log to stderr (so journal) by default #541
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
in Fedora package review it became apparent that logging to a file is rather more complex in terms of packaging and system security than it might appear. Logging to the journal is kinda a good practice on systemd distros (i.e. all the ones we care about) in any case, and we can easily default to it by leaving the 'file' setting undefined by default. Admins who want to log to a file still easily can by defining the 'file' setting, and then the security issues are all theirs to deal with... This isn't very sophisticated (the severity of the messages isn't transmitted to journald, for instance) but works well enough, seemingly. This change will affect existing deployments which do not have the `file` setting in the config file explicitly specified.
| blacklist = job_grab job_done |
There was a problem hiding this comment.
huh, gedit just did this for me automatically, I think.
|
LGTM |
coolo
added a commit
that referenced
this pull request
Feb 11, 2016
log to stderr (so journal) by default
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
in Fedora package review it became apparent that logging to a
file is rather more complex in terms of packaging and system
security than it might appear. Logging to the journal is kinda
a good practice on systemd distros (i.e. all the ones we care
about) in any case, and we can easily default to it by leaving
the 'file' setting undefined by default. Admins who want to log
to a file still easily can by defining the 'file' setting, and
then the security issues are all theirs to deal with...
This isn't very sophisticated (the severity of the messages
isn't transmitted to journald, for instance) but works well
enough, seemingly.
This change will affect existing deployments which do not have
the
filesetting in the config file explicitly specified.This is a trivial change technically speaking, the question is more whether or not we think it's a good idea. I'm just throwing it out there for discussion. The Fedora package review ticket is https://bugzilla.redhat.com/show_bug.cgi?id=1304882 , for reference, the discussion of logging bits begins in earnest around comment 17 or so.
Just to be clear, logging to file is still perfectly possible with this change, it only changes the default behaviour when the
filesetting isn't explicitly specified inopenqa.ini(or asOPENQA_LOGFILEenv var).