From 23f40d14a1aff0acc438f6cf43a357df956cad2b Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 18 Nov 2016 14:43:19 +0000 Subject: [PATCH] Improve handling of logs --- src/freedombone-app-gnusocial | 3 + src/freedombone-app-mumble | 3 + src/freedombone-app-radicale | 4 +- src/freedombone-base-email | 10 ++ src/freedombone-logging | 167 +++++++++++++++++++++++++--------- src/freedombone-utils-final | 4 + src/freedombone-utils-onion | 5 + 7 files changed, 152 insertions(+), 44 deletions(-) diff --git a/src/freedombone-app-gnusocial b/src/freedombone-app-gnusocial index 0e0f384f..91d1b8bf 100755 --- a/src/freedombone-app-gnusocial +++ b/src/freedombone-app-gnusocial @@ -731,6 +731,9 @@ function install_gnusocial_main { echo "\$config['ostatus']['hub_retries'] = 3;" >> $gnusocial_config_file fi + # turn off logging + echo "\$config['site']['logfile'] = /dev/null;" >> $gnusocial_config_file + # This improves performance sed -i "s|//\$config\['db'\]\['schemacheck'\].*|\$config\['db'\]\['schemacheck'\] = 'script';|g" $gnusocial_config_file diff --git a/src/freedombone-app-mumble b/src/freedombone-app-mumble index 985ca8d1..a1c1eb8c 100755 --- a/src/freedombone-app-mumble +++ b/src/freedombone-app-mumble @@ -265,6 +265,9 @@ function install_mumble { MUMBLE_ONION_HOSTNAME=$(add_onion_service mumble ${MUMBLE_PORT} ${MUMBLE_PORT}) + # turn off logs by default + sed -i 's|logfile=.*|logfile=/dev/null|g' /etc/mumble-server.ini + update_default_domain systemctl restart mumble-server diff --git a/src/freedombone-app-radicale b/src/freedombone-app-radicale index 34c66da6..9f23ff54 100755 --- a/src/freedombone-app-radicale +++ b/src/freedombone-app-radicale @@ -430,7 +430,7 @@ function install_radicale { echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} - echo ' error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} + echo ' error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} @@ -449,7 +449,7 @@ function install_radicale { echo " server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} - echo ' error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} + echo ' error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} diff --git a/src/freedombone-base-email b/src/freedombone-base-email index a00f8011..35fbb802 100755 --- a/src/freedombone-base-email +++ b/src/freedombone-base-email @@ -1348,6 +1348,16 @@ function configure_imap { if [ -f /etc/systemd/system/sockets.target.wants/dovecot.socket ]; then rm /etc/systemd/system/sockets.target.wants/dovecot.socket fi + + # Separate logging, otherwise syslog is used + if ! grep "# logging" /etc/dovecot/dovecot.conf; then + echo '' >> /etc/dovecot/dovecot.conf + echo '# logging' >> /etc/dovecot/dovecot.conf + echo 'log_path = /var/log/dovecot.log' >> /etc/dovecot/dovecot.conf + echo 'info_log_path = /var/log/dovecot-info.log' >> /etc/dovecot/dovecot.conf + echo 'debug_log_path = /var/log/dovecot-debug.log' >> /etc/dovecot/dovecot.conf + fi + systemctl restart dovecot mark_completed $FUNCNAME } diff --git a/src/freedombone-logging b/src/freedombone-logging index 7586944b..e8b1a0cd 100755 --- a/src/freedombone-logging +++ b/src/freedombone-logging @@ -40,58 +40,141 @@ if [ ! "$1" ]; then fi if [[ "$1" == "on" || "$1" == "On" || "$1" == "ON" ]]; then - if [ -d /etc/nginx ]; then - for filename in /etc/nginx/sites-available/* ; do - filename_domain=$(echo "$filename" | awk -F '/' '{print $5}') - sed -i "s|access_log.*|access_log /var/log/nginx/$filename_domain.access.log;|g" $filename - sed -i "s|error_log.