Ubuntu
以下输出中的 80、F 和 X 含义是什么syslogd -d?
0: X X X X FF X X X X X FF X X X X X X X X X X X X X X FILE: /var/log/auth.log (unused)
1: FF FF FF FF X FF FF FF FF FF X FF FF FF FF FF FF FF FF FF FF FF FF FF FF FILE: /var/log/syslog (unused)
2: X X X FF X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/daemon.log (unused)
3: FF X X X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/kern.log (unused)
4: X X X X X X FF X X X X X X X X X X X X X X X X X X FILE: /var/log/lpr.log (unused)
5: X X FF X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/mail.log (unused)
6: X FF X X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/user.log (unused)
7: X X 7F X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/mail.info (unused)
8: X X 1F X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/mail.warn (unused)
9: X X F X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/mail.err (unused)
10: X X X X X X X 7 X X X X X X X X X X X X X X X X X FILE: /var/log/news/news.crit (unused)
11: X X X X X X X F X X X X X X X X X X X X X X X X X FILE: /var/log/news/news.err (unused)
12: X X X X X X X 3F X X X X X X X X X X X X X X X X X FILE: /var/log/news/news.notice (unused)
13: 80 80 X 80 X 80 80 X 80 80 X 80 80 80 80 80 80 80 80 80 80 80 80 80 80 FILE: /var/log/debug (unused)
14: 70 70 X X X 70 70 X 70 X X 70 70 70 70 70 70 70 70 70 70 70 70 70 70 FILE: /var/log/messages (unused)
15: 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 WALL:
16: F0 F0 FF FF F0 F0 F0 FF F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 F0 PIPE: |/dev/xconsole (unused)
眼底病变
7 6 X 5 X 6 X 5 5 X X X 5 5 5 5 5 5 5 5 5 5 5 5 X FILE: /var/log/messages
X X X X 6 X X X X X X X X X X X X X X X X X X X X FILE: /var/log/authlog
X X X X X X X X X X 7 X X X X X X X X X X X X X X FILE: /var/log/secure
X X X X X X X X X 6 X X X X X X X X X X X X X X X FILE: /var/cron/log
X X X 6 X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/daemon
X X X X X X X X X X X 6 X X X X X X X X X X X X X FILE: /var/log/xferlog
X X X X X X 7 X X X X X X X X X X X X X X X X X X FILE: /var/log/lpd-errs
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/maillog
7 3 2 3 5 3 3 3 3 3 X 3 3 3 3 3 3 3 3 3 3 3 3 3 X CONSOLE: /dev/console
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:
答案1
这些值指的是设施为定义的日志文件定义。例如,任何发送日志消息的电子邮件相关程序都会使用邮件功能,无论程序的实际名称是什么。我知道之间的每一列代表一个功能,但我不确定该值具体代表什么。以下只是猜测:
每个设施都可以登录8 个严重程度,0 表示“紧急”,7 表示调试。您可以为每个设施设置其中的任意一个或全部。如果每个级别都是数字中的一个位,则该值可能是所有这些位的总和。 FF将表示所有位都已设置。其他值:
F: first 4 bits set - emergency, alert critical, error
F0: last 4 bits set - warning, notification, info, debug
80: last bit set - debug
我认为“X”表示忽略。
答案2
[X0-7] 是设施名称。诸如“安全”LOG_AUTH 之类的弃用内容留下了猜测的空间,因此我不会将其作为非开发人员介绍。它们与 Ubuntu 中的变体相似,但更简洁。X 的含义显然是“忽略”,如代码:
1329: if (Debug) {
1330: for (f = Files; f; f = f->f_next) {
1331: for (i = 0; i <= LOG_NFACILITIES; i++)
1332: if (f->f_pmask[i] == INTERNAL_NOPRI)
1333: printf("X ");
1334: else
1335: printf("%d ", f->f_pmask[i]);
1336: printf("%s: ", TypeNames[f->f_type]);
1337: switch (f->f_type) {
1338: case F_FILE:
1339: case F_TTY:
1340: case F_CONSOLE:
1.95 henning 1341: case F_PIPE:
1.1 deraadt 1342: printf("%s", f->f_un.f_fname);
1343: break;
1344:
1345: case F_FORW:
1346: printf("%s", f->f_un.f_forw.f_hname);
1347: break;
1348:
1349: case F_USERS:
1350: for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++)
1351: printf("%s, ", f->f_un.f_uname[i]);
1352: break;
1.70 djm 1353:
1354: case F_MEMBUF:
1355: printf("%s", f->f_un.f_mb.f_mname);
1356: break;
1357:
1.1 deraadt 1358: }
1.20 deraadt 1359: if (f->f_program)
1.19 bri 1360: printf(" (%s)", f->f_program);
1.1 deraadt 1361: printf("\n");
1362: }
1363: }
1364: }