Merge pull request #280 from yarikoptic/master

BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues
2013-07-07 08:33:55 -07:00 · 2013-07-07 08:33:55 -07:00 · 5f04b4954f
parent 619603fe05 e282d6b1c7
commit 5f04b4954f
7 changed files with 74 additions and 37 deletions
--- a/11
+++ b/11
@ -7,7 +7,7 @@
 Fail2Ban (version 0.8.10)                                             2013/06/12
 ================================================================================
-ver. 0.8.11 (2013/XX/XXX) - wanna-be-released
+ver. 0.8.11 (2013/XX/XXX) - loves-unittests
 -----------
 - Fixes:
@ -15,6 +15,15 @@ ver. 0.8.11 (2013/XX/XXX) - wanna-be-released
   * filter.d/common.conf -- make colon after [daemon] optional. Closes gh-267
   * filter.d/apache-common.conf -- support apache 2.4 more detailed error
     log format.  Closes gh-268
   * Backends changes detection and parsing. Close gh-223 and gh-103:
     - Polling backend: detect changes in the files not only based on
       mtime, but also on the size and inode.  It should allow for
       better detection of changes and log rotations on busy servers,
       older python 2.4, and file systems with precision of mtime only
       up to a second (e.g. ext3).
     - All backends, possible race condition: do not read from a file
       initially reported empty.  Originally could have lead to
       accounting for detected log lines multiple times.
  Daniel Black & Мернов Георгий
   * filter.d/dovecot.conf -- Fix when no TLS enabled - line doesn't end in ,
 - New Features:
--- a/2
+++ b/2
@ -79,7 +79,7 @@ logSys = logging.getLogger("fail2ban")
 verbosity = {'heavydebug': 4,
 			 'debug': 3,
 			 'info': 2,
-			 'warn': 1,
+			 'warning': 1,
 			 'error': 1,
 			 'fatal': 0,
 			 None: 1}[opts.log_level]
--- a/server/filter.py
+++ b/server/filter.py
@ -21,6 +21,8 @@ __author__ = "Cyril Jaquier and Fail2Ban Contributors"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav Halchenko"
 __license__ = "GPL"
 import sys
 from failmanager import FailManagerEmpty
 from failmanager import FailManager
 from ticket import FailTicket
@ -322,6 +324,7 @@ class Filter(JailThread):
 				logSys.debug("Ignore %s" % ip)
 				continue
 			logSys.debug("Found %s" % ip)
 			## print "D: Adding a ticket for %s" % ((ip, unixTime, [line]),)
 			self.failManager.addFailure(FailTicket(ip, unixTime, [line]))
 	##
@ -477,7 +480,7 @@ class FileFilter(Filter):
 			return False
 		# Try to open log file.
 		try:
-			container.open()
+			has_content = container.open()
 		# see http://python.org/dev/peps/pep-3151/
 		except IOError, e:
 			logSys.error("Unable to open %s" % filename)
@ -492,7 +495,12 @@ class FileFilter(Filter):
 			logSys.exception(e)
 			return False
-		while True:
+		# yoh: has_content is just a bool, so do not expect it to
 		# change -- loop is exited upon break, and is not entered at
 		# all if upon container opening that one was empty.  If we
 		# start reading tested to be empty container -- race condition
 		# might occur leading at least to tests failures.
 		while has_content:
 			line = container.readline()
 			if (line == "") or not self._isActive():
 				# The jail reached the bottom or has been stopped
@ -555,10 +563,20 @@ class FileContainer:
 		fd = self.__handler.fileno()
 		flags = fcntl.fcntl(fd, fcntl.F_GETFD)
 		fcntl.fcntl(fd, fcntl.F_SETFD, flags | fcntl.FD_CLOEXEC)
 		# Stat the file before even attempting to read it
 		stats = os.fstat(self.__handler.fileno())
 		if not stats.st_size:
 			# yoh: so it is still an empty file -- nothing should be
 			#      read from it yet
 			# print "D: no content -- return"
 			return False
 		firstLine = self.__handler.readline()
