to much syslogging by default

Pavel Reichl preichl at redhat.com
Wed Jan 28 11:51:46 EST 2015


On 01/27/2015 06:51 PM, Dan White wrote:
> On 01/27/15 18:13 +0100, Pavel Reichl wrote:
>> On 01/27/2015 05:38 PM, Dan White wrote:
>>>> Would it be possible to change priority of this messages to not be 
>>>> printed by default?
>>>>
>>> What is your configured log_level (if any), and what log level are you
>>> logging at in your syslog config?
>>>
>> Hello Dan,
>>
>> I'm not aware the we configure log_level, but if you give me a hint 
>> what to grep for I'll check it.
>>
>> Actually we are using journal, but it seems that the level is 7.
>
> log_level is a sasl option, and would be configured in the same place as
> mech_list. For Cyrus IMAP, it would be sasl_log_level within
> /etc/imapd.conf, or in a stand alone config file for most other servers.
>
I don't think we use any kind of configuration file.
We use SASL via openldap lib so I'm currently looking into its code to 
see if they set it, or if we can set it through some openldap lib option.

Anyway, I'm not sure it will help I looked again through SASL code and 
if I understand the code correctly:

1) setting debug_level has no effect
2) there's no way how to use our own log callback

Am I right?

+params->utils->log(NULL, SASL_LOG_DEBUG, "GSSAPI client step %d", 
text->state);
|
+-+_sasl_log (conn=0x0, level=5, fmt=0x7f82bef78432 "GSSAPI client step 
%d") at common.c:1829
   |
   +-+_sasl_getcallback (conn=0x0, callbackid=2, pproc=0x7fff74581728, 
pcontext=0x7fff74581730) at common.c:1720

       <code sequence>
       <snip>
       /* If it's not always provided by the library, see if there's
        * a version provided by the application for this connection... */
       if (conn && conn->callbacks) {
         for (callback = conn->callbacks; callback->id != SASL_CB_LIST_END;
            callback++) {
     <snip>
     <comment>*We can't ever get here because conn is NULL*<end comment>
     <snip>

       /* And, if not for this connection, see if there's one
        * for all {server,client} connections... */
       if (conn && conn->global_callbacks && 
conn->global_callbacks->callbacks) {
         for (callback = conn->global_callbacks->callbacks;
     <snip>
     <comment>*We can't get ever here because conn is NULL*<end comment>
     <snip>

       /* Otherwise, see if the library provides a default callback. */
       switch (callbackid) {
       #ifdef HAVE_SYSLOG
       case SASL_CB_LOG:
         <comment>*this callback is always used*<end comment>
         *pproc = (sasl_callback_ft)&_sasl_syslog;
       <snip>
       <end of code sequence>

   +-+_sasl_syslog (context=0x0, priority=5, message=0x17f4c50 "GSSAPI 
client step 1") at common.c:1480

      <code sequence>

      int syslog_priority;
      sasl_server_conn_t *sconn;

      <comment>*context is always null*<end comment>
      if (context) {
          if (((sasl_conn_t *)context)->type == SASL_CONN_SERVER) {
              sconn = (sasl_server_conn_t *)context;
              if (sconn->sparams->log_level < priority)
                  return SASL_OK;
          }
      }

      /* set syslog priority */
      switch(priority) {
      case SASL_LOG_NONE:
          return SASL_OK;
          break;
      case SASL_LOG_ERR:
          syslog_priority = LOG_ERR;
          break;
      case SASL_LOG_WARN:
          syslog_priority = LOG_WARNING;
          break;
      case SASL_LOG_NOTE:
      case SASL_LOG_FAIL:
          syslog_priority = LOG_NOTICE;
          break;
      case SASL_LOG_PASS:
      case SASL_LOG_TRACE:
      case SASL_LOG_DEBUG:
      default:
          <comment>*priority is always set to 7*<end comment>
          syslog_priority = LOG_DEBUG;
          break;
      }

      /* do the syslog call. Do not need to call openlog? */
      syslog(syslog_priority | LOG_AUTH, "%s", message);

      return SASL_OK;
      <end of code sequence>


More information about the Cyrus-sasl mailing list