Date: Mon, 14 Apr 1997 00:29:45 +0100 From: Brian Somers <brian@awfulhak.org> To: Giles Lean <giles@nemeton.com.au> Cc: Brian Somers <brian@awfulhak.org>, Terry Lambert <terry@lambert.org>, brian@utell.co.uk, freebsd-hackers@freebsd.org Subject: Re: syslogd watching other machine(s) Message-ID: <199704132329.AAA27393@awfulhak.demon.co.uk> In-Reply-To: Your message of "Tue, 08 Apr 1997 08:20:18 %2B1000." <199704072220.IAA01474@topaz.nemeton.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> On Mon, 07 Apr 1997 20:19:51 +0100 Brian Somers wrote:
>
> > > If a machine is the loghost for another machine, it should not be
> > > permitted to delegate.
> >
> > Maybe not, but as it does, we can't "undo" that ability. What if
> > someone is using this "feature" as an ability to proxy syslog messages ?
>
> Fix it anyway. If you are worried about breakage then make proxying a
> command line option, and note that breaking loops is left to the
> administrator.
>
> Giles
Hmmm, things are a bit more difficult. If A logs something to B and
B wants to log that something to A, we can recognise this fact, but
what do we do with the message ?
Maybe a better solution is similar to the ! stuff. We could have
a "section" seperator of @ like this:
*.err;kern.debug;auth.notice;mail.crit /dev/console
*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
.....
!ftpd
*.* /var/log/ftpd.log
!dhcpdb
*.* /var/log/dhcpdb.log
@my.other.host
*.err;kern.debug;auth.notice;mail.crit /dev/console
*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
.....
Any comments ?
--
Brian <brian@awfulhak.org>, <brian@freebsd.org>
<http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704132329.AAA27393>