-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a permissions option to logging.files for all beats #4428
Conversation
Can one of the admins verify this patch? |
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically on build-eu-00. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
libbeat/docs/loggingconfig.asciidoc
Outdated
===== files.permissions | ||
|
||
The permission mask to apply when rotating log files. The default value is 0600. The | ||
`permissions` option must be a valid file permissions mask. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add a link to a resource that describes what constitutes a valid file permissions mask? An example is always good, too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would a link to this do? https://golang.org/pkg/os/#FileMode
Or a link to https://en.wikipedia.org/wiki/File_system_permissions#Numeric_notation ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm...I wouldn't link to wikipedia even though it's more descriptive. Linking to the golang doc might actually confuse people.
So maybe instead of a link, you could be a bit more descriptive. Maybe say something like, "The permissions
options must be a valid Unix-style file permissions mask expressed in octal notation (for example, 0754
).
Or you could link to the following website, which is super useful, but I hesitate to point to it as a resource because I don't know who maintains it or how long it will be around: https://www.filepermissions.com/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You got it. I have amended my commit according to your comments. Any further feedback is very welcome! Thanks!
e96d54e
to
726b983
Compare
Current status:
|
@atoulme Thanks for the PR! There's now a failure on Travis that looks related to this change: https://travis-ci.org/elastic/beats/jobs/238535618#L423 |
@@ -27,6 +27,7 @@ logging.files: | |||
path: /var/log/mybeat | |||
name: mybeat.log | |||
keepfiles: 7 | |||
permissions: 0644 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I worry slightly about how YAML interprets this number, is it sure to be octal?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From the point of view of go, it's supposed to be a uint32. So it should be ok?
https://golang.org/pkg/os/#FileMode
Note I added validation to make sure the number is less than 7777, but now I realize we could do better.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The users will be required to start the value with a leading 0 in order for it to be interpreted as octal in YAML.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@andrewkroh I have added some information in the doc to that effect.
libbeat/logp/file_rotator.go
Outdated
@@ -56,6 +57,10 @@ func (rotator *FileRotator) CheckIfConfigSane() error { | |||
if *rotator.KeepFiles < 2 || *rotator.KeepFiles >= RotatorMaxFiles { | |||
return fmt.Errorf("The number of files to keep should be between 2 and %d", RotatorMaxFiles-1) | |||
} | |||
|
|||
if rotator.Permissions != nil && (*rotator.Permissions > 7777) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think 7777
should be os.ModePerm
instead. Only the permission bits should be settable in the mode.
@@ -27,6 +27,7 @@ logging.files: | |||
path: /var/log/mybeat | |||
name: mybeat.log | |||
keepfiles: 7 | |||
permissions: 0644 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The users will be required to start the value with a leading 0 in order for it to be interpreted as octal in YAML.
libbeat/logp/file_rotator.go
Outdated
@@ -56,6 +57,10 @@ func (rotator *FileRotator) CheckIfConfigSane() error { | |||
if *rotator.KeepFiles < 2 || *rotator.KeepFiles >= RotatorMaxFiles { | |||
return fmt.Errorf("The number of files to keep should be between 2 and %d", RotatorMaxFiles-1) | |||
} | |||
|
|||
if rotator.Permissions != nil && (*rotator.Permissions > 7777) { | |||
return fmt.Errorf("The permissions mask %d is invalid", *rotator.Permissions) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Error strings should not be capitalized. https://github.com/golang/go/wiki/CodeReviewComments#error-strings
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WDYT about providing a hint here about starting the configured value with a leading 0?
032c54f
to
eb29a28
Compare
libbeat/logp/file_rotator.go
Outdated
return fmt.Errorf("the number of files to keep should be between 2 and %d", RotatorMaxFiles-1) | ||
} | ||
|
||
if rotator.Permissions != nil && (*rotator.Permissions > 07777) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you replace the 07777
with the constant os.ModePerm
(which is 0777
). That should be the max value because users should be setting mode type.
jenkins, test it |
(cherry picked from commit fecbdf4)
This is a submission for a fix to issue #4295.