Last Updated: 980323

cyclog

Introduction

A problem with using splogger is that it uses syslog. Syslog has problems. It has bugs, security holes, etc. Also, using splogger with syslog out of the box is not very configurable. A solution to this problem is to use cyclog, the logging program shipped with daemontools. You can download daemontools from the daemontools web page. It is relatively simple to compile and install.

Note that all of the qmail-start startup scripts in this document should all be on one line.

setuser

A utility which comes with daemontools is setuser which will run a program as another user. Keep in mind that root is the only user which can use setuser. In the following examples, we will be piping output through several programs. The first will be run as the appropriate user (qmaill), but the rest will be run as root since it is a shell script run by root. This is not the behavior we want. The logging facility should be run as qmaill also. setuser will give us the ability to run everything under the appropriate user id.

cyclog

cyclog is a simple logging facility. It has three simple options which are very well explained in the man page.

Let's expand the standard qmail startup to include cyclog:

csh -cf 'qmail-start ./Mailbox /usr/local/bin/accustamp | /usr/local/bin/setuser qmaill /usr/local/bin/cyclog /var/qmail/log/qmail &'

The first program, "accustamp", places a time stamp in microseconds at the beginning of each line. The output of accustamp is sent to cyclog (which is started as user qmaill) which will put the entries into the directory /var/qmail/log/qmail/ (which must already exist). Sites which move lots of traffic will definitely want to change the default options on cyclog (or else you will find yourself with only a few hours worth of logs). It will run as the user qmaill, so be sure the directory is writeable by this user.

usually

daemontools comes with another useful utility called usually. This will allow you to filter certain content, and essentially implement your own priority organization. To use it, just place it in a pipe just before accustamp:

csh -cf 'qmail-start ./Mailbox /usr/local/bin/usually /var/qmail/log/pattern | /usr/local/bin/setuser qmaill /usr/local/bin/accustamp | /usr/local/bin/setuser qmaill /usr/local/bin/cyclog /var/qmail/log/qmail &'

This will use the file /var/qmail/log/pattern as the matching file. The usually man page describes the pattern syntax. The qmail-log man page describes all the possible strings that you can expect. Here is a sample pattern file to catch a reasonable amount of information:

running*
local deliveries will be put on*
remote deliveries will be put on*
number of deliveries left before exiting:*
exiting*
alert:*
delivery *: failure*
delivery *: report mangled, will defer*
internal error:*
qmail-clean unable to clean up*
trouble*
unable*
unknown*

You may want to also catch "delivery*", though this will significantly increase the amount of information in your logs. If you would like to grab it all (i.e. you want to easily change it in the future), just make the pattern file contain an asterisk on a single line.



Written by Eric Huss

Comments welcome.