Question: In the Software Design Document it says that there is a watchdog process that automatically enables an in-memory circular buffer that writes log messages passed to the logging subsystem to help identify what operation the adclient process was performing when the problem occurred. The in-memory buffer is also mapped to a file, if there is a system crash or a core dump, the last messages are saved. What is the logging subsystem and to what file is the in-memory buffer mapped to?
Answer: DirectControl uses the Operating System's syslog facility. By default the log facility is "auth", however this is customizable. The destination mapped is governed by the syslog configuration currently in use, ie syslog-ng, rsyslog, etc. Normally this is the default syslog location, for example /var/log/messages. This is also where the "Audit Trail" events are written. When the Centrify addebug utility is activated, the destination is updated and reconfigured to write the auth.debug values to /var/log/centrifydc.log. This change is reverted upon the deactivation of addebug.