diff --git a/Cargo.lock b/Cargo.lock index e6fca4c0523..01e4d03e1f4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5477,9 +5477,9 @@ dependencies = [ [[package]] name = "logroller" -version = "0.1.6" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8dd932139da44917b3cd5812ed9536d985aa67203778e0507347579499f49c" +checksum = "90536db32a1cb3672665cdf3269bf030b0f395fabee863895c27b75b9f7a8a7d" dependencies = [ "chrono", "flate2", diff --git a/Cargo.toml b/Cargo.toml index de5d6b541ef..2e7b9180a2f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -153,7 +153,7 @@ hyper = "1" itertools = "0.10" libsecp256k1 = "0.7" log = "0.4" -logroller = "0.1.4" +logroller = "0.1.8" lru = "0.12" maplit = "1" milhouse = "0.5" diff --git a/common/logging/src/tracing_libp2p_discv5_logging_layer.rs b/common/logging/src/tracing_libp2p_discv5_logging_layer.rs index 90033d11ad7..ef472ddc527 100644 --- a/common/logging/src/tracing_libp2p_discv5_logging_layer.rs +++ b/common/logging/src/tracing_libp2p_discv5_logging_layer.rs @@ -59,6 +59,7 @@ impl tracing_core::field::Visit for LogMessageExtractor { pub fn create_libp2p_discv5_tracing_layer( base_tracing_log_path: Option, max_log_size: u64, + file_mode: u32, ) -> Option { if let Some(mut tracing_log_path) = base_tracing_log_path { // Ensure that `tracing_log_path` only contains directories. @@ -75,12 +76,14 @@ pub fn create_libp2p_discv5_tracing_layer( let libp2p_writer = LogRollerBuilder::new(tracing_log_path.clone(), PathBuf::from("libp2p.log")) .rotation(Rotation::SizeBased(RotationSize::MB(max_log_size))) - .max_keep_files(1); + .max_keep_files(1) + .file_mode(file_mode); let discv5_writer = LogRollerBuilder::new(tracing_log_path.clone(), PathBuf::from("discv5.log")) .rotation(Rotation::SizeBased(RotationSize::MB(max_log_size))) - .max_keep_files(1); + .max_keep_files(1) + .file_mode(file_mode); let libp2p_writer = match libp2p_writer.build() { Ok(writer) => writer, diff --git a/lcli/src/main.rs b/lcli/src/main.rs index 05f4900c468..105100aeb16 100644 --- a/lcli/src/main.rs +++ b/lcli/src/main.rs @@ -675,6 +675,7 @@ fn run(env_builder: EnvironmentBuilder, matches: &ArgMatches) -> extra_info: false, }, "", + 0o600, ); let env = env_builder diff --git a/lighthouse/environment/src/lib.rs b/lighthouse/environment/src/lib.rs index 9b0284e06d4..a66b7e128f4 100644 --- a/lighthouse/environment/src/lib.rs +++ b/lighthouse/environment/src/lib.rs @@ -26,14 +26,7 @@ use types::{EthSpec, GnosisEthSpec, MainnetEthSpec, MinimalEthSpec}; #[cfg(target_family = "unix")] use { futures::Future, - std::{ - fs::{read_dir, set_permissions, Permissions}, - os::unix::fs::PermissionsExt, - path::Path, - pin::Pin, - task::Context, - task::Poll, - }, + std::{pin::Pin, task::Context, task::Poll}, tokio::signal::unix::{signal, Signal, SignalKind}, }; @@ -208,6 +201,7 @@ impl EnvironmentBuilder { mut self, config: LoggerConfig, logfile_prefix: &str, + file_mode: u32, ) -> ( Self, LoggingLayer, @@ -220,9 +214,6 @@ impl EnvironmentBuilder { _ => logfile_prefix, }; - #[cfg(target_family = "unix")] - let file_mode = if config.is_restricted { 0o600 } else { 0o644 }; - let file_logging_layer = match config.path { None => { eprintln!("No logfile path provided, logging to file is disabled"); @@ -239,7 +230,8 @@ impl EnvironmentBuilder { .max_keep_files(config.max_log_number.try_into().unwrap_or_else(|e| { eprintln!("Failed to convert max_log_number to u64: {}", e); 10 - })); + })) + .file_mode(file_mode); if config.compression { appender = appender.compression(Compression::Gzip); @@ -247,9 +239,6 @@ impl EnvironmentBuilder { match appender.build() { Ok(file_appender) => { - #[cfg(target_family = "unix")] - set_logfile_permissions(&path, filename_prefix, file_mode); - let (writer, guard) = tracing_appender::non_blocking(file_appender); Some(LoggingLayer::new( writer, @@ -543,37 +532,3 @@ impl Future for SignalFuture { } } } - -#[cfg(target_family = "unix")] -fn set_logfile_permissions(log_dir: &Path, filename_prefix: &str, file_mode: u32) { - let newest = read_dir(log_dir) - .ok() - .into_iter() - .flat_map(|entries| entries.filter_map(Result::ok)) - .filter_map(|entry| { - let path = entry.path(); - let fname = path.file_name()?.to_string_lossy(); - if path.is_file() && fname.starts_with(filename_prefix) && fname.ends_with(".log") { - let modified = entry.metadata().ok()?.modified().ok()?; - Some((path, modified)) - } else { - None - } - }) - .max_by_key(|(_path, mtime)| *mtime); - - match newest { - Some((file, _mtime)) => { - if let Err(e) = set_permissions(&file, Permissions::from_mode(file_mode)) { - eprintln!("Failed to set permissions on {}: {}", file.display(), e); - } - } - None => { - eprintln!( - "Couldn't find a newly created logfile in {} matching prefix \"{}\".", - log_dir.display(), - filename_prefix - ); - } - } -} diff --git a/lighthouse/environment/src/tracing_common.rs b/lighthouse/environment/src/tracing_common.rs index dd9fe45cadf..90395da67c5 100644 --- a/lighthouse/environment/src/tracing_common.rs +++ b/lighthouse/environment/src/tracing_common.rs @@ -33,8 +33,14 @@ pub fn construct_logger( let subcommand_name = matches.subcommand_name(); let logfile_prefix = subcommand_name.unwrap_or("lighthouse"); + let file_mode = if logger_config.is_restricted { + 0o600 + } else { + 0o644 + }; + let (builder, stdout_logging_layer, file_logging_layer, sse_logging_layer_opt) = - environment_builder.init_tracing(logger_config.clone(), logfile_prefix); + environment_builder.init_tracing(logger_config.clone(), logfile_prefix, file_mode); let libp2p_discv5_layer = if let Some(subcommand_name) = subcommand_name { if subcommand_name == "beacon_node" || subcommand_name == "boot_node" { @@ -45,6 +51,7 @@ pub fn construct_logger( create_libp2p_discv5_tracing_layer( logger_config.path.clone(), logger_config.max_log_size, + file_mode, ) } } else {