BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458

2013-12-04 20:51:30 +11:00 · 2013-12-04 20:51:30 +11:00 · b5d6310d28
parent 3a5983ab0b
commit b5d6310d28
6 changed files with 20 additions and 2 deletions
--- a/2
+++ b/2
@ -20,6 +20,8 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
  - smtps not a IANA standard and has been removed from Arch. Replaced with
    465. Thanks Stefan. Closes gh-447
  - mysqld-syslog-iptables rule was too long. Part of gh-447.
  - add 'flushlogs' command to allow logrotation without clobbering logtarget
    settings. Closes gh-458, Debian bug #697333, Redhat bug #891798.
 - Enhancements:
  - long names on jails documented based on iptables limit of 30 less
--- a/client/beautifier.py
+++ b/client/beautifier.py
@ -63,6 +63,8 @@ class Beautifier:
 						msg = "Jail stopped"
 			elif inC[0] == "add":
 				msg = "Added jail " + response
 			elif inC[0] == "flushlogs":
 				msg = "logs: " + response
 			elif inC[0:1] == ['status']:
 				if len(inC) > 1:
 					# Create IP list
--- a/common/protocol.py
+++ b/common/protocol.py
@ -43,6 +43,7 @@ protocol = [
 ["get loglevel", "gets the logging level"], 
 ["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file"], 
 ["get logtarget", "gets logging target"], 
 ["flushlogs", "flushes the logtarget if a file and reopens it. For log rotation."], 
 ['', "JAIL CONTROL", ""],
 ["add <JAIL> <BACKEND>", "creates <JAIL> using <BACKEND>"], 
 ["start <JAIL>", "starts the jail <JAIL>"], 
--- a/files/fail2ban-logrotate
+++ b/files/fail2ban-logrotate
@ -13,6 +13,6 @@
    missingok
    compress
    postrotate
-      /usr/bin/fail2ban-client set logtarget /var/log/fail2ban.log 1>/dev/null || true
+      /usr/bin/fail2ban-client flushlogs  1>/dev/null || true
    endscript
 }
--- a/server/server.py
+++ b/server/server.py
@ -361,7 +361,7 @@ class Server:
 				# Target should be a file
 				try:
 					open(target, "a").close()
-					hdlr = logging.FileHandler(target)
+					hdlr = logging.handlers.RotatingFileHandler(target)
 				except IOError:
 					logSys.error("Unable to log to " + target)
 					logSys.info("Logging to previous target " + self.__logTarget)
@ -401,6 +401,17 @@ class Server:
 		finally:
 			self.__loggingLock.release()
 	def flushLogs(self):
 		if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG']:
 			for handler in logging.getLogger("fail2ban").handlers:
 				handler.doRollover()
 			return "rolled over"
 		else:
 			for handler in logging.getLogger("fail2ban").handlers:
 				handler.flush()
 			return "flushed"
 	def __createDaemon(self): # pragma: no cover
 		""" Detach a process from the controlling terminal and run it in the
 			background as a daemon.
--- a/server/transmitter.py
+++ b/server/transmitter.py
@ -92,6 +92,8 @@ class Transmitter:
 			value = command[1]
 			time.sleep(int(value))
 			return None
 		elif command[0] == "flushlogs":
 			return self.__server.flushLogs()
 		elif command[0] == "set":
 			return self.__commandSet(command[1:])
 		elif command[0] == "get":