[0.7.0] Journalist notification sends email every time the app server is manually restarted #3367
Labels
Milestone
Comments
|
Ah, indeed, I've been rebooting a bunch of times, and sometimes I get the journalist notification alert separate from the regular netstat alert that appears on boot (for admins), reproducing this bug. Sometimes I get the two alerts grouped, which produces the submissions error in #3368. The intermittent nature of this is why the resolution of alert grouping described here appeared to be sufficient during review. |
ghost
self-assigned this
ghost
mentioned this issue
1 task
ghost
mentioned this issue
1 task
eloquence
pushed a commit
to freedomofpress/securedrop-docs
that referenced
this issue
Sep 9, 2020
The app server is rebooted every 24h and will send a notification at boot time. The ossec server is also rebooted and will immediately send the email to the journalist, regardless of when the previous mail was sent (mail frequency is not a feature of ossec-maild). Always running the localfile command at boot time is an undocumented OSSEC behavior ossec/ossec-hids#1415 in 2.8.2 as well as 2.9.3. This guarantees exactly one mail will be sent daily. Setting the 25 hours frequency element is a safeguard: * against the following race a) command runs because the 24h period expires, b) the server reboots shortly after because it reboots every 24h, c) command runs again after the server is rebooted, causing two notifications to be sent in a row * in case the server does not reboot for some reason, the notification will still be sent every 25h Fixes: freedomofpress/securedrop#3367 (cherry picked from commit 16716d5)
eloquence
pushed a commit
to freedomofpress/securedrop-docs
that referenced
this issue
Sep 11, 2020
The app server is rebooted every 24h and will send a notification at boot time. The ossec server is also rebooted and will immediately send the email to the journalist, regardless of when the previous mail was sent (mail frequency is not a feature of ossec-maild). Always running the localfile command at boot time is an undocumented OSSEC behavior ossec/ossec-hids#1415 in 2.8.2 as well as 2.9.3. This guarantees exactly one mail will be sent daily. Setting the 25 hours frequency element is a safeguard: * against the following race a) command runs because the 24h period expires, b) the server reboots shortly after because it reboots every 24h, c) command runs again after the server is rebooted, causing two notifications to be sent in a row * in case the server does not reboot for some reason, the notification will still be sent every 25h Fixes: freedomofpress/securedrop#3367 (cherry picked from commit 16716d5)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug
Description
Every time a SecureDrop instance running 0.7.0~rc2 is rebooted, a journalist notification indicating that there's a new submission is sent, despite there not being any new submissions. Note that this particular instance was upgraded from 0.6.
Steps to Reproduce
There has been submission activity in the past 24 hours.Expected Behavior
The email should only be sent at a regular interval to minimize information leakage and the information sent to journalists should be accurate.
Actual Behavior
The email is sent at every instance reboot and the information sent to the journalist is not accurate.
The text was updated successfully, but these errors were encountered: