1.\" Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.Dd December 6, 2023
26.Dt CAP_SYSLOG 3
27.Os
28.Sh NAME
29.Nm cap_syslog ,
30.Nm cap_vsyslog ,
31.Nm cap_openlog ,
32.Nm cap_closelog ,
33.Nm cap_setlogmask
34.Nd "library for syslog in capability mode"
35.Sh LIBRARY
36.Lb libcap_syslog
37.Sh SYNOPSIS
38.In libcasper.h
39.In casper/cap_syslog.h
40.Ft void
41.Fn cap_syslog "cap_channel_t *chan" "int pri" "const char *fmt" "..."
42.Ft void
43.Fn cap_vsyslog "cap_channel_t *chan" "int priority" "const char *fmt" "va_list ap"
44.Ft void
45.Fn cap_openlog "cap_channel_t *chan" "const char *ident" "int logopt" "int facility"
46.Ft void
47.Fn cap_closelog "cap_channel_t *chan"
48.Ft int
49.Fn cap_setlogmask "cap_channel_t *chan" "int maskpri"
50.Sh DESCRIPTION
51The functions
52.Fn cap_syslog
53.Fn cap_vsyslog
54.Fn cap_openlog
55.Fn cap_closelog
56.Fn cap_setlogmask
57are respectively equivalent to
58.Xr syslog 3 ,
59.Xr vsyslog 3 ,
60.Xr openlog 3 ,
61.Xr closelog 3 ,
62.Xr setlogmask 3
63except that the connection to the
64.Nm system.syslog
65service needs to be provided.
66.Pp
67All of these functions are reentrant but not thread-safe.
68That is, they may be called from separate threads only with different
69.Vt cap_channel_t
70arguments or with synchronization.
71.Sh EXAMPLES
72The following example first opens a capability to casper and then uses this
73capability to create the
74.Nm system.syslog
75casper service to log messages.
76.Bd -literal
77cap_channel_t *capcas, *capsyslog;
78
79/* Open capability to Casper. */
80capcas = cap_init();
81if (capcas == NULL)
82	err(1, "Unable to contact Casper");
83
84/* Enter capability mode sandbox. */
85if (cap_enter() < 0 && errno != ENOSYS)
86	err(1, "Unable to enter capability mode");
87
88/* Use Casper capability to create capability to the system.syslog service. */
89capsyslog = cap_service_open(capcas, "system.syslog");
90if (capsyslog == NULL)
91	err(1, "Unable to open system.syslog service");
92
93/* Close Casper capability, we don't need it anymore. */
94cap_close(capcas);
95
96/* Let's log something. */
97cap_syslog(capsyslog, LOG_NOTICE, "System logs from capability mode.");
98.Ed
99.Sh SEE ALSO
100.Xr cap_enter 2 ,
101.Xr closelog 3 ,
102.Xr err 3 ,
103.Xr openlog 3 ,
104.Xr setlogmask 3 ,
105.Xr syslog 3 ,
106.Xr vsyslog 3 ,
107.Xr capsicum 4 ,
108.Xr nv 9
109.Sh HISTORY
110The
111.Nm cap_syslog
112service first appeared in
113.Fx 10.3 .
114.Sh AUTHORS
115.An Mariusz Zaborski Aq Mt oshogbo@FreeBSD.org
116