tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changed console and audit log locations

This commit is contained in:
alejandro-campos 2020-06-08 10:48:48 +02:00
parent 6cf96a0fad
commit ab61cf1fc5
18 changed files with 148 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/.gitignore vendored
View File

@ -6,7 +6,9 @@ attachment/collection
attachment/files_repo attachment/files_repo
include/config.php include/config.php
pandora_console.log pandora_console.log
log/console.log
enterprise enterprise
*.bak *.bak
audit.log audit.log
log/audit.log
install_old.php install_old.php

6
pandora_console/extensions/pandora_logs.php
View File

@ -69,7 +69,11 @@ function pandoralogs_extension_main()
$logs_directory = (!empty($config['server_log_dir'])) ? io_safe_output($config['server_log_dir']) : '/var/log/pandora'; $logs_directory = (!empty($config['server_log_dir'])) ? io_safe_output($config['server_log_dir']) : '/var/log/pandora';
view_logfile($config['homedir'].'/pandora_console.log'); // Do not attempt to show console log if disabled.
if ($config['console_log_enabled']) {
view_logfile($config['homedir'].'/log/console.log');
}
view_logfile($logs_directory.'/pandora_server.log'); view_logfile($logs_directory.'/pandora_server.log');
view_logfile($logs_directory.'/pandora_server.error'); view_logfile($logs_directory.'/pandora_server.error');
} }

9
pandora_console/godmode/setup/setup_general.php
View File

@ -329,15 +329,18 @@ $table->data[$i++][1] = html_print_input_text(
$table->data[$i][0] = __('Include agents manually disabled'); $table->data[$i][0] = __('Include agents manually disabled');
$table->data[$i++][1] = html_print_checkbox_switch('include_agents', 1, $config['include_agents'], true); $table->data[$i++][1] = html_print_checkbox_switch('include_agents', 1, $config['include_agents'], true);
$table->data[$i][0] = __('Audit log directory');
$table->data[$i++][1] = html_print_input_text('auditdir', io_safe_output($config['auditdir']), '', 30, 100, true);
$table->data[$i][0] = __('Set alias as name by default in agent creation'); $table->data[$i][0] = __('Set alias as name by default in agent creation');
$table->data[$i++][1] = html_print_checkbox_switch('alias_as_name', 1, $config['alias_as_name'], true); $table->data[$i++][1] = html_print_checkbox_switch('alias_as_name', 1, $config['alias_as_name'], true);
$table->data[$i][0] = __('Unique IP'); $table->data[$i][0] = __('Unique IP');
$table->data[$i++][1] = html_print_checkbox_switch('unique_ip', 1, $config['unique_ip'], true); $table->data[$i++][1] = html_print_checkbox_switch('unique_ip', 1, $config['unique_ip'], true);
$table->data[$i][0] = __('Enable console log').ui_print_help_tip(__('Log location').': pandora_console/log/console.log', true);
$table->data[$i++][1] = html_print_checkbox_switch('console_log_enabled', 1, $config['console_log_enabled'], true);
$table->data[$i][0] = __('Enable audit log').ui_print_help_tip(__('Log location').': pandora_console/log/audit.log', true);
$table->data[$i++][1] = html_print_checkbox_switch('audit_log_enabled', 1, $config['audit_log_enabled'], true);
echo '<form id="form_setup" method="post" action="index.php?sec=gsetup&sec2=godmode/setup/setup&amp;section=general&amp;pure='.$config['pure'].'">'; echo '<form id="form_setup" method="post" action="index.php?sec=gsetup&sec2=godmode/setup/setup&amp;section=general&amp;pure='.$config['pure'].'">';
echo '<fieldset>'; echo '<fieldset>';

