diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -302,7 +302,8 @@
 syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one.
 syslogd_flags="-s"		# Flags to syslogd (if enabled).
 syslogd_oomprotect="YES"	# Don't kill syslogd when swap space is exhausted. 
-altlog_proglist=""		# List of chrooted applicatioins in /var
+altlog_proglist=""		# List of chrooted applications which will get a log socket in their var/run.
+altlog_jaillist=""		# List of jails which will get log sockets in their var/run.
 inetd_enable="NO"		# Run the network daemon dispatcher (YES/NO).
 inetd_program="/usr/sbin/inetd"	# path to inetd, if you want a different one.
 inetd_flags="-wW -C 60"		# Optional flags to inetd
diff --git a/libexec/rc/rc.d/syslogd b/libexec/rc/rc.d/syslogd
--- a/libexec/rc/rc.d/syslogd
+++ b/libexec/rc/rc.d/syslogd
@@ -21,6 +21,7 @@
 extra_commands="reload"
 
 sockfile="/var/run/syslogd.sockets"
+privsockfile="/var/run/syslogd.privsockets"
 evalargs="rc_flags=\"\`set_socketlist\` \$rc_flags\""
 
 syslogd_precmd()
@@ -37,6 +38,7 @@
 	#	Create default list of syslog sockets to watch
 	#
 	( umask 022 ; > $sockfile )
+	( umask 022 ; > $privsockfile )
 
 	#	If running named(8) or ntpd(8) chrooted, added appropriate
 	#	syslog socket to list of sockets to watch.
@@ -48,6 +50,14 @@
 		fi
 	done
 
+	# We can also provide logging facilities to jails
+	# Jails might need a log socket for privileged applications too
+	for _j in $altlog_jaillist; do
+		_ldir=`jls -aj $_j path 2>/dev/null`
+		echo "${_ldir}/var/run/log" >> $sockfile
+		echo "${_ldir}/var/run/logpriv" >> $privsockfile
+	done
+
 	#	If other sockets have been provided, change run_rc_command()'s
 	#	internal copy of $syslogd_flags to force use of specific
 	#	syslogd sockets.
@@ -56,6 +66,10 @@
 		echo "/var/run/log" >> $sockfile
 		eval $evalargs
 	fi
+	if [ -s $privsockfile ]; then
+		echo "/var/run/logpriv" >> $privsockfile
+		eval $evalargs
+	fi
 
 	return 0
 }
@@ -68,6 +82,9 @@
 	for _s in `cat $sockfile | tr '\n' ' '` ; do
 		_socketargs="-l $_s $_socketargs"
 	done
+	for _s in `cat $privsockfile | tr '\n' ' '` ; do
+		_socketargs="-S $_s $_socketargs"
+	done
 	echo $_socketargs
 }
 load_rc_config $name
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 17, 2023
+.Dd February 23, 2023
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -2300,6 +2300,22 @@
 .Dq Li YES ,
 these are the flags to pass to
 .Xr syslogd 8 .
+Defaults to
+.Dq Li -s .
+.It Va altlog_proglist
+.Pq Vt list
+List of chrooted applications which will have a log socket placed in their
+.Pa var/run .
+.It Va altlog_jaillist
+.Pq Vt list
+List of jails which will have log sockets placed in their
+.Pa var/run .
+For this to be useful, adding
+.Dq Li -H
+to
+.Va syslogd_flags is recommended.
+This way, the log lines will include the jail's
+.Va host.hostname .
 .It Va inetd_enable
 .Pq Vt bool
 If set to
diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8
--- a/usr.sbin/syslogd/syslogd.8
+++ b/usr.sbin/syslogd/syslogd.8
@@ -28,7 +28,7 @@
 .\"     @(#)syslogd.8	8.1 (Berkeley) 6/6/93
 .\" $FreeBSD$
 .\"
-.Dd July 2, 2018
+.Dd Feb 23, 2023
 .Dt SYSLOGD 8
 .Os
 .Sh NAME
@@ -438,6 +438,7 @@
 .Sh SEE ALSO
 .Xr logger 1 ,
 .Xr syslog 3 ,
+.Xr rc.conf 5
 .Xr services 5 ,
 .Xr syslog.conf 5 ,
 .Xr newsyslog 8