Sets log hostname for Whonix & Viewer

The sd-viewer config didn't have the logging setup included, which was an oversight. The Whonix-related VMs, sd-whonix, sd-proxy, and corresponding templates, require special treatment that's now accounted for in the single log-config state file. Significantly expanded test coverage in order to verify the end state.
freedomofpress · Mar 6, 2020 · c057de1 · c057de1
1 parent 0775f06
commit c057de1
Show file tree

Hide file tree

Showing 7 changed files with 51 additions and 21 deletions.
diff --git a/dom0/sd-logging-setup.sls b/dom0/sd-logging-setup.sls
@@ -43,7 +43,7 @@ sd-log-remove-rsyslog-qubes-plugin:
   cmd.run:
     - name: /rw/config/rc.local
 
-{% elif grains['id'] == "sd-whonix" %}
+{% elif grains['id'] in ["sd-whonix", "sd-proxy", "sd-proxy-buster-template"] %}
 # We can not place the file on the template under /etc/rsyslog.d/ because of whonix
 # template. This sdlog.conf file is the same from the securedrop-log package, to
 # make sure that rsyslogd use our logging plugin.
@@ -62,13 +62,15 @@ sd-rc-enable-logging:
     - marker_end: "### END securedrop-workstation ###"
     - content: |
         # Add sd-rsyslog.conf file for syslog
-        ln -sf /rw/config/sd-rsyslog.conf /etc/sd-rsyslog.conf
-        if [ ! -f /etc/rsyslog.d/sdlog.conf ]; then
-            ln -sf /rw/config/sdlog.conf /etc/rsyslog.d/sdlog.conf
-        fi
+        ln -sf /rw/config/sdlog.conf /etc/rsyslog.d/sdlog.conf
+        cat <<EOF > /etc/sd-rsyslog.conf
+        [sd-rsyslog]
+        remotevm = sd-log
+        localvm = {{ grains['id'] }}
+        EOF
         systemctl restart rsyslog
   cmd.run:
-    - name: ln -sf /rw/config/sd-rsyslog.conf /etc/sd-rsyslog.conf && systemctl restart rsyslog
+    - name: /rw/config/rc.local
 
 {% else %}
 # For all other VMs, configure to send to sd-log

diff --git a/dom0/sd-viewer-files.sls b/dom0/sd-viewer-files.sls
@@ -12,6 +12,7 @@
 
 include:
   - fpf-apt-test-repo
+  - sd-logging-setup
 
 sd-viewer-install-mimetype-handler-package:
   pkg.installed:
@@ -35,11 +36,3 @@ sd-viewer-install-logging:
       - securedrop-log
     - require:
       - sls: fpf-apt-test-repo
-
-sd-rsyslog-for-sd-viewer:
-  file.managed:
-    - name: /etc/sd-rsyslog.conf
-    - source: "salt://sd-rsyslog.conf.j2"
-    - template: jinja
-    - context:
-        vmname: sd-viewer
diff --git a/dom0/sd-workstation.top b/dom0/sd-workstation.top
@@ -30,6 +30,8 @@ base:
     - sd-logging-setup
   sd-proxy-buster-template:
     - sd-proxy-template-files
+  sd-proxy:
+    - sd-logging-setup
   sd-app:
     - sd-app-config
   sd-viewer-buster-template:
@@ -40,6 +42,7 @@ base:
     - sd-sys-firewall-files
   sd-whonix:
     - sd-whonix-hidserv-key
+    - sd-logging-setup
   securedrop-workstation-buster:
     - sd-workstation-template-files
   sys-usb:

diff --git a/tests/base.py b/tests/base.py
@@ -113,15 +113,27 @@ def _fileExists(self, remote_path):
 
         return True
 
-    def logging_configured(self):
+    def logging_configured(self, vmname=False):
         """
         Make sure rsyslog is configured to send in data to sd-log vm.
+        Takes an optional 'vmname' argument, in case hostname
+        returned by system is an insufficient identifier, e.g. Whonix.
         """
+        self.assertTrue(self._package_is_installed("securedrop-log"))
+        self.assertTrue(self._fileExists("/usr/sbin/sd-rsyslog"))
+        self.assertTrue(self._fileExists("/etc/rsyslog.d/sdlog.conf"))
         self.assertTrue(self._fileExists("/etc/sd-rsyslog.conf"))
         # Then we check the configuration inside of the file.
-        file_content = self._get_file_contents("/etc/sd-rsyslog.conf")
+        # Using .strip() so trailing whitespace doesn't cause failures
+        file_content = self._get_file_contents("/etc/sd-rsyslog.conf").strip()
         static_content = """[sd-rsyslog]
-remotevm = sd-log
-"""
+remotevm = sd-log"""
+        # A hardcoded vmname should only be present if required,
+        # since securedrop-log will default to value of `hostname`.
+        if vmname:
+            static_content += "localvm = {}".format(self.vm_name)
         self.assertEqual(file_content, static_content)
-        self.assertTrue(self._package_is_installed("securedrop-log"))
+        # Check for evidence of misconfigured logging in syslog,
+        # fail if matching events found
+        cmd_output = self._run("sudo grep -F \"action 'action-0-omprog' suspended (module 'omprog')\" /var/log/syslog | wc -l").strip()
+        self.assertTrue(cmd_output == "0")
diff --git a/tests/test_log_vm.py b/tests/test_log_vm.py
@@ -31,6 +31,26 @@ def test_redis_service_running(self):
         results = self._run("sudo systemctl is-active redis")
         assert results == "active"
 
+    def test_logs_are_flowing(self):
+        cmd_output = self._run("ls -1 /home/user/QubesIncomingLogs")
+        log_dirs = cmd_output.split("\n")
+        # Confirm AppVMs are sending logs
+        self.assertTrue("sd-app" in log_dirs)
+        self.assertTrue("sd-whonix" in log_dirs)
+        # sd-viewr will only submit logs if a submission has been opened
+        # self.assertTrue("sd-viewer" in log_dirs)
+        # sd-devices will only submit logs if an export was performed
+        # self.assertTrue("sd-devices" in log_dirs)
+        # sd-proxy will only submit logs if a user logged in to the Client
+        self.assertTrue("sd-proxy" in log_dirs)
+
+    def test_log_dirs_properly_named(self):
+        # Rerunning this command to keep test output readable
+        cmd_output = self._run("ls -1 /home/user/QubesIncomingLogs")
+        log_dirs = cmd_output.split("\n")
+        # Confirm we don't have 'host' entries from Whonix VMs
+        self.assertFalse("host" in log_dirs)
+
 
 def load_tests(loader, tests, pattern):
     suite = unittest.TestLoader().loadTestsFromTestCase(SD_Log_Tests)

diff --git a/tests/test_proxy_vm.py b/tests/test_proxy_vm.py
@@ -41,7 +41,7 @@ def test_whonix_ws_repo_enabled(self):
         assert self._fileExists(self.whonix_apt_list)
 
     def test_logging_configured(self):
-        self.logging_configured()
+        self.logging_configured(vmname=True)
 
     def test_mime_types(self):
         with open("sd-proxy/mimeapps.list", "r") as f:

diff --git a/tests/test_sd_whonix.py b/tests/test_sd_whonix.py
@@ -59,7 +59,7 @@ def test_sd_whonix_repo_enabled(self):
         assert self._fileExists(self.whonix_apt_list)
 
     def test_logging_configured(self):
-        self.logging_configured()
+        self.logging_configured(vmname=True)
 
 
 def load_tests(loader, tests, pattern):