96
pandora_console/include/class/ConsoleSupervisor.php
View File

@ -226,6 +226,19 @@ class ConsoleSupervisor
* NOTIF.HAMASTER.MESSAGE * NOTIF.HAMASTER.MESSAGE
*/ */
$this->checkHaStatus(); $this->checkHaStatus();
/*
* Check if the Pandora Console log
* file remains in old location.
*/
$this->checkPandoraConsoleLogOldLocation();
/*
* Check if the audit log file
* remains in old location.
*/
$this->checkAuditLogOldLocation();
} }
@ -461,6 +474,17 @@ class ConsoleSupervisor
*/ */
$this->checkHaStatus(); $this->checkHaStatus();
/*
* Check if the audit log file
* remains in old location.
*/
$this->checkAuditLogOldLocation();
/*
Check if AllowOverride is None or All.
*/
$this->checkAllowOverrideEnabled();
} }
@ -2253,8 +2277,8 @@ class ConsoleSupervisor
ui_get_full_url(false) ui_get_full_url(false)
); );
$message_conf_cron .= ENTERPRISE_DIR.'/'.EXTENSIONS_DIR; $message_conf_cron .= ENTERPRISE_DIR.'/'.EXTENSIONS_DIR;
$message_conf_cron .= '/cron/cron.php &gt;&gt; '; $message_conf_cron .= '/cron/cron.php &gt;&gt; </pre>';
$message_conf_cron .= $config['homedir'].'/pandora_console.log</pre>'; $message_conf_cron .= $config['homedir'].'/log/console.log</pre>';
} }
if (isset($config['cron_last_run']) === true) { if (isset($config['cron_last_run']) === true) {
@ -2483,4 +2507,72 @@ class ConsoleSupervisor
} }
/*
* Check if Pandora console log file remains in old location.
*
* @return void
*/
public function checkPandoraConsoleLogOldLocation()
{
global $config;
if (file_exists($config['homedir'].'/pandora_console.log')) {
$title_pandoraconsole_old_log = __(
'Pandora FMS console log file changed location',
$config['homedir']
);
$message_pandoraconsole_old_log = __(
'Pandora FMS console log file has been moved to new location %s/pandora_console/log/pandora. Currently you have an outdated and inoperative version of this file at %s. Please, consider deleting it.',
$config['homedir'],
$config['homedir']
);
$this->notify(
[
'type' => 'NOTIF.PANDORACONSOLE.LOG.OLD',
'title' => __($title_pandoraconsole_old_log),
'message' => __($message_pandoraconsole_old_log),
'url' => '#',
]
);
} else {
$this->cleanNotifications('NOTIF.PANDORACONSOLE.LOG.OLD');
}
}
/**
* Check if audit log file remains in old location.
*
* @return void
*/
public function checkAuditLogOldLocation()
{
global $config;
if (file_exists($config['homedir'].'/audit.log')) {
$title_audit_old_log = __(
'Pandora FMS audit log file changed location',
$config['homedir']
);
$message_audit_old_log = __(
'Pandora FMS audit log file has been moved to new location %s/pandora_console/log/pandora. Currently you have an outdated and inoperative version of this file at %s. Please, consider deleting it.',
$config['homedir'],
$config['homedir']
);
$this->notify(
[
'type' => 'NOTIF.AUDIT.LOG.OLD',
'title' => __($title_audit_old_log),
'message' => __($message_audit_old_log),
'url' => '#',
]
);
} else {
$this->cleanNotifications('NOTIF.AUDIT.LOG.OLD');
}
}
} }

2
pandora_console/include/class/Diagnostics.class.php
View File

@ -1008,7 +1008,7 @@ class Diagnostics extends Wizard
$pathErrLogs = '/var/log/pandora/pandora_server.error'; $pathErrLogs = '/var/log/pandora/pandora_server.error';
$errors = $this->getLogInfo($pathErrLogs); $errors = $this->getLogInfo($pathErrLogs);
$pathConsoleLogs = $config['homedir'].'/pandora_console.log'; $pathConsoleLogs = $config['homedir'].'/log/pandora_console.log';
$console = $this->getLogInfo($pathConsoleLogs); $console = $this->getLogInfo($pathConsoleLogs);
$result = [ $result = [

