diff options
author | Thomas Haller <thaller@redhat.com> | 2016-06-16 22:30:41 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2016-06-17 08:19:44 +0200 |
commit | 4143fbde177bfac29d28904a47102208dd34bec7 (patch) | |
tree | 1cb96eb6f86dfde4fe95b023763a8221ed11e707 /src/nm-logging.c | |
parent | af507cd0893f8140a5c62a176ba70f12b642a0fa (diff) | |
download | NetworkManager-4143fbde177bfac29d28904a47102208dd34bec7.tar.gz |
logging: enable logging domain VPN_PLUGIN up to level <info>
The logging domain VPN_PLUGIN controlls logging of the VPN plugins.
Especially at verbose levels <debug> and <trace>, the plugins might
reveal sensitive information in the logging.
Thus, this level should not be enabled by a
$ nmcli logging general level DEBUG domains ALL
It should only be enabled when requested explicitly.
$ nmcli logging general level DEBUG domains ALL,VPN_PLUGIN:DEBUG
Previously, the special level VPN_PLUGIN was entirely excluded from
ALL and DEFAULT domains and it was entirely disabled by default. That
is however to strict, as it completely silences the VPN plugins by
defult. Now, enable them by default up to level INFO.
VPN plugins should take care that they don't reveal sensitive
information at levels <info> (LOG_NOTICE) and higher (less verbose).
For more verbose levels they may print passwords, but that should
still be avoided as far as possible.
Diffstat (limited to 'src/nm-logging.c')
-rw-r--r-- | src/nm-logging.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/src/nm-logging.c b/src/nm-logging.c index e3eaf52b27..15e1492876 100644 --- a/src/nm-logging.c +++ b/src/nm-logging.c @@ -108,7 +108,10 @@ typedef struct { } LogLevelDesc; NMLogDomain _nm_logging_enabled_state[_LOGL_N_REAL] = { - /* nm_logging_setup ("INFO", LOGD_DEFAULT_STRING, NULL, NULL); */ + /* nm_logging_setup ("INFO", LOGD_DEFAULT_STRING, NULL, NULL); + * + * Note: LOGD_VPN_PLUGIN is special and must be disabled for + * DEBUG and TRACE levels. */ [LOGL_INFO] = LOGD_DEFAULT, [LOGL_WARN] = LOGD_DEFAULT, [LOGL_ERR] = LOGD_DEFAULT, @@ -263,6 +266,11 @@ nm_logging_setup (const char *level, NMLogDomain bits; char *p; + /* LOGD_VPN_PLUGIN is protected, that is, when setting ALL or DEFAULT, + * it does not enable the verbose levels DEBUG and TRACE, because that + * may expose sensitive data. */ + NMLogDomain protect = LOGD_NONE; + if (!strlen (*iter)) continue; @@ -279,11 +287,13 @@ nm_logging_setup (const char *level, bits = 0; /* Check for combined domains */ - if (!g_ascii_strcasecmp (*iter, LOGD_ALL_STRING)) + if (!g_ascii_strcasecmp (*iter, LOGD_ALL_STRING)) { bits = LOGD_ALL; - else if (!g_ascii_strcasecmp (*iter, LOGD_DEFAULT_STRING)) + protect = LOGD_VPN_PLUGIN; + } else if (!g_ascii_strcasecmp (*iter, LOGD_DEFAULT_STRING)) { bits = LOGD_DEFAULT; - else if (!g_ascii_strcasecmp (*iter, LOGD_DHCP_STRING)) + protect = LOGD_VPN_PLUGIN; + } else if (!g_ascii_strcasecmp (*iter, LOGD_DHCP_STRING)) bits = LOGD_DHCP; else if (!g_ascii_strcasecmp (*iter, LOGD_IP_STRING)) bits = LOGD_IP; @@ -325,8 +335,12 @@ nm_logging_setup (const char *level, for (i = 0; i < G_N_ELEMENTS (new_logging); i++) { if (i < domain_log_level) new_logging[i] &= ~bits; - else + else { new_logging[i] |= bits; + if ( protect + && i < LOGL_INFO) + new_logging[i] &= ~protect; + } } } } |