diff options
author | Thomas Haller <thaller@redhat.com> | 2016-06-16 22:30:41 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2016-06-17 08:19:44 +0200 |
commit | 4143fbde177bfac29d28904a47102208dd34bec7 (patch) | |
tree | 1cb96eb6f86dfde4fe95b023763a8221ed11e707 | |
parent | af507cd0893f8140a5c62a176ba70f12b642a0fa (diff) | |
download | NetworkManager-4143fbde177bfac29d28904a47102208dd34bec7.tar.gz |
logging: enable logging domain VPN_PLUGIN up to level <info>
The logging domain VPN_PLUGIN controlls logging of the VPN plugins.
Especially at verbose levels <debug> and <trace>, the plugins might
reveal sensitive information in the logging.
Thus, this level should not be enabled by a
$ nmcli logging general level DEBUG domains ALL
It should only be enabled when requested explicitly.
$ nmcli logging general level DEBUG domains ALL,VPN_PLUGIN:DEBUG
Previously, the special level VPN_PLUGIN was entirely excluded from
ALL and DEFAULT domains and it was entirely disabled by default. That
is however to strict, as it completely silences the VPN plugins by
defult. Now, enable them by default up to level INFO.
VPN plugins should take care that they don't reveal sensitive
information at levels <info> (LOG_NOTICE) and higher (less verbose).
For more verbose levels they may print passwords, but that should
still be avoided as far as possible.
-rw-r--r-- | man/NetworkManager.conf.xml | 8 | ||||
-rw-r--r-- | src/nm-logging.c | 24 | ||||
-rw-r--r-- | src/nm-logging.h | 4 |
3 files changed, 25 insertions, 11 deletions
diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index a6614e3393..38d87fff87 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -527,9 +527,11 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth <para> In general, the logfile should not contain passwords or private data. However, you are always advised to check the file before posting it online or attaching - to a bug report. <literal>VPN_PLUGIN</literal> is special in that it might - reveal private information from the VPN plugins and thus this level is excluded - from <literal>ALL</literal></para> + to a bug report. <literal>VPN_PLUGIN</literal> is special as it might reveal + private information of the VPN plugins with verbose levels. Therefore this domain + will be excluded when setting <literal>ALL</literal> or <literal>DEFAULT</literal> + to more verbose levels then <literal>INFO</literal>. + </para> </varlistentry> <varlistentry> <term><varname>backend</varname></term> diff --git a/src/nm-logging.c b/src/nm-logging.c index e3eaf52b27..15e1492876 100644 --- a/src/nm-logging.c +++ b/src/nm-logging.c @@ -108,7 +108,10 @@ typedef struct { } LogLevelDesc; NMLogDomain _nm_logging_enabled_state[_LOGL_N_REAL] = { - /* nm_logging_setup ("INFO", LOGD_DEFAULT_STRING, NULL, NULL); */ + /* nm_logging_setup ("INFO", LOGD_DEFAULT_STRING, NULL, NULL); + * + * Note: LOGD_VPN_PLUGIN is special and must be disabled for + * DEBUG and TRACE levels. */ [LOGL_INFO] = LOGD_DEFAULT, [LOGL_WARN] = LOGD_DEFAULT, [LOGL_ERR] = LOGD_DEFAULT, @@ -263,6 +266,11 @@ nm_logging_setup (const char *level, NMLogDomain bits; char *p; + /* LOGD_VPN_PLUGIN is protected, that is, when setting ALL or DEFAULT, + * it does not enable the verbose levels DEBUG and TRACE, because that + * may expose sensitive data. */ + NMLogDomain protect = LOGD_NONE; + if (!strlen (*iter)) continue; @@ -279,11 +287,13 @@ nm_logging_setup (const char *level, bits = 0; /* Check for combined domains */ - if (!g_ascii_strcasecmp (*iter, LOGD_ALL_STRING)) + if (!g_ascii_strcasecmp (*iter, LOGD_ALL_STRING)) { bits = LOGD_ALL; - else if (!g_ascii_strcasecmp (*iter, LOGD_DEFAULT_STRING)) + protect = LOGD_VPN_PLUGIN; + } else if (!g_ascii_strcasecmp (*iter, LOGD_DEFAULT_STRING)) { bits = LOGD_DEFAULT; - else if (!g_ascii_strcasecmp (*iter, LOGD_DHCP_STRING)) + protect = LOGD_VPN_PLUGIN; + } else if (!g_ascii_strcasecmp (*iter, LOGD_DHCP_STRING)) bits = LOGD_DHCP; else if (!g_ascii_strcasecmp (*iter, LOGD_IP_STRING)) bits = LOGD_IP; @@ -325,8 +335,12 @@ nm_logging_setup (const char *level, for (i = 0; i < G_N_ELEMENTS (new_logging); i++) { if (i < domain_log_level) new_logging[i] &= ~bits; - else + else { new_logging[i] |= bits; + if ( protect + && i < LOGL_INFO) + new_logging[i] &= ~protect; + } } } } diff --git a/src/nm-logging.h b/src/nm-logging.h index e3289b7039..655f675465 100644 --- a/src/nm-logging.h +++ b/src/nm-logging.h @@ -68,9 +68,7 @@ typedef enum { /*< skip >*/ LOGD_VPN_PLUGIN = (1LL << 36), __LOGD_MAX, - LOGD_ALL = (((__LOGD_MAX - 1LL) << 1) - 1LL) & ~( - LOGD_VPN_PLUGIN | /*not even part of ALL, because it might expose sensitive information. */ - 0), + LOGD_ALL = (((__LOGD_MAX - 1LL) << 1) - 1LL), LOGD_DEFAULT = LOGD_ALL & ~( LOGD_DBUS_PROPS | LOGD_WIFI_SCAN | |