[Bug 12952] New: Log koha actions to syslog too
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Bug ID: 12952 Summary: Log koha actions to syslog too Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Transaction logs Assignee: koha-bugs@lists.koha-community.org Reporter: srdjan@catalyst.net.nz QA Contact: testopia@bugs.koha-community.org -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #1 from Srdjan Jankovic <srdjan@catalyst.net.nz> --- Log transactions (actions) to syslog facility. The reason being to enable external tools that can parse log files to get their fingers on the action log. The alternatives are: 1. Use Log::Any or similar. I did not go for this one because it is a bit hard to retrofit a beast like that, and then we are potentially entering into configuration nightmare. 2. Log straight to <log dir>/action.log. That was a hard decision, and the approach is more or less equivalent to the proposed one. I believe syslog gives a bit more flexibility. Parts of the proposed solution that deal with syslog config are debian/rsyslog based, but those can easily be adopted in other environments. I'm open for discussion/suggestions. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Srdjan Jankovic <srdjan@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|koha-bugs@lists.koha-commun |srdjan@catalyst.net.nz |ity.org | -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Srdjan Jankovic <srdjan@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #2 from Srdjan Jankovic <srdjan@catalyst.net.nz> --- Created attachment 31690 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31690&action=edit Log koha actions to syslog too * Added kohasite and syslog_facility to config * syslog_facility is set to "user" and commented out for the fresh site install * If syslog_facility is enabled in config, log to syslog as <kohasite> (value of kohasite config) * /etc/rsyslog.d/99-<kohasite>.conf is created with filter instructions to direct <kohasite> log entries to standard log dir (/var/log/koha/<kohasite>) action.log; syslog daemons other than rsyslog need to be configured (or not) to do the same, otherwise catch all syslog log file is used Testing: 1. t/Log.t has been amended, it shold run without errors 2. Enable (uncomment) syslog_facility iand set kohasite in koha-conf.xml Perform an update action that triggers logging Observe an entry in the syslog If /etc/rsyslog.d/99-<kohasite>.conf (or similar) is present, the same entry should be in the <site-log-dir>/action.log -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Robin Sheat <robin@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |robin@catalyst.net.nz -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Srdjan Jankovic <srdjan@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31690|0 |1 is obsolete| | --- Comment #3 from Srdjan Jankovic <srdjan@catalyst.net.nz> --- Created attachment 31887 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31887&action=edit Log koha actions to syslog too * Added kohasite and syslog_facility to config * syslog_facility is set to "user" and commented out for the fresh site install * If syslog_facility is enabled in config, log to syslog as <kohasite> (value of kohasite config) * /etc/rsyslog.d/99-<kohasite>.conf is created with filter instructions to direct <kohasite> log entries to standard log dir (/var/log/koha/<kohasite>) action.log; syslog daemons other than rsyslog need to be configured (or not) to do the same, otherwise catch all syslog log file is used -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Joonas Kylmälä <j.kylmala@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |j.kylmala@gmail.com --- Comment #4 from Joonas Kylmälä <j.kylmala@gmail.com> --- diff --git a/debian/scripts/koha-create b/debian/scripts/koha-create index 6891ac1..5c4aa2a 100755 --- a/debian/scripts/koha-create +++ b/debian/scripts/koha-create @@ -546,8 +546,12 @@ eof # Generate and install Apache site-available file and log dir. generate_config_file apache-site.conf.in \ "/etc/apache2/sites-available/$name.conf" + # Generate and install rsyslog conf + generate_config_file rsyslog-site.conf.in \ + "/etc/rsyslog.d/99-$name.conf" mkdir "/var/log/koha/$name" - chown "$username:$username" "/var/log/koha/$name" + chown "$username:adm" "/var/log/koha/$name" The last line should not have the group adm but $username instead. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #5 from Srdjan Jankovic <srdjan@catalyst.net.nz> ---
- chown "$username:$username" "/var/log/koha/$name" + chown "$username:adm" "/var/log/koha/$name"
The last line should not have the group adm but $username instead.
This is because in case of a multi-site installation we may want to have an external process to be able to access all individual site logs. Without a common group it makes it hard to manage. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #6 from Joonas Kylmälä <j.kylmala@gmail.com> --- (In reply to Srdjan Jankovic from comment #5)
- chown "$username:$username" "/var/log/koha/$name" + chown "$username:adm" "/var/log/koha/$name"
The last line should not have the group adm but $username instead.
This is because in case of a multi-site installation we may want to have an external process to be able to access all individual site logs. Without a common group it makes it hard to manage.
But do we have some script to change the group (during installation)? Hmm.. I'm not so sure about this. Maybe there could be some config file (not sure if there is one already for this kind of things) where it could be changed to one that the user wants or if not specified it would default to $username. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Zeno Tajoli <z.tajoli@cineca.it> changed: What |Removed |Added ---------------------------------------------------------------------------- Patch complexity|--- |Small patch CC| |z.tajoli@cineca.it -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Zeno Tajoli <z.tajoli@cineca.it> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|z.tajoli@cineca.it | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #7 from Srdjan Jankovic <srdjan@catalyst.net.nz> --- (In reply to Joonas Kylmälä from comment #6)
But do we have some script to change the group (during installation)? Hmm.. I'm not so sure about this. Maybe there could be some config file (not sure if there is one already for this kind of things) where it could be changed to one that the user wants or if not specified it would default to $username.
That is an interesting idea, and I could even implement it in the debian config. Although I must say that adm group sounds good enough for me (you don't give adm to everyone). Another possibility is to create a koha group and put all sites to that group. How do we go about making decisions like that? -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 --- Comment #8 from Robin Sheat <robin@catalyst.net.nz> --- I think Srdjan is right here. As a rule of thumb, logs are group-owned by adm so that any user in the adm group can view them. This applies to things like syslog, mysql logs, mail logs, etc. I had a quick look and couldn't find a policy about it, but it seems to be the de facto thing to do. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12952 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID CC| |jonathan.druart@bugs.koha-c | |ommunity.org Status|Needs Signoff |RESOLVED --- Comment #9 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- We have Koha::Logger (bug 14167) now. -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org