|Summary:||add syslog of denials and config file reloads|
|Product:||dbus||Reporter:||Colin Walters <walters>|
|Component:||core||Assignee:||Havoc Pennington <hp>|
|Status:||RESOLVED FIXED||QA Contact:||John (J5) Palmieri <johnp>|
|i915 platform:||i915 features:|
also syslog message type
Description Colin Walters 2008-12-10 11:21:13 UTC
We need this for debugging denials, especially of signals.
Comment 1 Colin Walters 2008-12-10 11:21:37 UTC
Created attachment 21010 [details] [review] add syslog
Comment 2 Havoc Pennington 2008-12-11 20:14:29 UTC
Looks nice. You probably want to openlog() so the program name is set in the log. Another thing it would be nice to log on system bus is if we drop a connection due to an invalid message, we could log the "invalid reason" code; but it's sort of annoying to do this only for system bus and not for session bus (for session bus, we'd want that in stderr perhaps, come to think of it, though maybe session bus /dev/null's stderr?). Anyway, a future enhancement.
Comment 3 Colin Walters 2008-12-12 11:03:38 UTC
Created attachment 21097 [details] [review] improved syslog This one adds a <syslog> element that needs to be explicitly specified; otherwise things like "make check" spam syslog. Besides those, it * Fixes the receive log * Condenses the syslog message significantly * Adds the number of rules that matched to the denial (quite helpful for debugging, though what i really want is a textual representation of the last matched rule)
Comment 4 Colin Walters 2008-12-12 14:00:57 UTC
Created attachment 21102 [details] [review] also syslog message type This further patch adds the message type to syslog.
Comment 5 Havoc Pennington 2008-12-13 21:08:24 UTC
Patches look good.
Comment 6 Colin Walters 2008-12-16 08:29:03 UTC
Thanks for the review. Pushed: commit b45440148a81d3efc0ed1a670f6e498de129bc62 Author: Colin Walters <firstname.lastname@example.org> Date: Fri Dec 12 16:58:06 2008 -0500 Add message type to security syslog entries It's part of the security check, we should have it in the log. commit bb2a464067c6843320f367b590b0e4cb00225e50 Author: Colin Walters <email@example.com> Date: Wed Dec 10 14:17:02 2008 -0500 Add syslog of security denials and configuration file reloads We need to start logging denials so that they become more easily trackable and debuggable.