 		# Computes the MD5 of the first line.
 		myHash = md5sum(firstLine).digest()
-		stats = os.fstat(self.__handler.fileno())
+		## print "D: fn=%s hashes=%s/%s inos=%s/%s pos=%s rotate=%s" % (
 		## 	self.__filename, self.__hash, myHash, stats.st_ino, self.__ino, self.__pos,
 		## 	self.__hash != myHash or self.__ino != stats.st_ino)
 		## sys.stdout.flush()
 		# Compare hash and inode
 		if self.__hash != myHash or self.__ino != stats.st_ino:
 			logSys.debug("Log rotation detected for %s" % self.__filename)
@ -567,6 +585,7 @@ class FileContainer:
 			self.__pos = 0
 		# Sets the file pointer to the last position.
 		self.__handler.seek(self.__pos)
 		return True
 	def readline(self):
 		if self.__handler is None:
@ -580,6 +599,8 @@ class FileContainer:
 			# Closes the file.
 			self.__handler.close()
 			self.__handler = None
 		## print "D: Closed %s with pos %d" % (handler, self.__pos)
 		## sys.stdout.flush()
@ -602,9 +623,9 @@ class DNSUtils:
 		"""
 		try:
 			return socket.gethostbyname_ex(dns)[2]
-		except socket.gaierror:
+		except socket.error, e:
-			logSys.warn("Unable to find a corresponding IP address for %s"
+			logSys.warn("Unable to find a corresponding IP address for %s: %s"
-						% dns)
+						% (dns, e))
 			return list()
 	dnsToIp = staticmethod(dnsToIp)
--- a/server/filterpoll.py
+++ b/server/filterpoll.py
@ -52,7 +52,7 @@ class FilterPoll(FileFilter):
 		FileFilter.__init__(self, jail)
 		self.__modified = False
 		## The time of the last modification of the file.
-		self.__lastModTime = dict()
+		self.__prevStats = dict()
 		self.__file404Cnt = dict()
 		logSys.debug("Created FilterPoll")
@ -62,7 +62,7 @@ class FilterPoll(FileFilter):
 	# @param path log file path
 	def _addLogPath(self, path):
-		self.__lastModTime[path] = 0
+		self.__prevStats[path] = (0, None, None)	 # mtime, ino, size
 		self.__file404Cnt[path] = 0
 	##
@ -71,7 +71,7 @@ class FilterPoll(FileFilter):
 	# @param path the log file to delete
 	def _delLogPath(self, path):
-		del self.__lastModTime[path]
+		del self.__prevStats[path]
 		del self.__file404Cnt[path]
 	##
@ -84,6 +84,9 @@ class FilterPoll(FileFilter):
 	def run(self):
 		self.setActive(True)
 		while self._isActive():
 			if logSys.getEffectiveLevel() <= 6:
 				logSys.log(6, "Woke up idle=%s with %d files monitored",
 						   self.getIdle(), len(self.getLogPath()))
 			if not self.getIdle():
 				# Get file modification
 				for container in self.getLogPath():
@ -118,12 +121,20 @@ class FilterPoll(FileFilter):
 	def isModified(self, filename):
 		try:
 			logStats = os.stat(filename)
 			stats = logStats.st_mtime, logStats.st_ino, logStats.st_size
 			pstats = self.__prevStats[filename]
 			self.__file404Cnt[filename] = 0
-			if self.__lastModTime[filename] == logStats.st_mtime:
+			if logSys.getEffectiveLevel() <= 7:
 				# we do not want to waste time on strftime etc if not necessary
 				dt = logStats.st_mtime - pstats[0]
 				logSys.log(7, "Checking %s for being modified. Previous/current stats: %s / %s. dt: %s",
 				           filename, pstats, stats, dt)
 				# os.system("stat %s | grep Modify" % filename)
 			if pstats == stats:
 				return False
 			else:
-				logSys.debug(filename + " has been modified")
+				logSys.debug("%s has been modified", filename)
-				self.__lastModTime[filename] = logStats.st_mtime
+				self.__prevStats[filename] = stats
 				return True
 		except OSError, e:
 			logSys.error("Unable to get stat on %s because of: %s"
--- a/server/jailthread.py
+++ b/server/jailthread.py
@ -56,7 +56,7 @@ class JailThread(Thread):
 	def setSleepTime(self, value):
 		self.__sleepTime = value
-		logSys.info("Set sleeptime = " + value)
+		logSys.info("Set sleeptime %s" % value)
 	##
 	# Get the time that the thread sleeps.
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@ -39,6 +39,8 @@ from server.failmanager import FailManagerEmpty
 # Useful helpers
 #
 from utils import mtimesleep
 # yoh: per Steven Hiscocks's insight while troubleshooting
 # https://github.com/fail2ban/fail2ban/issues/103#issuecomment-15542836
 # adding a sufficiently large buffer might help to guarantee that
@ -68,18 +70,6 @@ def _killfile(f, name):
 		_killfile(None, name + '.bak')
 def _sleep_4_poll():
 	"""PollFilter relies on file timestamps - so we might need to
 	sleep to guarantee that they differ
 	"""
 	if sys.version_info[:2] <= (2,4):
 		# on old Python st_mtime is int, so we should give
 		# at least 1 sec so polling filter could detect
 		# the change
 		time.sleep(1.)