4
pandora_console/include/config_process.php
View File

@ -51,8 +51,6 @@ if ($develop_bypass != 1) {
} }
ini_set('display_errors', 0); ini_set('display_errors', 0);
ini_set('log_errors', 1);
ini_set('error_log', $config['homedir'].'/pandora_console.log');
} else { } else {
// Develop mode, show all notices and errors on Console (and log it) // Develop mode, show all notices and errors on Console (and log it)
if (version_compare(PHP_VERSION, '5.3.0') >= 0) { if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
@ -62,8 +60,6 @@ if ($develop_bypass != 1) {
} }
ini_set('display_errors', 1); ini_set('display_errors', 1);
ini_set('log_errors', 1);
ini_set('error_log', $config['homedir'].'/pandora_console.log');
} }
// Check if mysqli is available // Check if mysqli is available

2
pandora_console/include/functions.php
View File

@ -3997,7 +3997,7 @@ function generate_hash_to_api()
* @param string Key to identify the profiler run. * @param string Key to identify the profiler run.
* @param string Way to display the result * @param string Way to display the result
* "link" (default): Click into word "Performance" to display the profilling info. * "link" (default): Click into word "Performance" to display the profilling info.
* "console": Display with a message in pandora_console.log. * "console": Display with a message in console.log.
*/ */
function pandora_xhprof_display_result($key='', $method='link') function pandora_xhprof_display_result($key='', $method='link')
{ {

20
pandora_console/include/functions_config.php
View File

@ -319,8 +319,12 @@ function config_update_config()
$error_update[] = __('alias_as_name'); $error_update[] = __('alias_as_name');
} }
if (!config_update_value('auditdir', get_parameter('auditdir'))) { if (!config_update_value('console_log_enabled', get_parameter('console_log_enabled'))) {
$error_update[] = __('Audit log directory'); $error_update[] = __('Console log enabled');
}
if (!config_update_value('audit_log_enabled', get_parameter('audit_log_enabled'))) {
$error_update[] = __('Audit log enabled');
} }
if (!config_update_value('unique_ip', get_parameter('unique_ip'))) { if (!config_update_value('unique_ip', get_parameter('unique_ip'))) {
@ -1924,14 +1928,12 @@ function config_process_config()
config_update_value('alias_as_name', 0); config_update_value('alias_as_name', 0);
} }
if (!isset($config['auditdir'])) { if (!isset($config['console_log_enabled'])) {
$auditdir = '/var/www/html/pandora_console'; config_update_value('console_log_enabled', 0);
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { }
// Windows.
$auditdir = $config['homedir'];
}
config_update_value('auditdir', $auditdir); if (!isset($config['audit_log_enabled'])) {
config_update_value('audit_log_enabled', 0);
} }
if (!isset($config['elasticsearch_ip'])) { if (!isset($config['elasticsearch_ip'])) {

6
pandora_console/include/functions_db.php
View File

@ -251,10 +251,8 @@ function db_pandora_audit($accion, $descripcion, $user_id=false, $ip=true, $info
$valor = ''.$values['fecha'].' - '.io_safe_output($id).' - '.io_safe_output($accion).' - '.$ip.' - '.io_safe_output($descripcion)."\n"; $valor = ''.$values['fecha'].' - '.io_safe_output($id).' - '.io_safe_output($accion).' - '.$ip.' - '.io_safe_output($descripcion)."\n";
if (empty($config['auditdir'])) { if ($config['audit_log_enabled']) {
file_put_contents($config['homedir'].'/audit.log', $valor, FILE_APPEND); file_put_contents($config['homedir'].'/log/audit.log', $valor, FILE_APPEND);
} else {
file_put_contents($config['auditdir'].'/audit.log', $valor, FILE_APPEND);
} }
enterprise_include_once('include/functions_audit.php'); enterprise_include_once('include/functions_audit.php');

8
pandora_console/index.php
View File

@ -141,6 +141,14 @@ if ((! file_exists('include/config.php'))
require_once 'include/config.php'; require_once 'include/config.php';
require_once 'include/functions_config.php'; require_once 'include/functions_config.php';
if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1) {
ini_set('log_errors', 1);
ini_set('error_log', $config['homedir'].'/log/console.log');
} else {
ini_set('log_errors', 0);
ini_set('error_log', 0);
}
if (isset($config['error'])) { if (isset($config['error'])) {
$login_screen = $config['error']; $login_screen = $config['error'];
include 'general/error_screen.php'; include 'general/error_screen.php';

