Mats Erik Andersson <[email protected]> writes:
> torsdag den 16 augusti 2012 klockan 22:23 skrev Simon Josefsson detta:
>> Mats Erik Andersson <[email protected]> writes:
>>
>> > Anyway, you should provide for LOG_AUTH.
>> >
>> > BSD systems use two different settings as standard,
>> > and the are not using "/var/log/syslog" at all:
>>
>> Interesting. The reason I used LOG_AUTHPRIV instead of LOG_AUTH was
>> that my syslog manpage (Ubuntu 12.04) says:
>>
>> LOG_AUTH security/authorization messages (DEPRECATED
>> Use
>> LOG_AUTHPRIV instead)
>
> You are somewhat jumping your conclusions here. Taking further advice
> from <sys/syslog.h> on GNU/Linux or BSD will clarify the matter:
>
>
> { "security", LOG_AUTH } /* DEPRECATED */
>
> but
>
> { "auth", LOG_AUTH }
> { "authpriv", LOG_AUTHPRIV }
>
> are still recommended. Observe the nomen "security", which is
> better avoided since a rather long time.
Agreed -- but doesn't that just imply that use of the "security" name is
deprecated? My man page implied LOG_AUTH was deprecated, which seems
different.
I could not find anything about LOG_AUTH being deprecated in the GNU
libc manual or source code. RFC 5424 describes (informally) both
facilities (by code, 4 and 10). RFC 3164 contains a note:
Note 1 - Various operating systems have been found to utilize
Facilities 4, 10, 13 and 14 for security/authorization,
audit, and alert messages which seem to be similar.
RFC5427 describe "auth" as "authorization messages" and "authpriv" as
"security/authorization messages".
MIT's krb5.conf says they use LOG_AUTH per default.
I'm inclined to use LOG_AUTH instead and file a bug report on the man
page to drop the remark about deprecation.
/Simon
_______________________________________________
Help-shishi mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-shishi
