logging to a pipe?

Thu Aug 26 10:52:34 UTC 2004

>>>>> "Marten" == Marten Lehmann <lehmann at cnm.de> writes:

    Marten> Hello, in the logging definition for a channel I found
    Marten> only syslog and file.  With the file-option, I was hoping
    Marten> that it would log to a script when using

    Marten> file "|/var/tmp/logger.pl";

    Marten> but it doesn't:

Correct. The ARM makes it crystal-clear that the reserved word "file"
is followed by a pathname enclosed in double quotes.

    Marten> Is someone working on a pipe-option? 

No idea: I doubt it.

    Marten> Is there a general reason not to implement (it's possible
    Marten> in Apache). 

First of all BIND is not Apache. Please repeat this until you
understand that. I can see it now. One day someone will ask here "Why
doesn't BIND serve web pages? It's possible in Apache.".

Secondly, ISC has finite resources. These are probably best spent on
implementing the core protocol. If you want to have logging to a pipe,
feel free to contribute a patch. Or give ISC the money to do that.

Thirdly, adding logging to a pipe introduces a bunch of potential
security holes and awkward problems to replicate (or not) environment
variables and suchlike in the forked process on the other end of the
pipe. Also, name server processes can get very large. Forking such
processes can be very painful. IMO it's best if BIND doesn't go down
those rat-holes.

Finally, there's no real reason to log to a pipe. [Just because Apache
can do that isn't a justification.] The simplest solution is to have
daemons log and then have scripts or whatever that analyse those logs.
That was one of the core ideas of UNIX: have *small*, self-contained
programs that did one job and did it well instead of large, complex
programs that try to do everything for everyone.