 	else:
 		time.sleep(0.1)
 def _assert_equal_entries(utest, found, output, count=None):
 	"""Little helper to unify comparisons with the target entries
@ -119,10 +109,9 @@ def _copy_lines_between_files(fin, fout, n=None, skip=0, mode='a', terminal_line
 	Returns open fout
 	"""
-	if sys.version_info[:2] <= (2,4): # pragma: no cover
+	# on older Pythons and on some FSs st_mtime is int, so we should
-		# on old Python st_mtime is int, so we should give at least 1 sec so
+	# give it some time so polling filter could detect the change
-		# polling filter could detect the change
+	mtimesleep()
 		time.sleep(1)
 	if isinstance(fin, str): # pragma: no branch - only used with str in test cases
 		fin = open(fin, 'r')
 	# Skip
@ -237,14 +226,14 @@ class LogFileMonitor(unittest.TestCase):
 		# but not any longer
 		self.assertTrue(self.notModified())
 		self.assertTrue(self.notModified())
-		_sleep_4_poll()				# to guarantee freshier mtime
+		mtimesleep()				# to guarantee freshier mtime
 		for i in range(4):			  # few changes
 			# unless we write into it
 			self.file.write("line%d\n" % i)
 			self.file.flush()
 			self.assertTrue(self.isModified())
 			self.assertTrue(self.notModified())
-			_sleep_4_poll()				# to guarantee freshier mtime
+			mtimesleep()				# to guarantee freshier mtime
 		os.rename(self.name, self.name + '.old')
 		# we are not signaling as modified whenever
 		# it gets away
@ -252,7 +241,7 @@ class LogFileMonitor(unittest.TestCase):
 		f = open(self.name, 'a')
 		self.assertTrue(self.isModified())
 		self.assertTrue(self.notModified())
-		_sleep_4_poll()
+		mtimesleep()
 		f.write("line%d\n" % i)
 		f.flush()
 		self.assertTrue(self.isModified())
@ -398,7 +387,7 @@ def get_monitor_failures_testcase(Filter_):
 			# actions might be happening too fast in the tests,
 			# sleep a bit to guarantee reliable time stamps
 			if isinstance(self.filter, FilterPoll):
-				_sleep_4_poll()
+				mtimesleep()
 		def isEmpty(self, delay=0.4):
 			# shorter wait time for not modified status
@ -458,7 +447,9 @@ def get_monitor_failures_testcase(Filter_):
 			self.file = _copy_lines_between_files(GetFailures.FILENAME_01, self.name,
 												  n=14, mode='w')
 			# Poll might need more time
-			self.assertTrue(self.isEmpty(4 + int(isinstance(self.filter, FilterPoll))*2))
+			self.assertTrue(self.isEmpty(4 + int(isinstance(self.filter, FilterPoll))*2),
 							"Queue must be empty but it is not: %s."
 							% (', '.join([str(x) for x in self.jail.queue])))
 			self.assertRaises(FailManagerEmpty, self.filter.failManager.toBan)
 			self.assertEqual(self.filter.failManager.getFailTotal(), 2)
--- a/testcases/utils.py
+++ b/testcases/utils.py
@ -22,7 +22,7 @@ __author__ = "Yaroslav Halchenko"
 __copyright__ = "Copyright (c) 2013 Yaroslav Halchenko"
 __license__ = "GPL"
-import logging, os, re, traceback
+import logging, os, re, tempfile, sys, time, traceback
 from os.path import basename, dirname
 #
@ -100,3 +100,8 @@ class FormatterWithTraceBack(logging.Formatter):
 	def format(self, record):
 		record.tbc = record.tb = self._tb()
 		return logging.Formatter.format(self, record)
 def mtimesleep():
 	# no sleep now should be necessary since polling tracks now not only
 	# mtime but also ino and size
 	pass