*|error_log /var/log/nginx/$filename_domain.err.log $WEBSERVER_LOG_LEVEL;|g" $filename - done - fi - if [ -f /etc/init.d/spamassassin ]; then - sed -i 's|DOPTIONS="-s null -d --pidfile=$PIDFILE"|DOPTIONS="-d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin - fi - if [ -d /etc/prosody ]; then - sed -i 's|info = "/dev/null";|info = "/var/log/prosody/prosody.log";|g' /etc/prosody/prosody.cfg.lua - sed -i 's|error = "/dev/null";|error = "/var/log/prosody/prosody.err";|g' /etc/prosody/prosody.cfg.lua - fi - if [ -d /etc/exim4 ]; then - sed -i 's|log_selector =.*|log_selector = MAIN_LOG_SELECTOR|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector - fi + if [ -d /etc/tor ]; then + sed -i 's|#Log notice file.*|Log notice file /var/log/tor.log|g' /etc/tor/torrc + sed -i 's|Log notice file.*|Log notice file /var/log/tor.log|g' /etc/tor/torrc + fi + if [ -f /etc/mumble-server.ini ]; then + sed -i 's|logfile=.*|logfile=/var/log/mumble-server.log|g' /etc/mumble-server.ini + fi + if [ -f /etc/php5/fpm/php-fpm.conf ]; then + sed -i 's|error_log =.*|error_log = /var/log/php5-fpm.log|g' /etc/php5/fpm/php-fpm.conf + fi + if [ -d /etc/nginx ]; then + if [ ! -d /var/log/nginx ]; then + mkdir /var/log/nginx + fi + for filename in /etc/nginx/sites-available/* ; do + filename_domain=$(echo "$filename" | awk -F '/' '{print $5}') + sed -i "s|access_log.*|access_log /var/log/nginx/$filename_domain.access.log;|g" $filename + sed -i "s|error_log.*|error_log /var/log/nginx/$filename_domain.err.log $WEBSERVER_LOG_LEVEL;|g" $filename + done + fi + if [ -f /etc/init.d/spamassassin ]; then + sed -i 's|DOPTIONS="-s null -d --pidfile=$PIDFILE"|DOPTIONS="-d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin + fi + if [ -d /etc/prosody ]; then + if [ ! -d /var/log/prosody ]; then + mkdir /var/log/prosody + fi + sed -i 's|info = "/dev/null";|info = "/var/log/prosody/prosody.log";|g' /etc/prosody/prosody.cfg.lua + sed -i 's|error = "/dev/null";|error = "/var/log/prosody/prosody.err";|g' /etc/prosody/prosody.cfg.lua + fi + if [ -d /etc/exim4 ]; then + if [ ! -d /var/log/exim4 ]; then + mkdir /var/log/exim4 + fi + sed -i 's|log_selector =.*|log_selector = MAIN_LOG_SELECTOR|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector + fi + if [ -f /etc/dovecot/dovecot.conf ]; then + sed -i 's|log_path =.*|log_path = /var/log/dovecot.log|g' /etc/dovecot/dovecot.conf + sed -i 's|info_log_path =.*|info_log_path = /var/log/dovecot-info.log|g' /etc/dovecot/dovecot.conf + sed -i 's|debug_log_path =.*|debug_log_path = /var/log/dovecot-debug.log|g' /etc/dovecot/dovecot.conf + fi + if [ -d /etc/mysql ]; then + if [ ! -d /var/log/mysql ]; then + mkdir /var/log/mysql + fi + sed -i 's|log_error =.*|log_error = /var/log/mysql/error.log|g' /etc/mysql/my.cnf + fi else - if [ -d /etc/nginx ]; then - for filename in /etc/nginx/sites-available/* ; do - sed -i 's|access_log.*|access_log /dev/null;|g' $filename - sed -i 's|warn_log.*|warn_log /dev/null;|g' $filename - sed -i 's|error_log.*|error_log /dev/null;|g' $filename - done - shred -zu /var/log/nginx/* - fi - if [ -f /etc/init.d/spamassassin ]; then - sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin - fi - if [ -d /etc/prosody ]; then - sed -i 's|info = "/var/log/prosody/prosody.log";|info = "/dev/null";|g' /etc/prosody/prosody.cfg.lua - sed -i 's|error = "/var/log/prosody/prosody.err";|error = "/dev/null";|g' /etc/prosody/prosody.cfg.lua - shred -zu /var/log/prosody/prosody.log - shred -zu /var/log/prosody/prosody.err - fi - if [ -d /etc/exim4 ]; then - sed -i 's|log_selector =.