From cf73c528b695ffff93523722b2ec9f40e81bd98b Mon Sep 17 00:00:00 2001 From: "Czarnowski, Przemyslaw" Date: Thu, 6 May 2021 15:22:34 +0200 Subject: Change log level to Info Due to security reasons "user/username" has to be removed from the information that is logged by application. Sensitive data has been moved to "Debug"" level (lowest one) and default one has moved one level up to "Info". Also some important information allowing to catch basic errors has been upgraded to "Info". Tested: Manually, mounting both Legacy mode remote types (HTTPs and CIFS) and checking if journal for VirtualMedia service does not contain sensitive information. Change-Id: Ie6c3a79c94637e3632af76daf957e986b2dd3b6d Signed-off-by: Czarnowski, Przemyslaw --- src/logger.hpp | 2 +- src/smb.hpp | 1 - src/state/activating_state.cpp | 10 +++++----- src/state/deactivating_state.hpp | 8 +++++--- src/state/initial_state.hpp | 5 ++--- src/state_machine.hpp | 5 ++--- src/system.hpp | 10 +++++----- 7 files changed, 20 insertions(+), 21 deletions(-) diff --git a/src/logger.hpp b/src/logger.hpp index 1950019..3aef8e2 100644 --- a/src/logger.hpp +++ b/src/logger.hpp @@ -3,7 +3,7 @@ #include #include -#define LOG_LEVEL Debug +#define LOG_LEVEL Info namespace Logger { diff --git a/src/smb.hpp b/src/smb.hpp index a77dba3..c34a6c5 100644 --- a/src/smb.hpp +++ b/src/smb.hpp @@ -34,7 +34,6 @@ class SmbShare } else { - LogMsg(Logger::Info, "Authenticating as ", credentials->user()); credentials->escapeCommas(); credentialsOpt = "user=" + credentials->user() + ",password=" + credentials->password(); diff --git a/src/state/activating_state.cpp b/src/state/activating_state.cpp index 15d7214..8101df9 100644 --- a/src/state/activating_state.cpp +++ b/src/state/activating_state.cpp @@ -79,14 +79,14 @@ std::unique_ptr ActivatingState::activateProxyMode() std::unique_ptr ActivatingState::activateLegacyMode() { - LogMsg(Logger::Debug, machine.getName(), + LogMsg(Logger::Info, machine.getName(), " Mount requested on address: ", machine.getTarget()->imgUrl, " ; RW: ", machine.getTarget()->rw); std::filesystem::path socketPath(machine.getConfig().unixSocket); if (!std::filesystem::exists(socketPath.parent_path())) { - LogMsg(Logger::Debug, machine.getName(), + LogMsg(Logger::Info, machine.getName(), " Parent path for the socket does not exist, ", socketPath.parent_path()); @@ -94,7 +94,7 @@ std::unique_ptr ActivatingState::activateLegacyMode() std::filesystem::create_directories(socketPath.parent_path(), errc); if (errc) { - LogMsg(Logger::Debug, machine.getName(), + LogMsg(Logger::Error, machine.getName(), " Failed to create parent directory for socket", errc); return std::make_unique( machine, static_cast(errc.value()), @@ -104,7 +104,7 @@ std::unique_ptr ActivatingState::activateLegacyMode() std::filesystem::perms::owner_all, errc); if (errc) { - LogMsg(Logger::Debug, machine.getName(), + LogMsg(Logger::Info, machine.getName(), " Failed to set parent directory permissions for socket", errc); return std::make_unique( @@ -138,7 +138,7 @@ std::unique_ptr ActivatingState::mountSmbShare() auto remoteParent = "/" + remote.parent_path().string(); auto localFile = mountDir->getPath() / remote.filename(); - LogMsg(Logger::Debug, machine.getName(), " Remote name: ", remote, + LogMsg(Logger::Info, machine.getName(), " Remote name: ", remote, "\n Remote parent: ", remoteParent, "\n Local file: ", localFile); diff --git a/src/state/deactivating_state.hpp b/src/state/deactivating_state.hpp index 0ad6f5b..57f1072 100644 --- a/src/state/deactivating_state.hpp +++ b/src/state/deactivating_state.hpp @@ -49,18 +49,20 @@ struct DeactivatingState : public BasicStateT } template - [[noreturn]] std::unique_ptr handleEvent(AnyEvent