Merge pull request #442 from nodogsplash/4.2.1beta

PreAuth: Limit log size and write to syslog
nodogsplash · Oct 4, 2019 · 5595680 · 5595680
2 parents 1f1284e + a4c6bfb
commit 5595680
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 3 deletions.
diff --git a/forward_authentication_service/PreAuth/demo-preauth-remote-image.sh b/forward_authentication_service/PreAuth/demo-preauth-remote-image.sh
@@ -5,6 +5,30 @@
 
 ### functions
 
+
+write_log () {
+	logfile="/tmp/ndslog.log"
+	min_freespace_to_log_ratio=10
+	datetime=$(date)
+
+	if [ ! -f $logfile ]; then
+		echo "$datetime, New log file created" > $logfile
+	fi
+
+	ndspid=$(ps | grep nodogsplash | awk -F ' ' 'NR==2 {print $1}')
+	filesize=$(ls -s -1 $logfile | awk -F' ' '{print $1}')
+	available=$(df |grep /tmp | awk -F ' ' '{print $4}')
+	sizeratio=$(($available/$filesize))
+
+	if [ $sizeratio -ge $min_freespace_to_log_ratio ]; then
+		echo "PreAuth - writing log to $logfile" | logger -p "daemon.notice" -s -t "nodogsplash[$ndspid]: "
+		echo "$datetime, Username=$username, Email Address=$emailaddr, mac address=$clientmac, user_agent=$user_agent" \
+			>> $logfile
+	else
+		echo "PreAuth - log file too big, please archive contents" | logger -p "daemon.err" -s -t "nodogsplash[$ndspid]: "
+	fi
+}
+
 get_image_file() {
 	imagepath="/etc/nodogsplash/htdocs/images/remote"
 	mkdir "/tmp/remote"
@@ -247,7 +271,7 @@ else
 	echo "</form><hr>"
 
 	# In this example we have decided to log all clients who are granted access
-	echo "$(date), Username=$username, Email Address=$emailaddr, mac address=$clientmac, ip=$clientip, user_agent=$user_agent" >> /tmp/ndslog.log
+	write_log
 fi
 
 # Output the page footer

diff --git a/forward_authentication_service/PreAuth/demo-preauth.sh b/forward_authentication_service/PreAuth/demo-preauth.sh
@@ -3,6 +3,30 @@
 #Copyright (C) Blue Wave Projects and Services 2015-2019
 #This software is released under the GNU GPL license.
 
+# functions:
+
+write_log () {
+	logfile="/tmp/ndslog.log"
+	min_freespace_to_log_ratio=10
+	datetime=$(date)
+
+	if [ ! -f $logfile ]; then
+		echo "$datetime, New log file created" > $logfile
+	fi
+
+	ndspid=$(ps | grep nodogsplash | awk -F ' ' 'NR==2 {print $1}')
+	filesize=$(ls -s -1 $logfile | awk -F' ' '{print $1}')
+	available=$(df |grep /tmp | awk -F ' ' '{print $4}')
+	sizeratio=$(($available/$filesize))
+
+	if [ $sizeratio -ge $min_freespace_to_log_ratio ]; then
+		echo "$datetime, Username=$username, Email Address=$emailaddr, mac address=$clientmac, user_agent=$user_agent" \
+			>> $logfile
+	else
+		echo "PreAuth - log file too big, please archive contents" | logger -p "daemon.err" -s -t "nodogsplash[$ndspid]: "
+	fi
+}
+
 # Get the urlencoded querystring and user_agent
 query_enc="$1"
 user_agent_enc="$2"
@@ -217,12 +241,13 @@ else
 	echo "</form><hr>"
 
 	# In this example we have decided to log all clients who are granted access
-	echo "$(date), Username=$username, Email Address=$emailaddr, mac address=$clientmac, user_agent=$user_agent" >> /tmp/ndslog.log
+	write_log
 fi
 
 # Output the page footer
 echo -e $footer
 
 # The output of this script could of course be much more complex and
 # could easily be used to conduct a dialogue with the client user.
-# 
+#
+