logrotate issue fix (#242)

spectrocloud · Aug 5, 2024 · 61ad9fd · 61ad9fd
1 parent cd2b974
commit 61ad9fd
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 7 deletions.
diff --git a/Earthfile b/Earthfile
@@ -302,7 +302,10 @@ uki-provider-image:
     RUN apt-get update && apt-get install -y rsync
 
     WORKDIR /
-    COPY overlay/files/etc/ /etc/
+    COPY --if-exists overlay/files/etc/ /etc/
+    IF [ -f /etc/logrotate.d/stylus.conf ]
+        RUN chmod 644 /etc/logrotate.d/stylus.conf
+    END
     COPY +luet/luet /usr/bin/luet
     COPY +kairos-agent/kairos-agent /usr/bin/kairos-agent
     COPY --platform=linux/${ARCH} +trust-boot-unpack/ /trusted-boot
@@ -602,7 +605,11 @@ provider-image:
         ARG BASE_K8S_VERSION=$K8S_VERSION-$K8S_DISTRIBUTION_TAG
     END
 
-    COPY overlay/files/etc/ /etc/
+    COPY --if-exists overlay/files/etc/ /etc/
+    IF [ -f /etc/logrotate.d/stylus.conf ]
+        RUN chmod 644 /etc/logrotate.d/stylus.conf
+    END
+
     COPY  --platform=linux/${ARCH} +kairos-provider-image/ /
     COPY +stylus-image/etc/kairos/branding /etc/kairos/branding
     COPY +stylus-image/oem/stylus_config.yaml /etc/kairos/branding/stylus_config.yaml
@@ -852,6 +859,10 @@ iso-image:
         RUN rm -f /usr/bin/luet
     END
     COPY overlay/files/ /
+
+    IF [ -f /etc/logrotate.d/stylus.conf ]
+        RUN chmod 644 /etc/logrotate.d/stylus.conf
+    END
 
     RUN rm -f /etc/ssh/ssh_host_* /etc/ssh/moduli
     RUN touch /etc/machine-id \

diff --git a/overlay/files/etc/logrotate.d/stylus.conf b/overlay/files/etc/logrotate.d/stylus.conf
@@ -4,9 +4,14 @@
     missingok
     notifempty
     compress
-    delaycompress
     dateext
-    dateformat -%m-%Y
+    dateformat -%d-%m-%Y
     size 100M
     create 600 root root
+    # to avoid 'writable by group or others' error
+    su root root
+    # reload or restart to point file handle to new log file
+    postrotate
+        systemctl try-reload-or-restart rsyslog 2>&1 || true
+    endscript
 }
diff --git a/overlay/files/etc/rsyslog.d/49-stylus.conf b/overlay/files/etc/rsyslog.d/49-stylus.conf
@@ -1,14 +1,14 @@
-# Running rsyslog as root. 
-# TODO: should this be done or change acceptance criteria to about audit log file permissions accordingly 
+# Running rsyslog as root.
 $PrivDropToUser root
+$PrivDropToGroup root
 # default config has $Umask 0022 set. That breaks any config related to masks and modes.
 $Umask 0000
 
 # Mesage format as per rfc5424.
 $template ForwardFormat,"<%pri%>1 %timestamp:::date-rfc3339% %HOSTNAME% %syslogtag% %procid% - - %msg%\n"
 
 # route messages with facility local7 and severity notice to /var/log/stylus-audit.log
-if ($syslogfacility-text == 'local7' and $syslogseverity-text == 'notice') then{
+if ($syslogfacility-text == 'local7' and $syslogseverity-text == 'notice' and $syslogtag contains 'stylus-audit') then{
     action(
         type="omfile" 
         file="/var/log/stylus-audit.log"