event) { + [[noreturn]] std::unique_ptr handleEvent(AnyEvent event) + { LogMsg(Logger::Error, "Invalid event: ", event.eventName); throw sdbusplus::exception::SdBusError(EBUSY, "Resource is busy"); } - private : std::unique_ptr evaluate() + private: + std::unique_ptr evaluate() { if (udevStateChangeEvent && subprocessStoppedEvent) { if (udevStateChangeEvent->devState == StateChange::removed) { - LogMsg(Logger::Debug, machine.getName(), + LogMsg(Logger::Info, machine.getName(), " udev StateChange::removed"); } else diff --git a/src/state/initial_state.hpp b/src/state/initial_state.hpp index 24a95d8..7fcc10b 100644 --- a/src/state/initial_state.hpp +++ b/src/state/initial_state.hpp @@ -198,7 +198,6 @@ struct InitialState : public BasicStateT { if (s->error) { - LogMsg(Logger::Error, s->error->message.c_str()); throw sdbusplus::exception::SdBusError( static_cast(s->error->code), s->error->message.c_str()); @@ -208,7 +207,7 @@ struct InitialState : public BasicStateT } if (machine.getState().get_if()) { - LogMsg(Logger::Debug, "[App] Mount ok"); + LogMsg(Logger::Info, "[App] Mount ok"); return true; } boost::system::error_code ignored_ec; @@ -284,7 +283,7 @@ struct InitialState : public BasicStateT { machine.getTarget()->credentials.reset(); } - LogMsg(Logger::Debug, "[App]: mount completed ", ret); + LogMsg(Logger::Info, "[App]: mount completed ", ret); return ret; } catch (const std::exception& e) diff --git a/src/state_machine.hpp b/src/state_machine.hpp index f9772fe..3e525cf 100644 --- a/src/state_machine.hpp +++ b/src/state_machine.hpp @@ -52,8 +52,7 @@ struct MountPointStateMachine : public interfaces::MountPointStateMachine void changeState(std::unique_ptr newState) { state = std::move(newState); - LogMsg(Logger::Debug, name, " state changed to ", - state->getStateName()); + LogMsg(Logger::Info, name, " state changed to ", state->getStateName()); if (newState = state->onEnter()) { changeState(std::move(newState)); @@ -63,7 +62,7 @@ struct MountPointStateMachine : public interfaces::MountPointStateMachine template void emitEvent(EventT&& event) { - LogMsg(Logger::Debug, name, " received ", event.eventName, " while in ", + LogMsg(Logger::Info, name, " received ", event.eventName, " while in ", state->getStateName()); if (auto newState = state->handleEvent(std::move(event))) diff --git a/src/system.hpp b/src/system.hpp index a29b640..cc8bdad 100644 --- a/src/system.hpp +++ b/src/system.hpp @@ -136,11 +136,11 @@ class NBDDevice } if (ioctl(fd, NBD_DISCONNECT) < 0) { - LogMsg(Logger::Debug, "Ioctl failed: \n"); + LogMsg(Logger::Info, "Ioctl failed: \n"); } if (ioctl(fd, NBD_CLEAR_SOCK) < 0) { - LogMsg(Logger::Debug, "Ioctl failed: \n"); + LogMsg(Logger::Info, "Ioctl failed: \n"); } close(fd); } @@ -359,7 +359,7 @@ class Process : public std::enable_shared_from_this bool spawn(const std::vector& args, ExitCb&& onExit) { std::error_code ec; - LogMsg(Logger::Info, "[Process]: Spawning ", app, " (", args, ")"); + LogMsg(Logger::Debug, "[Process]: Spawning ", app, " (", args, ")"); child = boost::process::child( app, boost::process::args(args), (boost::process::std_out & boost::process::std_err) > pipe, ec, @@ -388,7 +388,7 @@ class Process : public std::enable_shared_from_this while (lineBegin != line.end()) { auto lineEnd = find(lineBegin, line.end(), '\n'); - LogMsg(Logger::Debug, "[Process]: (", name, ") ", + LogMsg(Logger::Info, "[Process]: (", name, ") ", std::string(lineBegin, lineEnd)); if (lineEnd == line.end()) { @@ -400,7 +400,7 @@ class Process : public std::enable_shared_from_this buffer.consume(x); if (bec) { - LogMsg(Logger::Debug, "[Process]: (", name, + LogMsg(Logger::Info, "[Process]: (", name, ") Loop Error: ", bec); break; } -- cgit v1.2.3