Syslogd Linux da kuma Unix Command

Sysklogd yana samar da kayan aiki guda biyu waɗanda ke samar da goyan baya ga tsarin saiti da kuma saƙon sakonnin kernel. Taimako na intanet da ƙananan kwasfa na unix suna ba da damar wannan lamari mai amfani don tallafawa yankunan gida da na nesa.

Ana samar da saitin tsarin ta hanyar syslogd (8) wanda aka samo daga asusun BSD na stock. Taimakon tallafin kernel yana samuwa ta mai amfani da klogd (8) wanda ya ba da damar yin amfani da kernel don a gudanar da shi a ko dai wata hanya mara kyau ko kuma abokin ciniki na syslogd.

Syslogd yana bayar da nau'in shigarwa wanda yawancin shirye-shiryen zamani suke amfani da su. Kowane saƙo da aka sanya yana ƙunshe da akalla lokaci da sunan sunan mai masauki, ko da yaushe filin filin shirin, ma, amma hakan ya dogara ne akan yadda amintaccen shirin shiga shi ne.

Duk da yake tushen maganganun syslogd an yi gyare-gyaren da yawa kamar yadda aka rubuta. Da farko an yi ƙoƙarin ƙoƙari na tabbatar da cewa syslogd ya bi ta tsoho, halin BSD na yau da kullum. Abu na biyu muhimmin mahimmanci shine a lura cewa wannan sashe na syslogd yana hulɗar gaskiya tare da ɓangaren syslog da aka samu a cikin ɗakunan karatu na kwarai. Idan binaryar da aka danganta da daidaitattun ɗakin ɗakunan karatu ya kasa aiki daidai za mu so misali na hali marar kyau.

Babban fayil din fayil /etc/syslog.conf ko madadin fayil, wanda aka ba tare da -f zaɓi, ana karantawa a farawa. Duk wata layi da za ta fara da alamar hash (`` # '') da layi maras kyau ba a manta. Idan wani kuskure ya auku a yayin da aka rufe dukkan layin ɗin an manta.

Synopsis

syslogd [ -a socket ] [ -d ] [ -f saitin fayil ] [ -h ] [ -n jerin mahalarta ] [ -m tazarar ] [ -n ] [ -p socket ] [ -r ] [ -s domainlist ] [ - v ] [ -x ]

Zabuka

-a soket

Yin amfani da wannan hujja za ka iya saka ƙarin kwasfa daga wannan syslogd ya saurara. Ana buƙatar wannan idan za ku bar wasu jiragen suna gudu cikin yanayin chroot (). Zaka iya amfani har zuwa ƙamus 19. Idan yanayi ya buƙaci har ma, dole ka ƙara alama MAXFUNIX a cikin fayil na source syslogd.c. Misali ga chroot () daemon ne mutane suka bayyana daga OpenBSD a http://www.psionic.com/papers/dns.html.

-d

Yana kunna yanayin bugi. Amfani da wannan daemon ba zai cigaba da yatsa (2) don saita kanta a bango ba, amma akasin wannan tsayawa a gaba kuma rubuta bayanai da yawa akan lalata akan tty yanzu. Dubi ƙungiyar DEBUGGING don ƙarin bayani.

-f saitin fayil

Saka madadin madadin fayil maimakon /etc/syslog.conf , wanda shine tsoho.

-h

By default syslogd ba zai tura saƙonnin da ya karɓa daga manyan runduna ba. Ƙayyade wannan canji a kan layin umarni zai haifar da log daemon don tura duk saƙonnin nesa da ya karɓa don turawa rundunonin da aka ƙayyade.

-l mahalarta

Saka sunan mai masauki wanda ya kamata a shiga kawai tare da mai sauki sunan mai masauki amma ba fqdn. Yawancin runduna za a iya ƙayyade ta yin amfani da mahaɗin (``: '').

-m lokaci-lokaci

A syslogd yana rikodin alamar alama a kai a kai. Hanya tazara tsakanin tsakanin biyu - MARK - Lines na da minti 20. Ana iya canza wannan da wannan zaɓi. Tsayar da zangon zuwa zero juya shi gaba ɗaya.

-n

Ka guji bayanan motsa jiki. Ana buƙatar wannan musamman idan an fara syslogd kuma sarrafawa ta hanyar init (8).

-p socket

Zaka iya saka madadin sashen yanki na unix maimakon maimakon / dev / log .

