- Copy stable/10 (r259064) to releng/10.0 as part of the
10.0-RELEASE cycle.
- Update __FreeBSD_version [1]
- Set branch name to -RC1

[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so
start releng/10.0 at '100' so the branch is started with
a value ending in zero.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Add syslog(3) support to devd(8).

sbin/devd/devd.cc
All output will now go to syslog(3) if devd is daemonized, or stderr
if it's running in the foreground.

sbin/devd/devd.8
Remove the "-D" flag. Filtering messages by priority now
happens in the usual syslog way. For performance reasons, a few
extra-verbose debugging statements are now conditional on the "-d" (do
not daemonize) flag.

etc/syslog.conf
etc/newsyslog.conf
Direct messages from devd(8) to /var/log/devd.log, but leave it
disabled by default

Reviewed by: eadler
Approved by: gibbs (co-mentor)
MFC after: never (removed a command-line option from devd)

Similar to all.log, mention that /var/log/console.log has to be created and chmod'ed
to make logging work.

PR: 168889
Submitted by: Robert Simmons <rsimmons0@gmail.com>
MFC after: 1 week

syslog.conf: pop up from logging only ppp messages at the end of file

This allows to append custom rules at the end of the file without
risk of confusion that can result when one misses default !ppp line
and doesn't add another program specification and thus subsequent
selector(s) would belong to ppp program block.

Requested by: marck
Submitted by: marck
Approved by: jhb (mentor)

Remove slip.log. Slip got removed as part of the MPSAFE tty work. If
it does come back it would probably be better if users who were interested
in slip added appropriate lines instead of this being here unconditionally.

Reminded by: tut <at> nhamon <dot> com <dot> ua

Fix a terrible braino in last commit. Put kern.debug back to /var/log/messages
and do exactly what last commit message described.

Do not print kernel debugging on console. In case of serial console
this can cause a really heavy load on system. Several kernel debugging
messages can be triggered even remotely (e.g. bad ARP replies).

Use kern.warning instead, so that really significant messages still
will be printed on console.

Reviewed by: current@
MFC after: 1 week
Security: this change fixes a DoS condition, when default system
console is serial, and box is flooded with bogus ARP
packets

Make sure debug.log only gets debugging messages.

Introduce debug.log which gets debug.* (most of this would otherwise go
to the great bit-bucket in the sky)

Stop logging ``authpriv'' messages to the world-readable file
/var/log/messages. Such messages are for the eyes of authorized
personnel only.

PR: conf/48170
Discussed in: freebsd-security
MFC after: 2 weeks

Rename the ftp log filename for compatability with OpenBSD and NetBSD.

Requested by: ru

Log ftpd stuff in the same way that we log lpd stuff. Too many ftpd's
are attacked for us to throw away this sort of evidence.

Per discussion on current: Don't spam root with syslog messages.

Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by: asmodai, aeonflux, green, ....

Clean up logging of security information a bit:

o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.

/var/log/security gets almost no (if not no) activity on many FreeBSD
systems due to sshd not using the security log class. Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.

Submitted by: aeonflux@synapse.subneural.net
MFC after: 4 weeks

Explain that /var/log/all.log needs to be touched and chmod'd 'ere it
can be used.

PR: 17022
Submitted by: Niels Christian Bank-Pedersen <ncbp@bank-pedersen.dk>
MFC after: 1 week

Note in the comments that it is possible, but not recommended to use
spaces instead of tabs in this file. This matches the description in
the manpage.

PR: 25945
Submitted by: T. William Wells <bill@twwells.com>

Log the console output to "/var/log/console.log", not "/var/log/console"
(MFC candidate)

Add commented out entry showing use of console.info feature.

Add two commented out syslog.conf entries, one to demonstrate the use of
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.

Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism. Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.

Approved by: jkh
Reviewed by: freebsd-security

Move /var/cron/log to /var/log/cron

$Id$ -> $FreeBSD$

This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by: rgrimes, imp, chris

- Add a couple comment lines to note that spaces are not allowed as
field separators.

PR: conf/8162
Submitted by: Sheldon Hearn <sheldonh@axl.training.iafrica.com>

Add Id keywords

Add ppp.log

auth.debug should not be sent to root realtime

news.notice info should not be sent to /var/log/messages, as news has
its own set of logs and notice is overused by inn

added entries for newsservers (but they're commented out)

Back out daemon.* addition, ssh port should be fixed instead

Log daemon.* to /var/log/messages or very valuable daemons messages
lost forever

Put startslip syslog messages into separate file
Increase rotating log sizes in newsyslog.conf to reflect
more common case

This is Vixie cron 3.0. This version fixes all known security bugs.
Further it implements crontab -e.
I moved cron from /usr/libexec to /usr/sbin where most daemons are
that are run from rc. That also gets rid of the ugly path crond
used to have in ps(1) outputs. Further I renamed it to cron, as
Paul Vixie likes it and is done by NetBSD.

NOTE VERY WELL THE FOLLOWING:

1) Systems crontab changed. Every users crontab resides in /var/cron
*EXCEPT* root's. This is a special crontab as it resides in
/etc. Further it is the *ONLY* crontab file in which you specify
usernames. See /usr/src/etc/crontab. This is also done by BSDI's
BSD/386 as far as I know (they provided the patches for it anyway)
2) So you *must* delete root's crontab and reinstall the copy
in /etc from /usr/src/etc.
'Must' is to much: the old installed crontab will work but cron
will also try to 'run' /etc/crontab.
3) Last but not least: cron's logging is now done via syslog. Note
that logging by cron is done lowercase when it logs about itsself
and uppercase when it logs user events, like installing a new crontab.
The default logfile file is the same as before:
syslog.conf:cron.* /var/cron/log

-Guido

This commit was generated by cvs2svn to compensate for changes in r37,
which included commits to RCS files with non-trunk default branches.

Initial import of 386BSD 0.1 othersrc/etc