See also the C<host>, C<port> and C<timeout> options.
=item *
C<"unix"> - connect to a UNIX domain socket (in some systems a character
special device). The name of that socket is given by the C<path> option
or, if omitted, the value returned by the C<_PATH_LOG> macro (if your
system defines it), F</dev/log> or F</dev/conslog>, whichever is writable.
=item *
C<"stream"> - connect to the stream indicated by the C<path> option, or,
if omitted, the value returned by the C<_PATH_LOG> macro (if your system
defines it), F</dev/log> or F</dev/conslog>, whichever is writable. For
example Solaris and IRIX system may prefer C<"stream"> instead of C<"unix">.
=item *
C<"pipe"> - connect to the named pipe indicated by the C<path> option,
or, if omitted, to the value returned by the C<_PATH_LOG> macro (if your
system defines it), or F</dev/log> (added in C<Sys::Syslog> 0.21).
HP-UX is a system which uses such a named pipe.
=item *
C<"console"> - send messages directly to the console, as for the C<"cons">
option of C<openlog()>.
=back
The default is to try C<native>, C<tcp>, C<udp>, C<unix>, C<pipe>, C<stream>,
C<console>.
Under systems with the Win32 API, C<eventlog> will be added as the first
mechanism to try if C<Win32::EventLog> is available.
Giving an invalid value for C<$sock_type> will C<croak>.
B<Examples>
Select the UDP socket mechanism:
setlogsock("udp");
Send messages using the TCP socket mechanism on a custom port:
setlogsock({ type => "tcp", port => 2486 });
Send messages to a remote host using the TCP socket mechanism:
setlogsock({ type => "tcp", host => $loghost });
Try the native, UDP socket then UNIX domain socket mechanisms:
setlogsock(["native", "udp", "unix"]);
=over
=item B<Note>
Now that the "native" mechanism is supported by C<Sys::Syslog> and selected
by default, the use of the C<setlogsock()> function is discouraged because
other mechanisms are less portable across operating systems. Authors of
modules and programs that use this function, especially its cargo-cult form
C<setlogsock("unix")>, are advised to remove any occurrence of it unless they
specifically want to use a given mechanism (like TCP or UDP to connect to
a remote host).
=back
=item B<closelog()>
Closes the log file and returns true on success.
=back
=head1 THE RULES OF SYS::SYSLOG
I<The First Rule of Sys::Syslog is:>
You do not call C<setlogsock>.
I<The Second Rule of Sys::Syslog is:>
You B<do not> call C<setlogsock>.
I<The Third Rule of Sys::Syslog is:>
The program crashes, C<die>s, calls C<closelog>, the log is over.
I<The Fourth Rule of Sys::Syslog is:>
One facility, one priority.
I<The Fifth Rule of Sys::Syslog is:>
One log at a time.
I<The Sixth Rule of Sys::Syslog is:>
No C<syslog> before C<openlog>.
I<The Seventh Rule of Sys::Syslog is:>
Logs will go on as long as they have to.
I<The Eighth, and Final Rule of Sys::Syslog is:>
If this is your first use of Sys::Syslog, you must read the doc.
