|
|
cf0866 |
From 7b8acecd7393deba2411192d3f04778a2a4325c5 Mon Sep 17 00:00:00 2001
|
|
|
cf0866 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
cf0866 |
Date: Mon, 14 Jun 2021 11:38:21 -0400
|
|
|
cf0866 |
Subject: [PATCH] Add log files to the set of files checked for
|
|
|
cf0866 |
owner/group/mode
|
|
|
cf0866 |
|
|
|
cf0866 |
Extend the list of files to be checked to include most IPA service
|
|
|
cf0866 |
log files.
|
|
|
cf0866 |
|
|
|
cf0866 |
https://bugzilla.redhat.com/show_bug.cgi?id=1780020
|
|
|
cf0866 |
|
|
|
cf0866 |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
cf0866 |
---
|
|
|
cf0866 |
src/ipahealthcheck/ipa/files.py | 62 +++++++++++++++++++++++++++++++++
|
|
|
cf0866 |
1 file changed, 62 insertions(+)
|
|
|
cf0866 |
|
|
|
cf0866 |
diff --git a/src/ipahealthcheck/ipa/files.py b/src/ipahealthcheck/ipa/files.py
|
|
|
cf0866 |
index ae74c38..abfa52f 100644
|
|
|
cf0866 |
--- a/src/ipahealthcheck/ipa/files.py
|
|
|
cf0866 |
+++ b/src/ipahealthcheck/ipa/files.py
|
|
|
cf0866 |
@@ -2,6 +2,7 @@
|
|
|
cf0866 |
# Copyright (C) 2019 FreeIPA Contributors see COPYING for license
|
|
|
cf0866 |
#
|
|
|
cf0866 |
|
|
|
cf0866 |
+import glob
|
|
|
cf0866 |
import logging
|
|
|
cf0866 |
import os
|
|
|
cf0866 |
|
|
|
cf0866 |
@@ -95,6 +96,67 @@ class IPAFileCheck(IPAPlugin, FileCheck):
|
|
|
cf0866 |
self.files.append((paths.RESOLV_CONF, 'root', 'root', '0644'))
|
|
|
cf0866 |
self.files.append((paths.HOSTS, 'root', 'root', '0644'))
|
|
|
cf0866 |
|
|
|
cf0866 |
+ # IPA log files that may vary by installation. Only verify
|
|
|
cf0866 |
+ # those that exist
|
|
|
cf0866 |
+ for filename in (
|
|
|
cf0866 |
+ paths.IPABACKUP_LOG,
|
|
|
cf0866 |
+ paths.IPARESTORE_LOG,
|
|
|
cf0866 |
+ paths.IPACLIENT_INSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPACLIENT_UNINSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPAREPLICA_CA_INSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPAREPLICA_CONNCHECK_LOG,
|
|
|
cf0866 |
+ paths.IPAREPLICA_INSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPASERVER_INSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPASERVER_KRA_INSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPASERVER_UNINSTALL_LOG,
|
|
|
cf0866 |
+ paths.IPAUPGRADE_LOG,
|
|
|
cf0866 |
+ paths.IPATRUSTENABLEAGENT_LOG,
|
|
|
cf0866 |
+ ):
|
|
|
cf0866 |
+ if os.path.exists(filename):
|
|
|
cf0866 |
+ self.files.append((filename, 'root', 'root', '0600'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ self.files.append((paths.IPA_CUSTODIA_AUDIT_LOG,
|
|
|
cf0866 |
+ 'root', 'root', '0644'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ self.files.append((paths.KADMIND_LOG, 'root', 'root', '0600'))
|
|
|
cf0866 |
+ self.files.append((paths.KRB5KDC_LOG, 'root', 'root', '0640'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ inst = api.env.realm.replace('.', '-')
|
|
|
cf0866 |
+ self.files.append((paths.SLAPD_INSTANCE_ACCESS_LOG_TEMPLATE % inst,
|
|
|
cf0866 |
+ 'dirsrv', 'dirsrv', '0600'))
|
|
|
cf0866 |
+ self.files.append((paths.SLAPD_INSTANCE_ERROR_LOG_TEMPLATE % inst,
|
|
|
cf0866 |
+ 'dirsrv', 'dirsrv', '0600'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ self.files.append((paths.VAR_LOG_HTTPD_ERROR, 'root', 'root', '0644'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for globpath in glob.glob("%s/debug*.log" % paths.TOMCAT_CA_DIR):
|
|
|
cf0866 |
+ self.files.append((globpath, "pkiuser", "pkiuser", "0644"))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for globpath in glob.glob(
|
|
|
cf0866 |
+ "%s/ca_audit*" % paths.TOMCAT_SIGNEDAUDIT_DIR
|
|
|
cf0866 |
+ ):
|
|
|
cf0866 |
+ self.files.append((globpath, 'pkiuser', 'pkiuser', '0640'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for filename in ('selftests.log', 'system', 'transactions'):
|
|
|
cf0866 |
+ self.files.append((
|
|
|
cf0866 |
+ os.path.join(paths.TOMCAT_CA_DIR, filename),
|
|
|
cf0866 |
+ 'pkiuser', 'pkiuser', '0640'
|
|
|
cf0866 |
+ ))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for globpath in glob.glob("%s/debug*.log" % paths.TOMCAT_KRA_DIR):
|
|
|
cf0866 |
+ self.files.append((globpath, "pkiuser", "pkiuser", "0644"))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for globpath in glob.glob(
|
|
|
cf0866 |
+ "%s/ca_audit*" % paths.TOMCAT_KRA_SIGNEDAUDIT_DIR
|
|
|
cf0866 |
+ ):
|
|
|
cf0866 |
+ self.files.append((globpath, 'pkiuser', 'pkiuser', '0640'))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
+ for filename in ('selftests.log', 'system', 'transactions'):
|
|
|
cf0866 |
+ self.files.append((
|
|
|
cf0866 |
+ os.path.join(paths.TOMCAT_KRA_DIR, filename),
|
|
|
cf0866 |
+ 'pkiuser', 'pkiuser', '0640'
|
|
|
cf0866 |
+ ))
|
|
|
cf0866 |
+
|
|
|
cf0866 |
return FileCheck.check(self)
|
|
|
cf0866 |
|
|
|
cf0866 |
|
|
|
cf0866 |
--
|
|
|
cf0866 |
2.26.3
|
|
|
cf0866 |
|