This commit is contained in:
Tomas Smetana 2007-05-23 12:05:19 +00:00
parent d39149986b
commit c06a6ee6c9
4 changed files with 238 additions and 1 deletions

View File

@ -0,0 +1,11 @@
--- logrotate-3.7.5/config.c.cfengine 2007-05-14 14:18:44.000000000 +0200
+++ logrotate-3.7.5/config.c 2007-05-14 14:19:06.000000000 +0200
@@ -31,7 +31,7 @@
#endif
static char *defTabooExts[] = { ".rpmsave", ".rpmorig", "~", ",v",
- ".rpmnew", ".swp"
+ ".rpmnew", ".swp", ".cfsaved"
};
static int defTabooCount = sizeof(defTabooExts) / sizeof(char *);

View File

@ -0,0 +1,12 @@
--- logrotate-3.7.5/examples/logrotate-default.date 2007-05-16 16:36:06.000000000 +0200
+++ logrotate-3.7.5/examples/logrotate-default 2007-05-16 16:36:50.000000000 +0200
@@ -8,6 +8,9 @@
# create new (empty) log files after rotating old ones
create
+# use date as a suffix of rotated file
+dateext
+
# uncomment this if you want your log files compressed
#compress

201
logrotate-3.7.5-shred.patch Normal file
View File

@ -0,0 +1,201 @@
--- logrotate-3.7.5/logrotate.h.shred 2007-05-14 09:25:50.000000000 +0200
+++ logrotate-3.7.5/logrotate.h 2007-05-14 10:27:48.000000000 +0200
@@ -16,6 +16,7 @@
#define LOG_FLAG_SHAREDSCRIPTS (1 << 7)
#define LOG_FLAG_COPY (1 << 8)
#define LOG_FLAG_DATEEXT (1 << 9)
+#define LOG_FLAG_SHRED (1 << 10)
#define NO_MODE ((mode_t) -1)
#define NO_UID ((uid_t) -1)
@@ -44,6 +45,7 @@
char *uncompress_prog;
char *compress_ext;
int flags;
+ int shred_cycles; /* if !=0, pass -n shred_cycles to GNU shred */
mode_t createMode; /* if any/all of these are -1, we use the */
uid_t createUid; /* attributes from the log file just rotated */
gid_t createGid;
--- logrotate-3.7.5/logrotate.c.shred 2007-05-14 09:25:30.000000000 +0200
+++ logrotate-3.7.5/logrotate.c 2007-05-14 10:35:41.000000000 +0200
@@ -53,6 +53,8 @@
char *mailCommand = DEFAULT_MAIL_COMMAND;
time_t nowSecs = 0;
+static int shred_file(char * filename, logInfo *log);
+
static int globerr(const char *pathname, int theerr)
{
message(MESS_ERROR, "error accessing %s: %s\n", pathname,
@@ -188,11 +190,54 @@
return fd;
}
-static int removeLogFile(char *name)
+#define SHRED_CALL "shred -u "
+#define SHRED_COUNT_FLAG "-n "
+#define DIGITS 10
+/* unlink, but try to call shred from GNU fileutils */
+static int shred_file(char * filename, logInfo *log)
+{
+ int len, ret;
+ char *cmd;
+ char count[DIGITS]; /* that's a lot of shredding :) */
+
+ if (!(log->flags & LOG_FLAG_SHRED)) {
+ return unlink(filename);
+ }
+
+ len = strlen(filename) + strlen(SHRED_CALL);
+ len += strlen(SHRED_COUNT_FLAG) + DIGITS;
+ cmd = malloc(len);
+
+ if (!cmd) {
+ message(MESS_ERROR, "malloc error while shredding");
+ return unlink(filename);
+ }
+ strcpy(cmd, SHRED_CALL);
+ if (log->shred_cycles != 0) {
+ strcat(cmd, SHRED_COUNT_FLAG);
+ snprintf(count, DIGITS - 1, "%d", log->shred_cycles);
+ strcat(count, " ");
+ strcat(cmd, count);
+ }
+ strcat(cmd, filename);
+ ret = system(cmd);
+ free(cmd);
+ if (ret != 0) {
+ message(MESS_ERROR, "Failed to shred %s\n, trying unlink", filename);
+ if (ret != -1) {
+ message(MESS_NORMAL, "Shred returned %d\n", ret);
+ }
+ return unlink(filename);
+ } else {
+ return ret;
+ }
+}
+
+static int removeLogFile(char *name, logInfo *log)
{
message(MESS_DEBUG, "removing old log %s\n", name);
- if (!debug && unlink(name)) {
+ if (!debug && shred_file(name, log)) {
message(MESS_ERROR, "Failed to remove old log %s: %s\n",
name, strerror(errno));
return 1;
@@ -255,7 +300,7 @@
return 1;
}
- unlink(name);
+ shred_file(name, log);
return 0;
}
@@ -697,7 +742,7 @@
mailCommand, logNum,
log);
if (!hasErrors)
- hasErrors = removeLogFile(mailFilename);
+ hasErrors = removeLogFile(mailFilename, log);
}
mail_out = i;
}
@@ -737,7 +782,7 @@
mailLogWrapper(mailFilename, mailCommand,
logNum, log);
if (!hasErrors)
- hasErrors = removeLogFile(mailFilename);
+ hasErrors = removeLogFile(mailFilename, log);
}
}
}
@@ -954,7 +999,7 @@
}
if (!hasErrors && rotNames->disposeName)
- hasErrors = removeLogFile(rotNames->disposeName);
+ hasErrors = removeLogFile(rotNames->disposeName, log);
#ifdef WITH_SELINUX
if (selinux_enabled) {
--- logrotate-3.7.5/logrotate.8.shred 2007-05-14 09:26:02.000000000 +0200
+++ logrotate-3.7.5/logrotate.8 2007-05-14 10:42:16.000000000 +0200
@@ -330,6 +330,10 @@
not be executed for the affected log only.
.TP
+\fBnoshred\fR
+Do not use \fBshred\fR when deleting old log files. See also \fBshred\fR.
+
+.TP
\fBnotifempty\fR
Do not rotate the log if it is empty (this overrides the \fBifempty\fR option).
@@ -403,6 +407,16 @@
actions will not be executed for any logs. This option overrides the
\fBnosharedscripts\fR option and implies \fBcreate\fR option.
+.TP
+\fBshred\fR
+Delete log files using \fBshred\fR -u instead of unlink(). This should
+ensure that logs are not readable after their scheduled deletion; this is
+off by default. See also \fBnoshred\fR.
+
+.TP
+\fBshredcycles\fR \fIcount\fR
+Asks GNU \fBshred\fR to overwite log files \fBcount\fR times before
+deletion. Without this option, \fBshred\fR's default will be used.
.TP
\fBstart \fIcount\fR
--- logrotate-3.7.5/config.c.shred 2007-05-14 09:26:42.000000000 +0200
+++ logrotate-3.7.5/config.c 2007-05-14 10:32:37.000000000 +0200
@@ -432,6 +432,7 @@
/* uncompress_prog */ NULL,
/* compress_ext */ NULL,
/* flags */ LOG_FLAG_IFEMPTY,
+ /* shred_cycles */ 0,
/* createMode/Uid/Gid */ NO_MODE, NO_UID, NO_GID,
/* compress_options_list/count */ NULL, 0
};
@@ -638,6 +639,14 @@
newlog->flags &= ~LOG_FLAG_DELAYCOMPRESS;
*endtag = oldchar, start = endtag;
+ } else if (!strcmp(start, "shred")) {
+ newlog->flags |= LOG_FLAG_SHRED;
+
+ *endtag = oldchar, start = endtag;
+ } else if (!strcmp(start, "noshred")) {
+ newlog->flags &= ~LOG_FLAG_SHRED;
+
+ *endtag = oldchar, start = endtag;
} else if (!strcmp(start, "sharedscripts")) {
newlog->flags |= LOG_FLAG_SHAREDSCRIPTS;
@@ -833,7 +842,22 @@
*endtag = oldchar, start = endtag;
}
#endif
- } else if (!strcmp(start, "daily")) {
+ } else if (!strcmp(start, "shredcycles")) {
+ *endtag = oldchar, start = endtag;
+
+ if (!isolateValue(configFile, lineNum, "shred cycles",
+ &start, &endtag)) {
+ oldchar = *endtag, *endtag = '\0';
+
+ newlog->shred_cycles = strtoul(start, &chptr, 0);
+ if (*chptr || newlog->shred_cycles < 0) {
+ message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n",
+ configFile, lineNum, start);
+ return 1;
+ }
+ *endtag = oldchar, start = endtag;
+ }
+ } else if (!strcmp(start, "daily")) {
*endtag = oldchar, start = endtag;
newlog->criterium = ROT_DAYS;