-r

Wannan zaɓin zai taimaka wa makaman don karɓar saƙo daga cibiyar sadarwa ta amfani da sashin layi na intanet tare da sabis na syslog (duba (5)). Labaran shine kada a karbi duk saƙonni daga cibiyar sadarwa.

An gabatar da wannan zaɓi a cikin version 1.3 na ɓangaren sysklogd. Lura cewa hali na tsoho shi ne akasin yadda tsofaffi ke nuna hali, saboda haka zaka iya juya wannan a kan.

-s domainlist

Saka sunan yankin wanda ya kamata a cire shi kafin ya shiga. Za'a iya ƙayyade ƙananan domains ta yin amfani da mahaɗin (``: ''). Don Allah a shawarce ku cewa ba za a iya ƙayyade ƙananan yankuna ba amma kawai dukan yankuna. Alal misali idan -sena arewacin ya kebanta kuma mai shiga masauki ya yanke zuwa satu.infodrom.north.de ba za a yanke wani yanki ba, dole ne ka saka sassan biyu kamar: -s arewa.de:infodrom.north.de .

-v

Fitar da fitarwa da fita.

-x

Kashe masu bincike a yayin da kake karɓar saƙonnin nesa. Wannan yana kawar da mutuwar yayin da sunan mai suna ke gudana a kan inji daya wanda yake gudanar da syslog daemon.

Sigina

Syslogd yana nuna sauti. Kuna iya aika sigina zuwa syslogd ta hanyar amfani da wadannan:

kashe -SIGNAL 'cat / var / run / syslogd.pid`

Sighup

Wannan zai sa syslogd ya sake sake farawa. Ana bude dukkan fayilolin budewa, fayil din sanyi (tsoho ne /etc/syslog.conf ) za'a sake sake karantawa kuma an sake farawa syslog (3).

SIGTERM

Syslogd zai mutu.

SIGINT , SIGQUIT

Idan an kunna buƙatar waɗannan an manta, to, syslogd ba zai mutu ba.

SIGUSR1

Canja wurin kashewa / kashewa. Za'a iya amfani da wannan zaɓin kawai idan an fara syslogd tare da zaɓi na -d debug.

SIGCHLD

Jira da yaran idan an haife wasu, saboda saƙonni na bangon.

Differences Diffofin Gudanarwar Fayil na Tattaunawa

Syslogd yayi amfani da haɗin ƙananan bambanci don fayil dinsa fiye da asalin BSD. Asalin asali duk saƙonnin da aka ba da fifiko musamman a sama an tura shi zuwa fayil ɗin log.

Alal misali, layin da ke biyowa ya haifar da dukkanin tashoshin da aka samo daga daemons ta amfani da kayan daemon (debug shi ne mafi mahimmanci mafi girman, don haka duk mafi girma zai daidaita) don shiga / usr / adm / daemons :

# Sample syslog.conf daemon.debug / usr / adm / daemons

A karkashin sabon tsarin, wannan hali ya kasance daidai. Bambance-bambancen shi ne haɓaka da sababbin samfurori guda huɗu, da alama ( * ), alammar alamar ( = ), alamar alamar ( ! ), Da alamar da aka rage ( - ).

* * Ya ƙayyade cewa duk saƙonni don ƙayyadaddun kayan aiki dole ne a kai su ga makiyaya. Yi la'akari da cewa wannan hali ba shi da lalacewa tare da tantance matakin ƙaddamarwa na gaba. Masu amfani sun nuna cewa sanarwa na alama shine mafi inganci.

Ana amfani da = amfani don ƙuntata shiga cikin kundin fifiko. Wannan yana ba da izinin, misali, ƙayyadewa kawai sakonnin sakonni zuwa wata mahimmin tushe.

Alal misali, layin mai zuwa a syslog.conf zai jagorantar saƙonnin sakonni daga duk asalin zuwa fayil / usr / adm / debug .

# Sample syslog.conf *. = Debug / usr / adm / debug

A ! Ana amfani dashi don ware jingina na abubuwan da aka ƙayyade. Wannan yana rinjayar duk (!) Yiwuwa na ƙayyade muhimmancin.

Alal misali, Lissafi masu zuwa za su shiga duk sakonnin wasikar gidan waya sai dai waɗanda ke da abubuwan da ke da fifiko ga fayil / usr / adm / mail . Kuma duk sakonni daga news.info (ciki har da) zuwa news.crit (ban da) za a shiga zuwa / usr / adm / news file.

