Next: , Previous: domain_realm, Up: krb5.conf



3.3.6 [logging]

The [logging] section indicates how a particular entity is to perform its logging. The relations in this section assign one or more values to the entity name. Currently, the following entities are used:

kdc
These entries specify how the KDC is to perform its logging.
admin_server
These entries specify how the administrative server is to perform its logging.
default
These entries specify how to perform logging in the absence of explicit specifications otherwise.

Values are of the following forms:

FILE=<filename>
FILE:<filename>
This value causes the entity's logging messages to go to the specified file. If the = form is used, the file is overwritten. If the : form is used, the file is appended to.
STDERR
This value causes the entity's logging messages to go to its standard error stream.
CONSOLE
This value causes the entity's logging messages to go to the console, if the system supports it.
DEVICE=<devicename>
This causes the entity's logging messages to go to the specified device.
SYSLOG[:<severity>[:<facility>]]
This causes the entity's logging messages to go to the system log.

The severity argument specifies the default severity of system log messages. This may be any of the following severities supported by the syslog(3) call, minus the LOG_ prefix: LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, and LOG_DEBUG. For example, a value of CRIT would specify LOG_CRIT severity.

The facility argument specifies the facility under which the messages are logged. This may be any of the following facilities supported by the syslog(3) call minus the LOG_ prefix: LOG_KERN, LOG_USER, LOG_MAIL, LOG_DAEMON, LOG_AUTH, LOG_LPR, LOG_NEWS, LOG_UUCP, LOG_CRON, and LOG_LOCAL0 through LOG_LOCAL7.

If no severity is specified, the default is ERR. If no facility is specified, the default is AUTH.

In the following example, the logging messages from the KDC will go to the console and to the system log under the facility LOG_DAEMON with default severity of LOG_INFO; and the logging messages from the administrative server will be appended to the file /var/adm/kadmin.log and sent to the device /dev/tty04.

     [logging]
         kdc = CONSOLE
         kdc = SYSLOG:INFO:DAEMON
         admin_server = FILE:/var/adm/kadmin.log
         admin_server = DEVICE=/dev/tty04