*|log_selector = -all|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector - fi + if [ -d /etc/tor ]; then + sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc + sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc + if [ -d /var/log/tor ]; then + shred -zu /var/log/tor/* + rm -rf /var/log/tor + fi + fi + if [ -f /etc/mumble-server.ini ]; then + sed -i 's|logfile=.*|logfile=/dev/null|g' /etc/mumble-server.ini + if [ -d /var/log/mumble-server ]; then + shred -zu /var/log/mumble-server/* + rm -rf /var/log/mumble-server + fi + fi + if [ -d /var/log/radicale ]; then + shred -zu /var/log/radicale/* + rm -rf /var/log/radicale + fi + if [ -f /etc/php5/fpm/php-fpm.conf ]; then + sed -i 's|error_log =.*|error_log = /dev/null|g' /etc/php5/fpm/php-fpm.conf + fi + if [ -d /etc/nginx ]; then + for filename in /etc/nginx/sites-available/* ; do + sed -i 's|access_log.*|access_log /dev/null;|g' $filename + sed -i 's|warn_log.*|warn_log /dev/null;|g' $filename + sed -i 's|error_log.*|error_log /dev/null;|g' $filename + done + shred -zu /var/log/nginx/* + fi + if [ -f /etc/init.d/spamassassin ]; then + sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin + fi + if [ -d /etc/prosody ]; then + sed -i 's|info = "/var/log/prosody/prosody.log";|info = "/dev/null";|g' /etc/prosody/prosody.cfg.lua + sed -i 's|error = "/var/log/prosody/prosody.err";|error = "/dev/null";|g' /etc/prosody/prosody.cfg.lua + shred -zu /var/log/prosody/prosody.log + shred -zu /var/log/prosody/prosody.err + fi + if [ -d /etc/exim4 ]; then + sed -i 's|log_selector =.*|log_selector = -all|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector + shred -zu /var/log/exim4/* + fi + if [ -f /etc/dovecot/dovecot.conf ]; then + sed -i 's|log_path =.*|log_path = /dev/null|g' /etc/dovecot/dovecot.conf + sed -i 's|info_log_path =.*|info_log_path = /dev/null|g' /etc/dovecot/dovecot.conf + sed -i 's|debug_log_path =.*|debug_log_path = /dev/null|g' /etc/dovecot/dovecot.conf + shred -zu /var/log/mail.* + fi + if [ -d /etc/mysql ]; then + if [ -d /var/log/mysql ]; then + shred -zu /var/log/mysql/* + fi + if [ -f /var/log/mysql.err ]; then + shred -zu /var/log/mysql.err + fi + if [ -f /var/log/mysql.log ]; then + shred -zu /var/log/mysql.log + fi + sed -i 's|log_error =.*|log_error = /dev/null|g' /etc/mysql/my.cnf + fi fi if [ -d /etc/nginx ]; then - service php5-fpm restart - service nginx restart + systemctl restart php5-fpm + systemctl restart nginx fi if [ -f /etc/init.d/spamassassin ]; then - service spamassassin restart + systemctl restart spamassassin fi if [ -d /etc/prosody ]; then - service prosody restart + systemctl restart prosody fi if [ -d /etc/exim4 ]; then - service exim4 restart + systemctl restart exim4 +fi +if [ -d /etc/dovecot ]; then + systemctl restart dovecot +fi +if [ -d /etc/tor ]; then + systemctl reload tor +fi +if [ -f /etc/mumble-server.ini ]; then + systemctl restart mumble-server +fi +if [ -d /var/www/radicale ]; then + systemctl restart radicale fi exit 0 diff --git a/src/freedombone-utils-final b/src/freedombone-utils-final index 2a791b7f..89893d38 100755 --- a/src/freedombone-utils-final +++ b/src/freedombone-utils-final @@ -39,6 +39,10 @@ function install_final { fi function_check split_gpg_key_into_fragments split_gpg_key_into_fragments + + # turn logging off by default + ${PROJECT_NAME}-logging off + mark_completed $FUNCNAME clear echo '' diff --git a/src/freedombone-utils-onion b/src/freedombone-utils-onion index b2c11466..b0df670f 100755 --- a/src/freedombone-utils-onion +++ b/src/freedombone-utils-onion @@ -241,6 +241,11 @@ function install_tor { echo 'Tor failed to install' exit 38259 fi + + # turn off logging + sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc + sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc + mark_completed $FUNCNAME }