|
Matej Habrnal |
fa1950 |
From 65821e8e792a253e5baa1d3633ff115702769b84 Mon Sep 17 00:00:00 2001
|
|
Matej Habrnal |
fa1950 |
From: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
Date: Mon, 8 Jun 2015 12:59:39 +0200
|
|
Matej Habrnal |
fa1950 |
Subject: [PATCH] ccpp: don't save the system logs by default
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Saving the system logs if uid equals 0 was a bad idea because we are not
|
|
Matej Habrnal |
fa1950 |
sure who really owns the problem directory. It could be reintroduced
|
|
Matej Habrnal |
fa1950 |
when we rewrite those shell script lines in Python/C or better we should
|
|
Matej Habrnal |
fa1950 |
store the system logs in a private element (#989).
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
This patch also removes the support for /var/log/messages because it was
|
|
Matej Habrnal |
fa1950 |
making the whole post-create event unnecessarily complex and we can
|
|
Matej Habrnal |
fa1950 |
count on the fact that all currently supported systems use
|
|
Matej Habrnal |
fa1950 |
systemd-journald.
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Related: rhbz#1212868
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
---
|
|
Matej Habrnal |
fa1950 |
src/plugins/ccpp_event.conf | 46 ++++++++++++++++++---------------------------
|
|
Matej Habrnal |
fa1950 |
1 file changed, 18 insertions(+), 28 deletions(-)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
diff --git a/src/plugins/ccpp_event.conf b/src/plugins/ccpp_event.conf
|
|
Matej Habrnal |
fa1950 |
index 809c3b7..227776d 100644
|
|
Matej Habrnal |
fa1950 |
--- a/src/plugins/ccpp_event.conf
|
|
Matej Habrnal |
fa1950 |
+++ b/src/plugins/ccpp_event.conf
|
|
Matej Habrnal |
fa1950 |
@@ -29,34 +29,24 @@ EVENT=post-create analyzer=CCpp
|
|
Matej Habrnal |
fa1950 |
# Can't do it as analyzer step, non-root can't read log.
|
|
Matej Habrnal |
fa1950 |
executable=`cat executable` &&
|
|
Matej Habrnal |
fa1950 |
base_executable=${executable##*/} &&
|
|
Matej Habrnal |
fa1950 |
- # Test if the current version of journalctl has --system switch
|
|
Matej Habrnal |
fa1950 |
- journalctl --system -n1 >/dev/null
|
|
Matej Habrnal |
fa1950 |
- if [ $? -ne 0 ];
|
|
Matej Habrnal |
fa1950 |
- then
|
|
Matej Habrnal |
fa1950 |
- # Remove the exit below if you don't mind sharing data from the
|
|
Matej Habrnal |
fa1950 |
- # system logs with unprivileged users -> bugzilla.redhat.com/1212868
|
|
Matej Habrnal |
fa1950 |
- exit 0
|
|
Matej Habrnal |
fa1950 |
- # It's not an error if /var/log/messages isn't readable:
|
|
Matej Habrnal |
fa1950 |
- test -f /var/log/messages || exit 0
|
|
Matej Habrnal |
fa1950 |
- test -r /var/log/messages || exit 0
|
|
Matej Habrnal |
fa1950 |
- log=`grep -F -e "$base_executable" /var/log/messages | tail -99`
|
|
Matej Habrnal |
fa1950 |
- else
|
|
Matej Habrnal |
fa1950 |
- uid=`cat uid` &&
|
|
Matej Habrnal |
fa1950 |
- (
|
|
Matej Habrnal |
fa1950 |
- # Remove the line below if you don't mind sharing data from the
|
|
Matej Habrnal |
fa1950 |
- # system logs with unprivileged users -> bugzilla.redhat.com/1212868
|
|
Matej Habrnal |
fa1950 |
- [ "$uid" -ne 0 ] && exit 0
|
|
Matej Habrnal |
fa1950 |
- log="[System Logs]:\n" &&
|
|
Matej Habrnal |
fa1950 |
- log=$log`journalctl -b --since=-3m --system -n 99 _COMM="$base_executable"`
|
|
Matej Habrnal |
fa1950 |
- ) &&
|
|
Matej Habrnal |
fa1950 |
- log=$log"\n[User Logs]:\n" &&
|
|
Matej Habrnal |
fa1950 |
- log=$log`journalctl -b --since=-3m -n 99 _COMM="$base_executable" _UID="$uid"` &&
|
|
Matej Habrnal |
fa1950 |
- log=`echo -e "$log"`
|
|
Matej Habrnal |
fa1950 |
- fi
|
|
Matej Habrnal |
fa1950 |
- if test -n "$log"; then
|
|
Matej Habrnal |
fa1950 |
- printf "%s\n" "$log" >var_log_messages
|
|
Matej Habrnal |
fa1950 |
- # echo "Element 'var_log_messages' saved"
|
|
Matej Habrnal |
fa1950 |
- fi
|
|
Matej Habrnal |
fa1950 |
+ uid=`cat $DUMP_DIR/uid` &&
|
|
Matej Habrnal |
fa1950 |
+ {
|
|
Matej Habrnal |
fa1950 |
+ user_log=`journalctl -b --since=-3m -n 99 _COMM="$base_executable" _UID="$uid"` &&
|
|
Matej Habrnal |
fa1950 |
+ test -n "$user_log" && printf "User logs:\n%s\n" "$user_log" >$DUMP_DIR/var_log_messages
|
|
Matej Habrnal |
fa1950 |
+ # Do not use '&&' here because if $user_log is the empty string
|
|
Matej Habrnal |
fa1950 |
+ # then the script does not continue to get the system logs
|
|
Matej Habrnal |
fa1950 |
+ {
|
|
Matej Habrnal |
fa1950 |
+ # Remove the line below if you don't mind sharing data from the
|
|
Matej Habrnal |
fa1950 |
+ # system logs with unprivileged users -> bugzilla.redhat.com/1212868
|
|
Matej Habrnal |
fa1950 |
+ false &&
|
|
Matej Habrnal |
fa1950 |
+ system_log=$log`journalctl -b --since=-3m --system -n 99 _COMM="$base_executable"` &&
|
|
Matej Habrnal |
fa1950 |
+ test -n "$system_log" && printf "System logs:\n%s\n" "$system_log" >>$DUMP_DIR/var_log_messages
|
|
Matej Habrnal |
fa1950 |
+ # Always exit with true here, because the false at
|
|
Matej Habrnal |
fa1950 |
+ # the beginning would cause the post-create hook to remove
|
|
Matej Habrnal |
fa1950 |
+ # the current problem directory.
|
|
Matej Habrnal |
fa1950 |
+ true
|
|
Matej Habrnal |
fa1950 |
+ }
|
|
Matej Habrnal |
fa1950 |
+ }
|
|
Matej Habrnal |
fa1950 |
)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
EVENT=collect_xsession_errors analyzer=CCpp dso_list~=.*/libX11.*
|
|
Matej Habrnal |
fa1950 |
--
|
|
Matej Habrnal |
fa1950 |
2.1.0
|
|
Matej Habrnal |
fa1950 |
|