View File

@ -1,7 +1,7 @@
Summary: Rotates, compresses, removes and mails system log files
Name: logrotate
Version: 3.7.5
Release: 3%{?dist}
Release: 4%{?dist}
License: GPL
Group: System Environment/Base
# The source for this package was pulled from cvs.
@ -13,6 +13,10 @@ Group: System Environment/Base
# make create-archive
Source: logrotate-%{version}.tar.gz
Patch1: logrotate-3.7.5-errorHandling.patch
Patch2: logrotate-3.7.5-shred.patch
Patch3: logrotate-3.7.5-cfengine.patch
Patch4: logrotate-3.7.5-date.patch
Requires: coreutils >= 5.92
BuildRequires: libselinux-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -30,6 +34,9 @@ log files on your system.
%prep
%setup -q
%patch1 -p1 -b .errorHandling
%patch2 -p1 -b .shred
%patch3 -p1 -b .cfengine
%patch4 -p1 -b .dateext
%build
make %{?_smp_mflags} RPM_OPT_FLAGS="$RPM_OPT_FLAGS" WITH_SELINUX=yes
@ -59,6 +66,12 @@ rm -rf $RPM_BUILD_ROOT
%attr(0644, root, root) %verify(not size md5 mtime) %config(noreplace) %{_localstatedir}/lib/logrotate.status
%changelog
* Wed May 23 2007 Tomas Smetana <tsmetana@redhat.com> 3.7.5-4
- use dateext in the default config file (#240292)
- add options to use shred for deleting files -- adapt patch sent by
Peter Eckersley <pde@eff.org> (#239934)
- ignore .cfsaved files by default (#223476)
* Sat Mar 31 2007 Peter Vrabec <pvrabec@redhat.com> 3.7.5-3
- add error checking before running prerotate and postrotate scripts