6
pandora_console/log/.htaccess Normal file
View File

@ -0,0 +1,6 @@
# pandora disable log access
<Files ~ "\.log$">
Order Allow,Deny
Deny from All
</Files>

2
pandora_console/pandora_console_logrotate_centos
View File

@ -1,5 +1,5 @@
# Centos, Redhat, Fedora # Centos, Redhat, Fedora
/var/www/html/pandora_console/pandora_console.log { /var/www/html/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000

2
pandora_console/pandora_console_logrotate_suse
View File

@ -1,5 +1,5 @@
# OpenSUSE, SLES # OpenSUSE, SLES
/srv/www/htdocs/pandora_console/pandora_console.log { /srv/www/htdocs/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000

2
pandora_console/pandora_console_logrotate_ubuntu
View File

@ -1,5 +1,5 @@
# DEBIAN / UBUNTU # DEBIAN / UBUNTU
/var/www/pandora_console/pandora_console.log { /var/www/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000

2
pandora_console/pandora_websocket_engine
View File

@ -31,7 +31,7 @@ fi
export WS_ENGINE="/var/www/html/pandora_console/ws.php" export WS_ENGINE="/var/www/html/pandora_console/ws.php"
export PHP=/usr/bin/php export PHP=/usr/bin/php
export WS_LOG="/var/www/html/pandora_console/pandora_console.log" export WS_LOG="/var/log/pandora/web_socket.log"
export GOTTY="/tmp/" export GOTTY="/tmp/"
# Environment variables # Environment variables

6
pandora_console/pandora_websocket_engine.service
View File

@ -6,13 +6,13 @@ After=syslog.target network.target
User=apache User=apache
Type=simple Type=simple
ExecStart=php /var/www/html/pandora_console/ws.php >> /var/www/html/pandora_console/pandora_console.log 2>&1 ExecStart=php /var/www/html/pandora_console/ws.php >> /var/log/pandora/web_socket.log 2>&1
TimeoutStopSec=20 TimeoutStopSec=20
KillMode=process KillMode=process
Restart=always Restart=always
RestartSec=2 RestartSec=2
StandardOutput=file:/var/www/html/pandora_console/pandora_console.log StandardOutput=file:/var/log/pandora/web_socket.log
StandardError=file:/var/www/html/pandora_console/pandora_console.log StandardError=file:/var/log/pandora/web_socket.log
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

4
pandora_console/ws.php
View File

@ -124,12 +124,12 @@ if (substr($os, 0, 3) !== 'win') {
// Launch gotty - SSH. // Launch gotty - SSH.
$cmd = $base_cmd.' --port '.$config['gotty_ssh_port']; $cmd = $base_cmd.' --port '.$config['gotty_ssh_port'];
$cmd .= ' ssh >> '.__DIR__.'/pandora_console.log 2>&1 &'; $cmd .= ' ssh >> /var/log/pandora/web_socket.log 2>&1 &';
shell_exec($cmd); shell_exec($cmd);
// Launch gotty - telnet. // Launch gotty - telnet.
$cmd = $base_cmd.' --port '.$config['gotty_telnet_port']; $cmd = $base_cmd.' --port '.$config['gotty_telnet_port'];
$cmd .= ' telnet >> '.__DIR__.'/pandora_console.log 2>&1 &'; $cmd .= ' telnet >> /var/log/pandora/web_socket.log 2>&1 &';
shell_exec($cmd); shell_exec($cmd);
} }
} }

6
pandora_server/util/pandora_logrotate
View File

@ -12,7 +12,7 @@
} }
# DEBIAN / UBUNTU # DEBIAN / UBUNTU
/var/www/pandora_console/pandora_console.log { /var/www/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000
@ -24,7 +24,7 @@
} }
# OpenSUSE, SLES # OpenSUSE, SLES
/srv/www/htdocs/pandora_console/pandora_console.log { /srv/www/htdocs/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000
@ -36,7 +36,7 @@
} }
# Centos, Redhat, Fedora # Centos, Redhat, Fedora
/var/www/html/pandora_console/pandora_console.log { /var/www/html/pandora_console/log/console.log {
weekly weekly
missingok missingok
size 100000 size 100000