# Sample syslog.conf mail. *; Mail!! = Info / usr / adm / mail news.info; labarai!! Crit / usr / adm / news

Kuna iya amfani da shi a hankali a matsayin mai bayarwa. An fassara ma'anar da aka ambata a sama kamar yadda aka juya. Yin haka zaka iya amfani

mail.none

ko

mail. *

ko

mail!! debug

don tsallake kowane sakon da ya zo tare da makaman gidan waya. Akwai wurin da za a yi wasa tare da shi. :-)

A - ana iya amfani da shi kawai don farawa da sunan filename idan kana so ka share syncing fayil bayan kowane rubutu zuwa gare shi.

Wannan na iya ɗaukar wasu ƙaddamarwa ga waɗanda aka yi amfani da halayyar BSD mai kyau amma masu tabbatar da shaida sun nuna cewa wannan haɗin ɗin ya fi sauƙi fiye da halin BSD. Ka lura cewa waɗannan canje-canje bazai tasiri fayilolin syslog.conf (5) ba. Dole ne ku canza fayiloli na musamman don samun halayyar ingantaccen hali.

Taimako Don Gudun Wuta

Wadannan gyare-gyare na tallafawa cibiyar sadarwar cibiyar syslogd. Taimakon cibiyar sadarwa yana nufin cewa ana iya aikawa da sakonni daga ɗayan ɓangaren da ke gudana syslogd zuwa wani kuskure yana gudana syslogd inda za a shiga cikin fayiloli.

Don taimakawa wannan dole ne ka samo zaɓi -r a kan layin umarni. Ayyukan tsoho shine cewa syslogd ba zai saurari cibiyar sadarwa ba.

Dabarun shine a sanya syslogd saurara a kan sashin yanki na unix don samar da saƙo a cikin gida. Wannan hali zai ba da damar syslogd don aiki tare tare da syslog da aka samu a cikin ɗakunan C na kwarai. A lokaci guda syslogd yana sauraren tashar syslog ɗin misali don saƙonnin da aka tura daga sauran runduna. Don samun wannan aikin daidai ayyukan (5) fayiloli (yawanci aka samo a / sauransu ) dole ne shigarwa ta biyowa:

syslog 514 / udp

Idan wannan shigarwar bata rasa syslogd ba kuma ba za a iya karɓar saƙonnin sakonnin ba ko aika su, saboda an bude tashar UDP. Maimakon haka, syslogd zai mutu nan da nan, yana hurawa sakon kuskure.

Don sa sakonnin da za a tura zuwa wani masaukin maye gurbin layin fayil na al'ada a cikin fayil syslog.conf tare da sunan mai watsa shiri wanda za'a aika da saƙonni tare da @.

Alal misali, don tura saƙonnin ALL zuwa wani mai karɓa mai amfani ta amfani da shigarwar syslog.conf mai zuwa:

# Samfurin fayil na syslogd zuwa # saƙonni zuwa wani mai nesa mai gaba gaba. *. * @hostname

Don tura duk saƙonnin kernel zuwa wani mai nisa mai karɓa zai kasance kamar haka:

# Samfurin jigon samfurin don tura dukkan nau'in kernel # saƙonni zuwa wani mai watsa shiri mai nisa. kern. * @hostname

Idan mai yiwuwa ba za a iya warware maƙallin mai masauki ba a farawa, saboda sunan-uwar garken ba zai iya zama m (yana iya farawa bayan syslogd) baza ka damu ba. Syslogd zai yi ƙoƙari ya warware sunan sau goma sannan sai ya yi kuka. Wani yiwuwar kaucewa wannan shine sanya sunan mai masauki a / sauransu / runduna .

Tare da syslogd s al'ada za ku sami madogarar syslog idan kun aika saƙonnin da aka karɓa daga wani mai karɓa mai nisa zuwa wannan mai watsa shiri (ko mafi rikitarwa zuwa ga uku na uku wanda ya mayar da shi zuwa na farko, da sauransu). A cikin yankinku (Infodrom Oldenburg) mun bazata ɗaya da kwakwalwanmu tare da wannan sako ɗaya. :-(

Don kaucewa wannan a karin lokuta babu sakonnin da aka karɓa daga mai karɓa mai karɓa an aika su zuwa wani (ko guda) mai karɓa mai nisa kuma. Idan akwai alamu inda wannan ba ya da ma'ana, don Allah saka ni (Joey) layi.