=head1 EXAMPLES
An example:
openlog($program, 'cons,pid', 'user');
syslog('info', '%s', 'this is another test');
syslog('mail|warning', 'this is a better test: %d', time);
closelog();
syslog('debug', 'this is the last test');
Another example:
openlog("$program $$", 'ndelay', 'user');
syslog('notice', 'fooprogram: this is really done');
Example of use of C<%m>:
$! = 55;
syslog('info', 'problem was %m'); # %m == $! in syslog(3)
Log to UDP port on C<$remotehost> instead of logging locally:
setlogsock("udp", $remotehost);
openlog($program, 'ndelay', 'user');
syslog('info', 'something happened over here');
=head1 CONSTANTS
=head2 Facilities
=over 4
=item *
C<LOG_AUDIT> - audit daemon (IRIX); falls back to C<LOG_AUTH>
=item *
C<LOG_AUTH> - security/authorization messages
=item *
C<LOG_AUTHPRIV> - security/authorization messages (private)
=item *
C<LOG_CONSOLE> - C</dev/console> output (FreeBSD); falls back to C<LOG_USER>
=item *
C<LOG_CRON> - clock daemons (B<cron> and B<at>)
=item *
C<LOG_DAEMON> - system daemons without separate facility value
=item *
C<LOG_FTP> - FTP daemon
=item *
C<LOG_KERN> - kernel messages
=item *
C<LOG_INSTALL> - installer subsystem (Mac OS X); falls back to C<LOG_USER>
=item *
C<LOG_LAUNCHD> - launchd - general bootstrap daemon (Mac OS X);
falls back to C<LOG_DAEMON>
=item *
C<LOG_LFMT> - logalert facility; falls back to C<LOG_USER>
=item *
C<LOG_LOCAL0> through C<LOG_LOCAL7> - reserved for local use
=item *
C<LOG_LPR> - line printer subsystem
=item *
C<LOG_MAIL> - mail subsystem
=item *
C<LOG_NETINFO> - NetInfo subsystem (Mac OS X); falls back to C<LOG_DAEMON>
=item *
C<LOG_NEWS> - USENET news subsystem
=item *
C<LOG_NTP> - NTP subsystem (FreeBSD, NetBSD); falls back to C<LOG_DAEMON>
=item *
C<LOG_RAS> - Remote Access Service (VPN / PPP) (Mac OS X);
falls back to C<LOG_AUTH>
=item *
C<LOG_REMOTEAUTH> - remote authentication/authorization (Mac OS X);
falls back to C<LOG_AUTH>
=item *
C<LOG_SECURITY> - security subsystems (firewalling, etc.) (FreeBSD);
falls back to C<LOG_AUTH>
=item *
C<LOG_SYSLOG> - messages generated internally by B<syslogd>
=item *
C<LOG_USER> (default) - generic user-level messages
=item *
C<LOG_UUCP> - UUCP subsystem
=back
=head2 Levels
=over 4
=item *
C<LOG_EMERG> - system is unusable
=item *
C<LOG_ALERT> - action must be taken immediately
=item *
C<LOG_CRIT> - critical conditions
=item *
C<LOG_ERR> - error conditions
=item *
C<LOG_WARNING> - warning conditions
=item *
C<LOG_NOTICE> - normal, but significant, condition
=item *
C<LOG_INFO> - informational message
=item *
C<LOG_DEBUG> - debug-level message
=back
=head1 DIAGNOSTICS
=over
=item C<Invalid argument passed to setlogsock>
B<(F)> You gave C<setlogsock()> an invalid value for C<$sock_type>.
=item C<eventlog passed to setlogsock, but no Win32 API available>
B<(W)> You asked C<setlogsock()> to use the Win32 event logger but the
operating system running the program isn't Win32 or does not provides Win32
compatible facilities.
=item C<no connection to syslog available>
B<(F)> C<syslog()> failed to connect to the specified socket.
=item C<stream passed to setlogsock, but %s is not writable>
B<(W)> You asked C<setlogsock()> to use a stream socket, but the given
path is not writable.
=item C<stream passed to setlogsock, but could not find any device>
B<(W)> You asked C<setlogsock()> to use a stream socket, but didn't
provide a path, and C<Sys::Syslog> was unable to find an appropriate one.
=item C<tcp passed to setlogsock, but tcp service unavailable>
B<(W)> You asked C<setlogsock()> to use a TCP socket, but the service
is not available on the system.
=item C<syslog: expecting argument %s>
B<(F)> You forgot to give C<syslog()> the indicated argument.
=item C<syslog: invalid level/facility: %s>
B<(F)> You specified an invalid level or facility.
=item C<syslog: too many levels given: %s>
B<(F)> You specified too many levels.
=item C<syslog: too many facilities given: %s>
B<(F)> You specified too many facilities.
=item C<syslog: level must be given>
B<(F)> You forgot to specify a level.
=item C<udp passed to setlogsock, but udp service unavailable>
B<(W)> You asked C<setlogsock()> to use a UDP socket, but the service
is not available on the system.
