On Tue, Aug 08, 2006 at 11:00:14AM -0400, Seth Hanford wrote:
> Hey all,
>
> I've been experimenting with systrace and several programs on OpenBSD
> 3.9-stable. I'm pleased with what the tool lets me do, and with its
> output, but can't find a way to get it to log to a different file for
> each systrace'd service.
>
> For example, I prepend the following to my otherwise-default syslog.conf
>
> !!systrace
> *.* /var/log/systrace/systrace
> !*
>
> Then I run thttpd and named under systrace. Both will log to
> /var/log/systrace/systrace, but is there a way to get them to each log
> to their own file, such as /var/log/systrace/thttpd and
> /var/log/systrace/named?
>
> If I understand correctly, even though thttpd and named might log under
> different facilities, there's no option in systrace to specify a
> facility name. Without this I think my answer is no, but was hoping some
> ingenious hacker might have a solution.
What about systrace -e? It logs to stdout. Write a little program in
your favourite language[1] to send it to syslog with the proper
facility/priority.
Joachim
[1] I know how to do this in Perl and C, and inefficiently in the Bourne
shell. It should be possible in any language with decent UNIX support.
