From 23618d15c4a1a5bc4d8eb93125fce1b883db7459 Mon Sep 17 00:00:00 2001 From: Arun Sharma Date: Mon, 5 Aug 2024 17:03:49 +0000 Subject: [PATCH] logrotate issue fix --- Earthfile | 15 +++++++++++++-- overlay/files/etc/logrotate.d/stylus.conf | 9 +++++++-- overlay/files/etc/rsyslog.d/49-stylus.conf | 6 +++--- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/Earthfile b/Earthfile index e9e25af..808a195 100644 --- a/Earthfile +++ b/Earthfile @@ -290,7 +290,10 @@ uki-provider-image: RUN apt-get update && apt-get install -y rsync WORKDIR / - COPY overlay/files/etc/ /etc/ + COPY --if-exists overlay/files/etc/ /etc/ + IF [ -f /etc/logrotate.d/stylus.conf ] + RUN chmod 644 /etc/logrotate.d/stylus.conf + END COPY +luet/luet /usr/bin/luet COPY +kairos-agent/kairos-agent /usr/bin/kairos-agent COPY --platform=linux/${ARCH} +trust-boot-unpack/ /trusted-boot @@ -590,7 +593,11 @@ provider-image: ARG BASE_K8S_VERSION=$K8S_VERSION-$K8S_DISTRIBUTION_TAG END - COPY overlay/files/etc/ /etc/ + COPY --if-exists overlay/files/etc/ /etc/ + IF [ -f /etc/logrotate.d/stylus.conf ] + RUN chmod 644 /etc/logrotate.d/stylus.conf + END + COPY --platform=linux/${ARCH} +kairos-provider-image/ / COPY +stylus-image/etc/kairos/branding /etc/kairos/branding COPY +stylus-image/oem/stylus_config.yaml /etc/kairos/branding/stylus_config.yaml @@ -840,6 +847,10 @@ iso-image: RUN rm -f /usr/bin/luet END COPY overlay/files/ / + + IF [ -f /etc/logrotate.d/stylus.conf ] + RUN chmod 644 /etc/logrotate.d/stylus.conf + END RUN rm -f /etc/ssh/ssh_host_* /etc/ssh/moduli RUN touch /etc/machine-id \ diff --git a/overlay/files/etc/logrotate.d/stylus.conf b/overlay/files/etc/logrotate.d/stylus.conf index e45df6a..5ccdab0 100644 --- a/overlay/files/etc/logrotate.d/stylus.conf +++ b/overlay/files/etc/logrotate.d/stylus.conf @@ -4,9 +4,14 @@ missingok notifempty compress - delaycompress dateext - dateformat -%m-%Y + dateformat -%d-%m-%Y size 100M create 600 root root + # to avoid 'writable by group or others' error + su root root + # reload or restart to point file handle to new log file + postrotate + systemctl try-reload-or-restart rsyslog 2>&1 || true + endscript } \ No newline at end of file diff --git a/overlay/files/etc/rsyslog.d/49-stylus.conf b/overlay/files/etc/rsyslog.d/49-stylus.conf index a540b6b..dfaafe8 100644 --- a/overlay/files/etc/rsyslog.d/49-stylus.conf +++ b/overlay/files/etc/rsyslog.d/49-stylus.conf @@ -1,6 +1,6 @@ -# Running rsyslog as root. -# TODO: should this be done or change acceptance criteria to about audit log file permissions accordingly +# Running rsyslog as root. $PrivDropToUser root +$PrivDropToGroup root # default config has $Umask 0022 set. That breaks any config related to masks and modes. $Umask 0000 @@ -8,7 +8,7 @@ $Umask 0000 $template ForwardFormat,"<%pri%>1 %timestamp:::date-rfc3339% %HOSTNAME% %syslogtag% %procid% - - %msg%\n" # route messages with facility local7 and severity notice to /var/log/stylus-audit.log -if ($syslogfacility-text == 'local7' and $syslogseverity-text == 'notice') then{ +if ($syslogfacility-text == 'local7' and $syslogseverity-text == 'notice' and $syslogtag contains 'stylus-audit') then{ action( type="omfile" file="/var/log/stylus-audit.log"