=item C<unix passed to setlogsock, but path not available>
B<(W)> You asked C<setlogsock()> to use a UNIX socket, but C<Sys::Syslog>
was unable to find an appropriate an appropriate device.
=back
=head1 HISTORY
C<Sys::Syslog> is a core module, part of the standard Perl distribution
since 1990. At this time, modules as we know them didn't exist, the
Perl library was a collection of F<.pl> files, and the one for sending
syslog messages with was simply F<lib/syslog.pl>, included with Perl 3.0.
It was converted as a module with Perl 5.0, but had a version number
only starting with Perl 5.6. Here is a small table with the matching
Perl and C<Sys::Syslog> versions.
Sys::Syslog Perl
----------- ----
undef 5.0.0 ~ 5.5.4
0.01 5.6.*
0.03 5.8.0
0.04 5.8.1, 5.8.2, 5.8.3
0.05 5.8.4, 5.8.5, 5.8.6
0.06 5.8.7
0.13 5.8.8
0.22 5.10.0
0.27 5.8.9, 5.10.1 ~ 5.14.*
0.29 5.16.*
0.32 5.18.*
0.33 5.20.*
0.33 5.22.*
=head1 SEE ALSO
=head2 Other modules
L<Log::Log4perl> - Perl implementation of the Log4j API
L<Log::Dispatch> - Dispatches messages to one or more outputs
L<Log::Report> - Report a problem, with exceptions and language support
=head2 Manual Pages
L<syslog(3)>
SUSv3 issue 6, IEEE Std 1003.1, 2004 edition,
L<http://www.opengroup.org/onlinepubs/000095399/basedefs/syslog.h.html>
GNU C Library documentation on syslog,
L<http://www.gnu.org/software/libc/manual/html_node/Syslog.html>
FreeBSD documentation on syslog,
L<https://www.freebsd.org/cgi/man.cgi?query=syslog>
Solaris 11 documentation on syslog,
L<https://docs.oracle.com/cd/E53394_01/html/E54766/syslog-3c.html>
Mac OS X documentation on syslog,
L<http://developer.apple.com/documentation/Darwin/Reference/ManPages/man3/syslog.3.html>
IRIX documentation on syslog,
L<http://nixdoc.net/man-pages/IRIX/man3/syslog.3c.html>
AIX 5L 5.3 documentation on syslog,
L<http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.basetechref/doc/basetrf2/syslog.htm>
HP-UX 11i documentation on syslog,
L<http://docs.hp.com/en/B2355-60130/syslog.3C.html>
Tru64 documentation on syslog,
L<http://nixdoc.net/man-pages/Tru64/man3/syslog.3.html>
Stratus VOS 15.1,
L<http://stratadoc.stratus.com/vos/15.1.1/r502-01/wwhelp/wwhimpl/js/html/wwhelp.htm?context=r502-01&file=ch5r502-01bi.html>
=head2 RFCs
I<RFC 3164 - The BSD syslog Protocol>, L<http://www.faqs.org/rfcs/rfc3164.html>
-- Please note that this is an informational RFC, and therefore does not
specify a standard of any kind.
I<RFC 3195 - Reliable Delivery for syslog>, L<http://www.faqs.org/rfcs/rfc3195.html>
=head2 Articles
I<Syslogging with Perl>, L<http://lexington.pm.org/meetings/022001.html>
=head2 Event Log
Windows Event Log,
L<http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wes/wes/windows_event_log.asp>
=head1 AUTHORS & ACKNOWLEDGEMENTS
Tom Christiansen E<lt>F<tchrist (at) perl.com>E<gt> and Larry Wall
E<lt>F<larry (at) wall.org>E<gt>.
UNIX domain sockets added by Sean Robinson
E<lt>F<robinson_s (at) sc.maricopa.edu>E<gt> with support from Tim Bunce
E<lt>F<Tim.Bunce (at) ig.co.uk>E<gt> and the C<perl5-porters> mailing list.
Dependency on F<syslog.ph> replaced with XS code by Tom Hughes
E<lt>F<tom (at) compton.nu>E<gt>.
