diff --git a/CHANGELOG.md b/CHANGELOG.md index 793b3b9..b58acde 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,10 +8,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added -* bkctld-inc and bkctld-rm log their progress (log level "info") - ### Changed +* rewrite log messages and format + ### Deprecated ### Removed diff --git a/lib/bkctld-firewall b/lib/bkctld-firewall index c4f2a09..225a465 100755 --- a/lib/bkctld-firewall +++ b/lib/bkctld-firewall @@ -18,6 +18,7 @@ iptables_input_accept() { jail_name="${1}" port="${2}" ip="${3}" + debug "Accept \`${ip}:${port}' for jail \`${jail_name}'" echo "/sbin/iptables -A INPUT -p tcp --sport 1024: --dport ${port} -s ${ip} -j ACCEPT #${jail_name}" } @@ -34,7 +35,7 @@ if [ -n "${FIREWALL_RULES}" ]; then # Restart the firewall [ -f /etc/init.d/minifirewall ] && /etc/init.d/minifirewall restart >/dev/null fi - notice "${jail_name}: firewall rules have been updated." + notice "Firewall updated for jail \`${jail_name}'" else - warning "${jail_name}: skipping firewall update, FIREWALL_RULES variable is empty." + notice "Skip jail \`${jail_name}' : FIREWALL_RULES variable is empty." fi diff --git a/lib/bkctld-inc b/lib/bkctld-inc index a02e6ea..7c81404 100755 --- a/lib/bkctld-inc +++ b/lib/bkctld-inc @@ -54,8 +54,8 @@ for jail_name in ${jails_list}; do if [ -n "${incs_policy_file}" ]; then # If no incs directory is found, we don't create incs if [ ! -d "${inc_path}" ]; then - info "inc progress: jail ${jails_count} out of ${jails_total}" - start=$(current_time) + info "Progress: jail ${jails_count} out of ${jails_total}" + notice "Create inc \`${inc_name}' for jail \`${jail_name}' : start" if is_btrfs "${jail_path}"; then create_inc_btrfs "${jail_name}" "${inc_name}" @@ -63,12 +63,11 @@ for jail_name in ${jails_list}; do create_inc_ext4 "${jail_name}" "${inc_name}" fi - end=$(current_time) - notice "${jail_name}: \`${inc_name}' has been created [${start}/${end}]" + notice "Create inc \`${inc_name}' for jail \`${jail_name}' : finish" else - warning "${jail_name}: skipping \`${inc_name}', it already exists." + warning "Skip inc \`${inc_name}' for jail \`${jail_name}' : it already exists." fi else - notice "${jail_name}: skipping \`${inc_name}', incs policy not found." + notice "Skip jail \`${jail_name}' : incs policy is missing" fi done diff --git a/lib/bkctld-init b/lib/bkctld-init index 56dbf08..2625ca3 100755 --- a/lib/bkctld-init +++ b/lib/bkctld-init @@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" && error "${jail_name}: jail already exists." +test -d "${jail_path}" && error "Skip jail \`${jail_name}' : it already exists" # Create config and jails directory mkdir --parents "${CONFDIR}" "${JAILDIR}" @@ -28,4 +28,4 @@ fi setup_jail_chroot "${jail_name}" setup_jail_config "${jail_name}" -notice "${jail_name}: jail has been created" +notice "Create jail \`${jail_name}' : OK" diff --git a/lib/bkctld-ip b/lib/bkctld-ip index 8bb8054..cefcedb 100755 --- a/lib/bkctld-ip +++ b/lib/bkctld-ip @@ -15,7 +15,7 @@ if [ ! -n "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" jail_sshd_config="${jail_path}/${SSHD_CONFIG}" @@ -40,9 +40,9 @@ else if grep -q -E "^AllowUsers" "${jail_sshd_config}"; then sed -i "s~^AllowUsers .