From 7f3ea165333dae747b30fba2b12f3a251cbbf77e Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 17 May 2016 19:29:38 +0200 Subject: [PATCH] logging: add new logging domain LOGD_VPN_PLUGIN This logging domain will be used to enable debugging of the VPN plugins. However, the plugins might expose sensitive data in this mode, so exclude the new domain from "LOGD_ALL". --- man/NetworkManager.conf.xml | 9 ++++++++- src/nm-logging.c | 3 ++- src/nm-logging.h | 6 +++++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index 036f41d003..fd6d7cef59 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -460,7 +460,7 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth WIFI_SCAN, IP4, IP6, AUTOIP4, DNS, VPN, SHARING, SUPPLICANT, AGENTS, SETTINGS, SUSPEND, CORE, DEVICE, OLPC, WIMAX, INFINIBAND, FIREWALL, ADSL, BOND, VLAN, BRIDGE, DBUS_PROPS, - TEAM, CONCHECK, DCB, DISPATCH, AUDIT, SYSTEMD. + TEAM, CONCHECK, DCB, DISPATCH, AUDIT, SYSTEMD, VPN_PLUGIN. In addition, these special domains can be used: NONE, ALL, DEFAULT, DHCP, IP. You can specify per-domain log level overrides by @@ -507,6 +507,7 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth DISPATCH : Dispatcher scripts AUDIT : Audit records SYSTEMD : Messages from internal libsystemd + VPN_PLUGIN : logging messages from VPN plugins NONE : when given by itself logging is disabled ALL : all log domains @@ -517,6 +518,12 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth HW : deprecated alias for "PLATFORM" + + In general, the logfile should not contain passwords or private data. However, + you are always advised to check the file before posting it online or attaching + to a bug report. VPN_PLUGIN is special in that it might + reveal private information from the VPN plugins and thus this level is excluded + from ALL backend diff --git a/src/nm-logging.c b/src/nm-logging.c index 3f924236e3..d0368d000c 100644 --- a/src/nm-logging.c +++ b/src/nm-logging.c @@ -117,7 +117,7 @@ static struct { char *logging_domains_to_string; const LogLevelDesc level_desc[_LOGL_N]; -#define _DOMAIN_DESC_LEN 37 +#define _DOMAIN_DESC_LEN 38 /* Would be nice to use C99 flexible array member here, * but that feature doesn't seem well supported. */ const LogDesc domain_desc[_DOMAIN_DESC_LEN]; @@ -172,6 +172,7 @@ static struct { { LOGD_DISPATCH, "DISPATCH" }, { LOGD_AUDIT, "AUDIT" }, { LOGD_SYSTEMD, "SYSTEMD" }, + { LOGD_VPN_PLUGIN,"VPN_PLUGIN" }, { 0, NULL } /* keep _DOMAIN_DESC_LEN in sync */ }, diff --git a/src/nm-logging.h b/src/nm-logging.h index fe478a50f6..f49f6ec67b 100644 --- a/src/nm-logging.h +++ b/src/nm-logging.h @@ -65,12 +65,16 @@ typedef enum { /*< skip >*/ LOGD_DISPATCH = (1LL << 33), LOGD_AUDIT = (1LL << 34), LOGD_SYSTEMD = (1LL << 35), + LOGD_VPN_PLUGIN = (1LL << 36), __LOGD_MAX, - LOGD_ALL = ((__LOGD_MAX - 1LL) << 1) - 1LL, + LOGD_ALL = (((__LOGD_MAX - 1LL) << 1) - 1LL) & ~( + LOGD_VPN_PLUGIN | /*not even part of ALL, because it might expose sensitive information. */ + 0), LOGD_DEFAULT = LOGD_ALL & ~( LOGD_DBUS_PROPS | LOGD_WIFI_SCAN | + LOGD_VPN_PLUGIN | 0), /* aliases: */