Feature request:
 - Please add a new LogLevel corresponding to the LOG_NOTICE syslog level.
    - Then modify OpenSSH to log to LOG_NOTICE only these events:
       - login failures
       - login successes
Specifically, please:
 - add a new element to the LogLevel enum, say, 'SYSLOG_LEVEL_NOTICE',
   between 'SYSLOG_LEVEL_INFO' and 'SYSLOG_LEVEL_ERROR', in
log.h
 - add a new logging function to log.c called notice(), much like log(),
   verbose() and friends, but logging to SYSLOG_LEVEL_NOTICE.
 - modify log.c:do_log() to map SYSLOG_LEVEL_NOTICE to LOG_NOTICE.
 - modify auth.c:/auth_log() to use notice() instead of log().
 - make any other log()->notice() changes that seem appropriate.
Below is a patch that implements just these changes. The patch is
against OpenSSH 2.9p2 + simon at sxw.org.uk's GSS-API patches + my named
key / key pattern patches (posted to openssh-unix-dev at mindrot.org).
I do hope that LOG_NOTICE is available on all platforms -- where it
isn't it could be mapped to LOG_INFO.
Cheers,
Nico
********************************************************************************
Index: 2_9_p2_w_gss_krb5_named_keys.6/log.h
--- 2_9_p2_w_gss_krb5_named_keys.6/log.h Thu, 03 May 2001 16:12:13 -0400 jd
(OpenSSH/j/5_log.h 1.1 644)
+++ 2_9_p2_w_gss_krb5_named_keys.6(w)/log.h Thu, 05 Jul 2001 18:41:32 -0400
willian (OpenSSH/j/5_log.h 1.1 644)
@@ -39,6 +39,7 @@
 	SYSLOG_LEVEL_QUIET,
 	SYSLOG_LEVEL_FATAL,
 	SYSLOG_LEVEL_ERROR,
+	SYSLOG_LEVEL_NOTICE,
 	SYSLOG_LEVEL_INFO,
 	SYSLOG_LEVEL_VERBOSE,
 	SYSLOG_LEVEL_DEBUG1,
@@ -58,6 +59,7 @@
 /* Output a message to syslog or stderr */
 void    fatal(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    error(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void    notice(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    log(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    verbose(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
Index: 2_9_p2_w_gss_krb5_named_keys.6/log.c
--- 2_9_p2_w_gss_krb5_named_keys.6/log.c Thu, 03 May 2001 16:12:13 -0400 jd
(OpenSSH/j/6_log.c 1.1 644)
+++ 2_9_p2_w_gss_krb5_named_keys.6(w)/log.c Thu, 05 Jul 2001 18:44:07 -0400
willian (OpenSSH/j/6_log.c 1.1 644)
@@ -135,6 +135,17 @@
 /* Log this message (information that usually should go to the log). */
 
 void
+notice(const char *fmt,...)
+{
+	va_list args;
+	va_start(args, fmt);
+	do_log(SYSLOG_LEVEL_NOTICE, fmt, args);
+	va_end(args);
+}
+
+/* Log this message (information that usually should go to the log). */
+
+void
 log(const char *fmt,...)
 {
 	va_list args;
@@ -347,6 +358,9 @@
 		if (!log_on_stderr)
 			txt = "error";
 		pri = LOG_ERR;
+		break;
+	case SYSLOG_LEVEL_NOTICE:
+		pri = LOG_NOTICE;
 		break;
 	case SYSLOG_LEVEL_INFO:
 		pri = LOG_INFO;
********************************************************************************
-DISCLAIMER: an automatically appended disclaimer may follow. By posting-
-to a public e-mail mailing list I hereby grant permission to distribute-
-and copy this message.-
. 
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only 
for the individual named.  If you are not the named addressee you 
should not disseminate, distribute or copy this e-mail.  Please 
notify the sender immediately by e-mail if you have received this 
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free 
as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses.  The sender therefore 
does not accept liability for any errors or omissions in the contents 
of this message which arise as a result of e-mail transmission.  If 
verification is required please request a hard-copy version.  This 
message is provided for informational purposes and should not be 
construed as a solicitation or offer to buy or sell any securities or 
related financial instruments.
Ugh, missed something in my patch. Here it is again:
Index: 2_9_p2_w_gss_krb5_named_keys.6/log.h
--- 2_9_p2_w_gss_krb5_named_keys.6/log.h Thu, 03 May 2001 16:12:13 -0400 jd
(OpenSSH/j/5_log.h 1.1 644)
+++ 2_9_p2_w_gss_krb5_named_keys.6(w)/log.h Thu, 05 Jul 2001 18:41:32 -0400
willian (OpenSSH/j/5_log.h 1.1 644)
@@ -39,6 +39,7 @@
 	SYSLOG_LEVEL_QUIET,
 	SYSLOG_LEVEL_FATAL,
 	SYSLOG_LEVEL_ERROR,
+	SYSLOG_LEVEL_NOTICE,
 	SYSLOG_LEVEL_INFO,
 	SYSLOG_LEVEL_VERBOSE,
 	SYSLOG_LEVEL_DEBUG1,
@@ -58,6 +59,7 @@
 /* Output a message to syslog or stderr */
 void    fatal(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    error(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void    notice(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    log(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    verbose(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void    debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
Index: 2_9_p2_w_gss_krb5_named_keys.6/log.c
--- 2_9_p2_w_gss_krb5_named_keys.6/log.c Thu, 03 May 2001 16:12:13 -0400 jd
(OpenSSH/j/6_log.c 1.1 644)
+++ 2_9_p2_w_gss_krb5_named_keys.6(w)/log.c Thu, 05 Jul 2001 18:52:36 -0400
willian (OpenSSH/j/6_log.c 1.1 644)
@@ -79,6 +79,7 @@
 	{ "QUIET",	SYSLOG_LEVEL_QUIET },
 	{ "FATAL",	SYSLOG_LEVEL_FATAL },
 	{ "ERROR",	SYSLOG_LEVEL_ERROR },
+	{ "NOTICE",	SYSLOG_LEVEL_NOTICE },
 	{ "INFO",	SYSLOG_LEVEL_INFO },
 	{ "VERBOSE",	SYSLOG_LEVEL_VERBOSE },
 	{ "DEBUG",	SYSLOG_LEVEL_DEBUG1 },
@@ -135,6 +136,17 @@
 /* Log this message (information that usually should go to the log). */
 
 void
+notice(const char *fmt,...)
+{
+	va_list args;
+	va_start(args, fmt);
+	do_log(SYSLOG_LEVEL_NOTICE, fmt, args);
+	va_end(args);
+}
+
+/* Log this message (information that usually should go to the log). */
+
+void
 log(const char *fmt,...)
 {
 	va_list args;
@@ -260,6 +272,7 @@
 	case SYSLOG_LEVEL_QUIET:
 	case SYSLOG_LEVEL_FATAL:
 	case SYSLOG_LEVEL_ERROR:
+	case SYSLOG_LEVEL_NOTICE:
 	case SYSLOG_LEVEL_INFO:
 	case SYSLOG_LEVEL_VERBOSE:
 	case SYSLOG_LEVEL_DEBUG1:
@@ -347,6 +360,9 @@
 		if (!log_on_stderr)
 			txt = "error";
 		pri = LOG_ERR;
+		break;
+	case SYSLOG_LEVEL_NOTICE:
+		pri = LOG_NOTICE;
 		break;
 	case SYSLOG_LEVEL_INFO:
 		pri = LOG_INFO;
On Thu, Jul 05, 2001 at 06:50:48PM -0400, Nicolas Williams
wrote:> 
> Feature request:
> 
>  - Please add a new LogLevel corresponding to the LOG_NOTICE syslog level.
> 
>     - Then modify OpenSSH to log to LOG_NOTICE only these events:
> 
>        - login failures
>        - login successes
> 
> Specifically, please:
> 
>  - add a new element to the LogLevel enum, say,
'SYSLOG_LEVEL_NOTICE',
>    between 'SYSLOG_LEVEL_INFO' and 'SYSLOG_LEVEL_ERROR', in
log.h
> 
>  - add a new logging function to log.c called notice(), much like log(),
>    verbose() and friends, but logging to SYSLOG_LEVEL_NOTICE.
> 
>  - modify log.c:do_log() to map SYSLOG_LEVEL_NOTICE to LOG_NOTICE.
> 
>  - modify auth.c:/auth_log() to use notice() instead of log().
> 
>  - make any other log()->notice() changes that seem appropriate.
> 
> Below is a patch that implements just these changes. The patch is
> against OpenSSH 2.9p2 + simon at sxw.org.uk's GSS-API patches + my
named
> key / key pattern patches (posted to openssh-unix-dev at mindrot.org).
> 
> I do hope that LOG_NOTICE is available on all platforms -- where it
> isn't it could be mapped to LOG_INFO.
> 
> Cheers,
> 
> Nico
-DISCLAIMER: an automatically appended disclaimer may follow. By posting-
-to a public e-mail mailing list I hereby grant permission to distribute-
-and copy this message.-
. 
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only 
for the individual named.  If you are not the named addressee you 
should not disseminate, distribute or copy this e-mail.  Please 
notify the sender immediately by e-mail if you have received this 
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free 
as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses.  The sender therefore 
does not accept liability for any errors or omissions in the contents 
of this message which arise as a result of e-mail transmission.  If 
verification is required please request a hard-copy version.  This 
message is provided for informational purposes and should not be 
construed as a solicitation or offer to buy or sell any securities or 
related financial instruments.
Apparently Analagous Threads
- subject: ssh non-intuitive logging setting. (priority names)
- log-server.c patch: adding tag to every log output.
- -q option doesn't do what it says in the man page?
- [Bug 2057] New: ssh should treat "Received disconnect" messages as errors
- SIGCHLD race *trivial* patch