*~${allow_users}~" "${jail_sshd_config}" else - error "${jail_name}: No \`AllowUsers' directive found in \`${jail_sshd_config}'" + error "No \`AllowUsers' directive found in \`${jail_sshd_config}'" fi - notice "${jail_name}: IP whitelist updated with \`${ip}'" + notice "Update IP whitelist with \`${ip}' for jail \`${jail_name}' : OK" "${LIBDIR}/bkctld-reload" "${jail_name}" "${LIBDIR}/bkctld-firewall" "${jail_name}" fi diff --git a/lib/bkctld-is-on b/lib/bkctld-is-on index fb83c95..7722f13 100755 --- a/lib/bkctld-is-on +++ b/lib/bkctld-is-on @@ -14,7 +14,7 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" jail_pid_file="${jail_path}/${SSHD_PID}" diff --git a/lib/bkctld-key b/lib/bkctld-key index 2c01ef8..e0b8c94 100755 --- a/lib/bkctld-key +++ b/lib/bkctld-key @@ -15,15 +15,15 @@ if [ ! -n "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" if [ -z "${keyfile}" ]; then if [ -f "${jail_path}/${AUTHORIZED_KEYS}" ]; then cat "${jail_path}/${AUTHORIZED_KEYS}" fi else - test -r "${keyfile}" || error "${jail_name}: SSH key \`${keyfile}' is missing or is not readable." + test -r "${keyfile}" || error "SSH key \`${keyfile}' for jail \`${jail_name}' is missing or is not readable." cat "${keyfile}" > "${jail_path}/${AUTHORIZED_KEYS}" chmod 600 "${jail_path}/${AUTHORIZED_KEYS}" - notice "${jail_name}: SSH key has been updated with \`${keyfile}'" + notice "Update SSH key \`${keyfile}' for jail \`${jail_name}' : OK" fi diff --git a/lib/bkctld-port b/lib/bkctld-port index 0b3c514..8ed125c 100755 --- a/lib/bkctld-port +++ b/lib/bkctld-port @@ -15,7 +15,7 @@ if [ ! -n "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" jail_sshd_config="${jail_path}/${SSHD_CONFIG}" @@ -29,7 +29,7 @@ else fi sed -i "s/^Port .*/Port ${port}/" "${jail_sshd_config}" - notice "${jail_name}: port has been updated to \`${port}'" + notice "Update SSH port \`${port}' for jail \`${jail_name}' : OK" "${LIBDIR}/bkctld-reload" "${jail_name}" "${LIBDIR}/bkctld-firewall" "${jail_name}" diff --git a/lib/bkctld-reload b/lib/bkctld-reload index 7dad023..711405a 100755 --- a/lib/bkctld-reload +++ b/lib/bkctld-reload @@ -13,10 +13,14 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0 pid=$(cat "${jail_path}/${SSHD_PID}") -kill -HUP "${pid}" && notice "${jail_name}: jail has been reloaded [${pid}]" +if kill -HUP "${pid}"; then + notice "Reload jail \`${jail_name}' : OK [${pid}]" +else + error "Reload jail \`${jail_name}' : failed [${pid}]" +fi diff --git a/lib/bkctld-remove b/lib/bkctld-remove index ea0ac2f..0580e16 100755 --- a/lib/bkctld-remove +++ b/lib/bkctld-remove @@ -14,7 +14,7 @@ fi jail_path=$(jail_path "${jail_name}") incs_path=$(incs_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" @@ -33,10 +33,10 @@ if [ -d "${incs_path}" ]; then if [ "${inc_inode}" -eq 256 ]; then /bin/btrfs subvolume delete "${incs_path}/${inc}" | debug else - warning "You need to purge ${incs_path}/${inc} manually !" + warning "You need to purge \`${incs_path}/${inc}' manually" fi done rmdir --ignore-fail-on-non-empty "${incs_path}" | debug fi "${LIBDIR}/bkctld-firewall" "${jail_name}" -notice "${jail_name}: jail has been deleted." +notice "Delete jail \`${jail_name}' : OK" diff --git a/lib/bkctld-restart b/lib/bkctld-restart index 1b84e13..e9e3dae 100755 --- a/lib/bkctld-restart +++ b/lib/bkctld-restart @@ -15,7 +15,7 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" "${LIBDIR}/bkctld-start" "${jail_name}" diff --git a/lib/bkctld-rm b/lib/bkctld-rm index d9e4fba..c5851a7 100755 --- a/lib/bkctld-rm +++ b/lib/bkctld-rm @@ -106,11 +106,11 @@ for jail_name in ${jails_list}; do incs_count=0 if [ -n "${incs_to_delete}" ]; then - debug "${jail_name}: incs to be deleted : $(echo "${incs_to_delete}" | tr '\n', ',' | sed 's/,$//')." + debug "Incs to be deleted for \`${jail_name}' : $(echo "${incs_to_delete}" | tr '\n', ',' | sed 's/,$//')." for inc_name in ${incs_to_delete}; do incs_count=$((incs_count+1)) - info "rm progress: jail ${jails_count} out of ${jails_total} - inc ${incs_count} out of ${incs_total}" - start=$(current_time) + info "Progress: jail ${jails_count} out of ${jails_total} - inc ${incs_count} out of ${incs_total}" + notice "Delete inc \`${inc_name}' for jail \`${jail_name}' : start" inc_path=$(inc_path "${jail_name}" "${inc_name}") @@ -120,14 +120,13 @@ for jail_name in ${jails_list}; do delete_inc_ext4 "${jail_name}" "${inc_name}" fi - end=$(current_time) - notice "${jail_name}: inc \`${inc_name}' has been deleted [${start}/${end}]" + notice "Delete inc \`${inc_name}' for jail \`${jail_name}' : finish" done else - notice "${jail_name}: no inc to be deleted." + notice "Skip jail \`${jail_name}' : no inc to delete" fi else - notice "${jail_name}: skipping jail because incs policy is missing." + notice "Skip jail \`${jail_name}' : incs policy is missing" fi done diff --git a/lib/bkctld-start b/lib/bkctld-start index b3eded2..e350b96 100755 --- a/lib/bkctld-start +++ b/lib/bkctld-start @@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" && exit 0 @@ -21,7 +21,7 @@ test -d "${jail_path}" || error "${jail_name}: jail is missing." mount_jail_fs "${jail_name}" # Start SSH in the chroot -chroot "${jail_path}" /usr/sbin/sshd -E /var/log/authlog || error "${jail_name}: failed to start SSH." +chroot "${jail_path}" /usr/sbin/sshd -E /var/log/authlog || error "Failed to start SSH for jail \`${jail_name}'" pidfile="${jail_path}/${SSHD_PID}" # Wait for SSH to be up @@ -37,7 +37,7 @@ for try in $(seq 1 10); do done if [ -n "${pid}" ]; then - notice "${jail_name}: jail has been started [${pid}]" + notice "Start jail \`${jail_name}' : PID \`${pid}'" else - error "${jail_name}: failed to fetch SSH pid within 3 sec." + error "Failed to fetch SSH PID for jail \`${jail_name}' within 3 seconds" fi diff --git a/lib/bkctld-stop b/lib/bkctld-stop index 5c247ca..7f02394 100755 --- a/lib/bkctld-stop +++ b/lib/bkctld-stop @@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0 @@ -22,10 +22,10 @@ pid=$(cat "${jail_path}/${SSHD_PID}") pkill --parent "${pid}" if kill "${pid}"; then - notice "${jail_name}: jail has been stopped [${pid}]" + notice "Stop jail \`${jail_name}' : OK [${pid}]" umount --lazy --recursive "${jail_path}/dev" umount --lazy "${jail_path}/proc/" else - error "${jail_name}: failed to stop jail [${pid}]" + error "Stop jail \`${jail_name}' : failed [${pid}]" fi diff --git a/lib/bkctld-sync b/lib/bkctld-sync index a4e8208..90250f9 100755 --- a/lib/bkctld-sync +++ b/lib/bkctld-sync @@ -14,7 +14,7 @@ fi jail_path=$(jail_path "${jail_name}") jail_config_dir=$(jail_config_dir "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" [ -n "${NODE}" ] || error "Sync need config of \$NODE in /etc/default/bkctld !" diff --git a/lib/bkctld-update b/lib/bkctld-update index 2169ba2..ba15687 100755 --- a/lib/bkctld-update +++ b/lib/bkctld-update @@ -13,10 +13,10 @@ if [ ! -n "${jail_name}" ]; then fi jail_path=$(jail_path "${jail_name}") -test -d "${jail_path}" || error "${jail_name}: jail is missing." +test -d "${jail_path}" || error "${jail_name}: jail not found" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" setup_jail_chroot "${jail_name}" -notice "${jail_name}: jail has been updated." +notice "Update jail \`${jail_name}' : OK" diff --git a/lib/includes b/lib/includes index 8ecf986..a62e471 100755 --- a/lib/includes +++ b/lib/includes @@ -23,43 +23,49 @@ CRITICAL="${CRITICAL:-48}" WARNING="${WARNING:-24}" DUC=$(command -v duc-nox || command -v duc) +log_date() { + echo "[$(date +%Y-%m-%d %H:%M:%s)]" +} +process_name() { + basename $0 +} debug() { msg="${1:-$(cat /dev/stdin)}" if [ "${LOGLEVEL}" -ge 7 ]; then - echo "${msg}" - logger -t bkctld -p daemon.debug "${msg}" + echo "$(log_date) DEBUG $(process_name) ${msg}" + logger -t bkctld -p daemon.debug "$(process_name) ${msg}" fi } info() { msg="${1:-$(cat /dev/stdin)}" if [ "${LOGLEVEL}" -ge 6 ]; then - tty -s && echo "${msg}" - logger -t bkctld -p daemon.info "${msg}" + tty -s && echo "$(log_date) INFO $(process_name)${msg}" + logger -t bkctld -p daemon.info "$(process_name) ${msg}" fi } notice() { msg="${1:-$(cat /dev/stdin)}" - tty -s && echo "${msg}" - [ "${LOGLEVEL}" -ge 5 ] && logger -t bkctld -p daemon.notice "${msg}" + tty -s && echo "$(log_date) NOTICE $(process_name) ${msg}" + [ "${LOGLEVEL}" -ge 5 ] && logger -t bkctld -p daemon.notice "$(process_name) ${msg}" } warning() { msg="${1:-$(cat /dev/stdin)}" - tty -s && echo "WARNING: ${msg}" >&2 + tty -s && echo "$(log_date) WARNING $(process_name) ${msg}" >&2 if [ "${LOGLEVEL}" -ge 4 ]; then - tty -s || echo "WARNING: ${msg}" >&2 - logger -t bkctld -p daemon.warning "${msg}" + tty -s || echo "$(log_date) WARNING $(process_name) ${msg}" >&2 + logger -t bkctld -p daemon.warning "$(process_name) ${msg}" fi } error() { msg="${1:-$(cat /dev/stdin)}" - tty -s && echo "ERROR: ${msg}" >&2 + tty -s && echo "$(log_date) ERROR $(process_name) ${msg}" >&2 if [ "${LOGLEVEL}" -ge 5 ]; then - tty -s || echo "ERROR: ${msg}" >&2 - logger -t bkctld -p daemon.error "${msg}" + tty -s || echo "$(log_date) ERROR $(process_name) ${msg}" >&2 + logger -t bkctld -p daemon.error "$(process_name) ${msg}" fi exit 1 }