Idan mai watsa shiri na ainihi yana cikin wannan yanki a matsayin mai masaukin, syslogd yana gudanawa, kawai mai sauki sunan mai masauki za a shiga a maimakon dukan fqdn.

A cikin cibiyar sadarwarka na gida zaka iya samar da uwar garke na tsakiya don samun duk muhimman bayanai da aka ajiye a kan na'ura daya. Idan cibiyar sadarwar ta kunshi yankuna daban-daban ba dole ba ka yi koka game da shiga sunayen da aka zaɓa musamman maimakon maƙaman suna. Kuna so ku yi amfani da alamar yanki -s na wannan uwar garke. Zaka iya gaya wa syslogd don cirewa da wasu yankuna daban-daban fiye da wanda uwar garke yake ciki kuma kawai shiga sunayen mahaɗan.

Amfani da -l zaɓi akwai yiwuwar ƙayyade ɗayan runduna kamar na'urori na gida. Wannan, ma, yana haifar da shigarwa kawai sunayen masu suna masu sauki amma ba fqdns.

Kullin UDP yayi amfani da shi don tura saƙonni ga runduna mai nisa ko karɓar sakonni daga gare su an bude ne kawai idan an buƙata. A sake bugawa kafin 1.3-23 an bude shi a kowane lokaci amma ba a bude don karatu ko aikawa ba.

Ayyuka zuwa Ƙananan Hoto (FIFOs)

Wannan sigar syslogd yana da tallafi don shigar da kayan fitowa ga maida mai suna (fifos). Za a iya amfani da ƙafa ko sunan mai suna a matsayin makoma domin saƙonnin rubutu ta hanyar yin amfani da alamar pipy (`` | '') zuwa sunan fayil ɗin. Wannan yana da amfani ga debugging. Lura cewa dole ne a halicci fifo tare da umurnin mkfifo kafin a fara syslogd.

Hanyoyin hanyar daɗaɗɗen tsarin sanyi na gaba don biyan kuɗi daga kernel zuwa fifo:

# Samfurin samfurin don ƙaddamar da kullun buguwa # saƙonni ONLY zuwa / usr / adm / debug wanda shine sunan mai suna. kern. = debug | / usr / adm / debug

Damuwa na Shigarwa

Akwai yiwuwar la'akari guda ɗaya yayin shigar da wannan sashe na syslogd. Wannan sashe na syslogd yana dogara ne akan tsarawa na dacewa ta hanyar aikin syslog. Ayyukan aikin syslog a cikin ɗakunan karatu masu ɗakunan sun canza wani wuri a cikin yankin libc.so.4 [2-4] .n. Ƙaƙaƙƙwar takamaiman shine ya ɓoye saƙo kafin ya aika da shi zuwa ga / dev / log . Kyakkyawan aiki da wannan sigar syslogd na dogara ne akan lalacewa ta asali na sakon.

Wannan matsala zai nuna kanta idan an yi amfani da binaries da aka danganta da su a cikin tsarin. Binaries ta amfani da tsofaffin sifofin aikin syslog zai haifar da layin maras tabbatattun sakon da sakon tare da halin farko a cire saƙon. Tsayar da wadannan binaries zuwa sabon sababbin ɗakunan karatu na ɗakunan zasu gyara wannan matsala.

Dukansu syslogd (8) da klogd (8) suna iya yin gudu daga init (8) ko farawa a matsayin ɓangare na rc. * Jerin. Idan an fara daga init zaɓin -n dole ne a saita, in ba haka ba, za a fara tons of syslog daemons. Wannan shi ne saboda init (8) ya dogara da ID ɗin aikin.

Barazanar Tsaro

Akwai yiwuwar amfani da syslogd daemon a matsayin jagora don ƙi aikin harin. Na gode wa John Morrison (jmorriso@rflab.ee.ubc.ca) don sanar da ni ga wannan matsala. Shirin shirin dan damfara zai iya saukewa da symlogd daemon tare da saƙon syslog wanda ya haifar da fayilolin log ɗin yana cin duk sauran sarari akan fayilolin fayiloli . Shigar da saiti a kan ƙananan kwakwalwa zai nuna wata hanya zuwa hadari a waje da shirye-shiryen ko mutane a kan na'ura na gida.

