Bug 167575
| Summary: | Patch to change logrotate behavior when 'sharedscripts' is used | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Mateus César Gröess <mateuscg> | ||||
| Component: | logrotate | Assignee: | Peter Vrabec <pvrabec> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | ||||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2005-09-07 15:56:35 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 118479 [details]
Patch to change logrotate behavior when 'sharedscripts' is used
Important: with my changes, logrotate pass all 13 tests available in source code, BUT I have NOT tested with SELINUX (my distro is Slackware). I didn't change the location of SELINUX code, so there is a high possibility of bugs when compiled with SELINUX enabled. I'm not selinux expert, but it looks it might be allright. Thx. for patch. fixed in devel logrotate-3.7.2-3 I am worried about SELinux code with this patch. Before, pre-rotation, rotation and post-rotation steps were done in only one function, that was creating a SELinux context and closing it in the end. Now, there are functions for each of three steps. The first function (for pre-rotation) creates the SELinux context and the last (for post-rotation) free the context created. The problem is that if sharedscripts option is set, the first function is executed in a loop for each log file (before pre-rotation script, see first post). I don't know how SELinux works and don't know if this will result in contexts for each log or only one context is created and maybe other calls to create context will just return the context created before. Other problem is that the last function (for post-rotation) contains the code to free the SELinux context and is only called if no error was set by pre-rotation and rotation scripts. Also, if sharedscripts option is set, the last function is executed in a loop for each log file, as done with pre-rotation function, but the SELinux context is addressed by only one pointer, then if more than one context is created, only the last is addressed by the pointer. Peter, could you ask a SELinux expert to take a look in the code to tell if there is a problem? |
I have attached a patch to version 3.7.2 of logrotate that changes its behavior when 'sharedscripts' option is used. Before, when 'sharedscript' was used, logrotate ran in the following order: first action script prerotate script pre-rotation, rotation and post-rotation tasks for all logs postrotate script last action script The patch changes this behavior and make logrotate runs in the following order: first action script pre-rotation tasks for all logs prerotate script rotation tasks for all logs postrotate script post-rotation tasks for all logs last action script Then, it makes postrotate script runs before compression, by example, which really fixes two bugs already reported (both closed): https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=91588 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=139670 I would like to see this patch reviewed and applied in a official logrotate package, comments and changes are welcome.