[Opendnssec-develop] Embedded scripts can replace syslog()

Stephen.Morris at nominet.org.uk Stephen.Morris at nominet.org.uk
Tue Sep 1 11:45:13 UTC 2009

Jakob Schlyter <jakob at kirei.se> wrote on 31/08/2009 09:57:34:

> > Relativating my own democode, I see the inclusion of a complete Python
> > interpreter as a potential problem:
> > * as a static library, it makes programs larger
> > * as a dynamic library, it adds a dependency (on python-devel)
> >
> > Another approach, with a similar drop-in-place approach, could be to
> > use an exec() call to invoke the "logger" utility or another (shell)
> > script with the same options as used to logger(1),
> for each and every log line? that's something I would encourage my 
> competitors do do.


We have multiple daemon processes all logging to syslog.  If we want to 
give users the ability to process log messages, I suggest that we ensure 
that all OpenDNSSEC code logs via a thin wrapper around syslog which calls 
a user-exit function and, depending on the returned status, syslog, e.g.

void MsgLog(<arguments>)
   if (UeLog(<arguments>) == 0) {

As part of the OpenDNSSEC distribution, we include a DLL that contains 
nothing but dummy user-exit functions.  The one for UeLog would look like:

int UeLog(<arguments>)
   return 0;

If the user wants to intercept log messages, all they need to do is to 
replace this one DLL without touching the rest of the OpenDNSSEC code. 
They can do what they want with each message (such as starting a Python 
script or suppressing syslog output), but there is minimal overhead if 
they choose not to use the capability.

> > Having said that, I'm interested in hearing your thoughts on the
> > trade-offs.
> for version 1, which is our focus currently - I say we do syslog only.

Agreed again.  For version 1, let's do the minimum required to get it 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090901/53588c45/attachment.htm>

More information about the Opendnssec-develop mailing list