Bug 1650543 - Excessive logging of OpenScap report via Rails
Summary: Excessive logging of OpenScap report via Rails
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Logging
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
high
high vote
Target Milestone: Released
Assignee: satellite6-bugs
QA Contact: Stephen Wadeley
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-16 13:09 UTC by Lukas Zapletal
Modified: 2019-10-07 17:18 UTC (History)
12 users (show)

Fixed In Version: tfm-rubygem-foreman_openscap-0.11.0-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-05-14 12:38:50 UTC


Attachments (Terms of Use)
downloading scap content with debug logs xml (193.94 KB, image/png)
2019-01-03 08:41 UTC, Ondřej Pražák
no flags Details


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:1222 None None None 2019-05-14 12:38:58 UTC
Foreman Issue Tracker 21127 None None None 2018-11-19 08:45:01 UTC
Foreman Issue Tracker 25482 None None None 2018-11-16 13:13:48 UTC

Comment 1 Lukas Zapletal 2018-11-16 13:13:46 UTC
Created redmine issue https://projects.theforeman.org/issues/25482 from this bug

Comment 2 Lukas Zapletal 2018-11-16 13:58:46 UTC
Hotfixing an existing instance is easy, just add the two new files into /usr/share/foreman and restart httpd:

https://github.com/theforeman/foreman/pull/6252/files

Comment 5 Lukas Zapletal 2018-11-16 14:50:03 UTC
The issue https://projects.theforeman.org/issues/21127 is somehow related but a different bug actually.

Comment 6 Lukas Zapletal 2018-11-19 08:45:01 UTC
REL-ENG: There are two possible solutions:

1) Patch in core

2) Patch only for OpenSCAP plugin

I don't know yet which one gets merged upstream, cherry pick one or another please. It is possible that both are accepted as well, in that case only merge the OpenSCAP one.

Comment 7 Lukas Zapletal 2018-11-19 11:08:18 UTC
Please cherry pick the OpenSCAP patch only:

https://projects.theforeman.org/issues/21127

Let's keep the changes in core upstream only.

Comment 8 Evgeni Golov 2018-11-19 15:12:22 UTC
(In reply to Lukas Zapletal from comment #7)
> Please cherry pick the OpenSCAP patch only:
> 
> https://projects.theforeman.org/issues/21127
> 
> Let's keep the changes in core upstream only.

Just to double check, pulling in https://projects.theforeman.org/issues/21127 (which already have, as we have foreman_openscap 0.11.1) is sufficient to fix this BZ?

If it is, then I think the other redmine issue should be unlinked here.

Comment 9 Lukas Zapletal 2018-11-20 08:39:28 UTC
Yes, for 6.5 the bug is actually fixed (foreman_openscap 0.11.0 or older).

For 6.4 we need to cherry pick. I guess we can remove the ACK for 6.5? Not sure what is the process in this case.

Comment 10 Evgeni Golov 2018-11-20 16:42:19 UTC
Cool, so marking as built in 6.5

For 6.4, someone (Mike?) will need to clone this properly, as this BZ is for 6.5.

Comment 16 Ondřej Pražák 2019-01-03 08:40:34 UTC
There are 2 endpoints with excessive logging: 

* uploading reports to server as originally reported here by lzap.
Reproducer is to upload a report by running foreman_scap_client and observe the foreman logs. Large amount of data should no longer be seen in logs when report is uploaded.

* downloading scap content as xml
change logging level to debug
download scap content as xml - there should be no xml in logs

I expect both of these to be fixed, though the second one is not too critical for production, because the logging is on info level by default.

Comment 17 Ondřej Pražák 2019-01-03 08:41:22 UTC
Created attachment 1518095 [details]
downloading scap content with debug logs xml

Comment 27 Lukas Zapletal 2019-04-24 14:34:12 UTC
For googlers:

There is actually a possible workaround for Satellite 6.4, a patch which I created for Rails and then for Foreman which sends all parameter logs into separate logger called "params" which can be then disabled. However the patch did not make it both into Rails or Foreman and Satellite 6.5 already contains a different solution for OpenSCAP. But the patch is easy to apply:

https://github.com/theforeman/foreman/pull/6252/files

Comment 30 errata-xmlrpc 2019-05-14 12:38:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:1222


Note You need to log in before you can comment on or make changes to this bug.