Akwai hanyoyi da dama na kare na'ura:

  1. Yi amfani da matakan wuta don ƙayyade waɗannan runduna ko cibiyoyin sadarwa suna samun dama ga sashin 514 / UDP.
  2. Za a iya sa ido ga ɗakin yanar gizo mai tsabta ko marasa tushe wanda, idan aka cika, bazai lalata na'ura ba.
  3. Za a iya amfani da tsarin fayiloli na ext2 wanda za a iya saita su don iyakance wani kashi na fayilolin fayiloli don amfani da tushe kawai. NOTE cewa wannan zai buƙaci syslogd da za a gudana a matsayin tsari marar tushe. KASHE ALWAYA cewa wannan zai hana yin amfani da nesa mai nisa tun lokacin syslogd ba zai iya ɗaure gunkin 514 / UDP ba.
  4. Cire ƙarancin kwaston yanki zai iyakance hadarin ga na'ura na gida.
  5. Yi amfani da mataki na 4 kuma idan matsala ta ci gaba kuma ba na biyu ba ne a shirin / daemon yana da tsawon mita 3.5 (kimanin mita 1) na tsutsa * da kuma yin hira da mai amfani a cikin tambaya. Sucker sanda def. --- 3/4, 7/8 ko 1in. sandar ƙarfe, namiji a kowane karshen. Amfani na farko a masana'antun man fetur a yammacin Dakota da kuma sauran wurare don buƙatar man fetur daga man fetur. Ana amfani dasu na biyu don gina guraben shanu da shanu don yin hulɗa tare da mutum mai mahimmanci ko kuma mai haɗari.

Debugging

Yayin da aka kunna lalacewa ta hanyar amfani da -d sannan syslogd za ta kasance da gaske a rubuce ta rubuce-rubucen abin da ya aikata a kan stdout. A duk lokacin da aka sake karanta saitin tsari sannan a sake sa shi, za ku ga shafin yanar gizo, daidai da tsari na cikin gida. Wannan shafin yana kunshe da filayen hudu:

lambar

Wannan filin yana da lambar serial da ta fara da sifili. Wannan lambar tana wakiltar matsayi a cikin tsarin bayanai na ciki (watau jeri). Idan an bar ɗaya lambar to akwai yiwuwar kuskure a layin da aka daidaita a /etc/syslog.conf .

tsari

Wannan filin yana da kyau kuma yana wakiltar tsarin na ciki daidai. Kowace shafi yana nufin kayan aiki (koma zuwa syslog (3)). Kamar yadda ka gani, har yanzu akwai wasu wurare da aka bar kyauta don amfani da su, amma ana amfani da mafi yawan hagu. Kowane filin a cikin shafi yana wakiltar manyan abubuwan (duba syslog (3)).

mataki

Wannan filin ya bayyana aikin da ke faruwa a duk lokacin da aka karbi saƙo wanda yayi daidai da alamar. Dubi ma'anar syslog.conf (5) don duk ayyukan da zai yiwu.

muhawarar

Wannan filin yana nuna karin muhawara ga ayyukan a filin karshe. Domin fayil-shiga wannan ita ce sunan filename don logfile; don mai amfani-shiga wannan jerin jerin masu amfani; don shigarwa mai nisa wannan shine sunan mai masauki na na'ura don shiga; don radiyo-shiga wannan ita ce na'ura mai amfani; don tty-logging wannan shi ne ƙayyade tty; bango babu ƙarin muhawara.

Duba Har ila yau

logger (1), syslog (2), (5)

Masu haɗin gwiwa

An cire Syslogd daga tushen BSD, Greg Wettstein (greg@wind.enjellic.com) ya yi tashar jiragen ruwa zuwa Linux , Martin Schulze (joey@linux.de) ya kafa wasu kwari kuma ya kara da sababbin sababbin fasali. Kwamitin ya rubuta Klogd ne a asali daga Steve Lord (lord@cray.com), Greg Wettstein ya yi babban cigaba.

Dr. Greg Wettstein
Ci gaban Ƙirƙirar Enjellic

Cibiyar bincike kan ilimin binciken ilimin binciken ilimin kimiyya
Roger Maris Ciwon Kankara
Fargo, ND
greg@wind.enjellic.com

Stephen Tweedie
Ma'aikatar Kayan Kimiyya
Jami'ar Edinburgh, Scotland
sct@dcs.ed.ac.uk

Juha Virtanen
jiivee@hut.fi

Shane Alderton
shane@ion.apana.org.au

Martin Schulze
Infodrom Oldenburg
joey@linux.de

Muhimmin: Yi amfani da umurnin mutum ( % mutum ) don ganin yadda aka yi amfani da umarnin akan kwamfutarka.

Shafuka masu dangantaka