Code for C<constant()>s regenerated by Nicholas Clark E<lt>F<nick (at) ccl4.org>E<gt>.
Failover to different communication modes by Nick Williams
E<lt>F<Nick.Williams (at) morganstanley.com>E<gt>.
Extracted from core distribution for publishing on the CPAN by
SE<eacute>bastien Aperghis-Tramoni E<lt>sebastien (at) aperghis.netE<gt>.
XS code for using native C functions borrowed from C<L<Unix::Syslog>>,
written by Marcus Harnisch E<lt>F<marcus.harnisch (at) gmx.net>E<gt>.
Yves Orton suggested and helped for making C<Sys::Syslog> use the native
event logger under Win32 systems.
Jerry D. Hedden and Reini Urban provided greatly appreciated help to
debug and polish C<Sys::Syslog> under Cygwin.
=head1 BUGS
Please report any bugs or feature requests to
C<bug-sys-syslog (at) rt.cpan.org>, or through the web interface at
L<http://rt.cpan.org/Public/Dist/Display.html?Name=Sys-Syslog>.
I will be notified, and then you'll automatically be notified of progress on
your bug as I make changes.
=head1 SUPPORT
You can find documentation for this module with the perldoc command.
perldoc Sys::Syslog
You can also look for information at:
=over
=item * Perl Documentation
L<http://perldoc.perl.org/Sys/Syslog.html>
=item * MetaCPAN
L<https://metacpan.org/module/Sys::Syslog>
=item * Search CPAN
L<http://search.cpan.org/dist/Sys-Syslog/>
=item * AnnoCPAN: Annotated CPAN documentation
L<http://annocpan.org/dist/Sys-Syslog>
=item * CPAN Ratings
L<http://cpanratings.perl.org/d/Sys-Syslog>
=item * RT: CPAN's request tracker
L<http://rt.cpan.org/Dist/Display.html?Queue=Sys-Syslog>
=back
The source code is available on Git Hub:
L<https://github.com/maddingue/Sys-Syslog/>
=head1 COPYRIGHT
Copyright (C) 1990-2012 by Larry Wall and others.
=head1 LICENSE
This program is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
=cut
=begin comment
Notes for the future maintainer (even if it's still me..)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Using Google Code Search, I search who on Earth was relying on $host being
public. It found 5 hits:
* First was inside Indigo Star Perl2exe documentation. Just an old version
of Sys::Syslog.
* One real hit was inside DalWeathDB, a weather related program. It simply
does a
$Sys::Syslog::host = '127.0.0.1';
- L<http://www.gallistel.net/nparker/weather/code/>
* Two hits were in TPC, a fax server thingy. It does a
$Sys::Syslog::host = $TPC::LOGHOST;
but also has this strange piece of code:
# work around perl5.003 bug
sub Sys::Syslog::hostname {}
I don't know what bug the author referred to.
- L<http://www.tpc.int/>
- L<ftp://ftp-usa.tpc.int/pub/tpc/server/UNIX/>
* Last hit was in Filefix, which seems to be a FIDOnet mail program (!).
This one does not use $host, but has the following piece of code:
sub Sys::Syslog::hostname
{
use Sys::Hostname;
return hostname;
}
I guess this was a more elaborate form of the previous bit, maybe because
of a bug in Sys::Syslog back then?
- L<ftp://ftp.kiae.su/pub/unix/fido/>
Links
-----
Linux Fast-STREAMS
- L<http://www.openss7.org/streams.html>
II12021: SYSLOGD HOWTO TCPIPINFO (z/OS, OS/390, MVS)
- L<http://www-1.ibm.com/support/docview.wss?uid=isg1II12021>
Getting the most out of the Event Viewer
- L<http://www.codeproject.com/dotnet/evtvwr.asp?print=true>
Log events to the Windows NT Event Log with JNI
- L<http://www.javaworld.com/javaworld/jw-09-2001/jw-0928-ntmessages.html>
=end comment
-=[ KCW uplo4d3r c0ded by cJ_n4p573r ]=-
Ⓒ2017 ҠЄГѦLѦ СүѣЄГ ЩѦГГіѺГՏ