From patchwork Mon May 23 19:39:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: ykonai X-Patchwork-Id: 39582 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id EF1FE27BBEA; Mon, 23 May 2022 21:00:40 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 9C4C827BBE9 for ; Mon, 23 May 2022 21:00:39 +0100 (BST) Received: from localhost ([::1]:42116 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ntEEI-0000Pn-O6 for patchwork@mira.cbaines.net; Mon, 23 May 2022 16:00:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60722) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ntEDm-0000Pa-6v for guix-patches@gnu.org; Mon, 23 May 2022 16:00:08 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:56370) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ntEDj-0005ha-5w for guix-patches@gnu.org; Mon, 23 May 2022 16:00:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ntEDj-0001iC-1w for guix-patches@gnu.org; Mon, 23 May 2022 16:00:03 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#55600] [PATCH] gnu: services: networking: Add log rotation to most services. Resent-From: ykonai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 23 May 2022 20:00:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 55600 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 55600@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16533359896528 (code B ref -1); Mon, 23 May 2022 20:00:02 +0000 Received: (at submit) by debbugs.gnu.org; 23 May 2022 19:59:49 +0000 Received: from localhost ([127.0.0.1]:50267 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ntEDS-0001h8-8j for submit@debbugs.gnu.org; Mon, 23 May 2022 15:59:49 -0400 Received: from lists.gnu.org ([209.51.188.17]:51826) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ntDtc-00019l-Vg for submit@debbugs.gnu.org; Mon, 23 May 2022 15:39:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57248) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ntDtc-0002Gx-NU for guix-patches@gnu.org; Mon, 23 May 2022 15:39:16 -0400 Received: from www.ykonai.net ([2605:6400:10:1424:8f2:1eb3:b35b:fe2d]:49254) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ntDta-0002O4-6w for guix-patches@gnu.org; Mon, 23 May 2022 15:39:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ykonai.net; s=20220513; t=1653334830; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=bEbR3kcD9pumx1gR1TX5YVBLa9kYVmX6jRewkoH6zZE=; b=XrxP1luUKnluNWv3L2cDPzRC8kLKVYnrdAGWXrvHAshU4EBLCzyPZfDsKp8Eqyp7ksgyCj 9IIgHCVDSOHZk8GNGDLXuFKKs44vGvmBR/EO5gXJvudfX6biBX5N9BfBezguEO3h3d6//J 4ttg3baWRHCOCGeUSKZlAQ3hckqeWvnGWpGULo7dugVhUUmVHEzss9b7aanFJCYqX26s1Y PddsJ9AlZ0ry5yZDPtiGn3Dff43dmsU6QE4fbqMj74nlCpj1pr+Ry6QZZEAcjFbbRJG6jg ZhV9TlzJ5GRjLO5i+PYhShZsS2vsWtg3QZbSb2N0GUM+42slreUpWYXj0Yyi+A== Received: by www.ykonai.net (OpenSMTPD) with ESMTPSA id 59b948c1 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Mon, 23 May 2022 19:40:30 +0000 (UTC) Date: Mon, 23 May 2022 21:39:08 +0200 Message-Id: <20220523193908.9016-1-mail@ykonai.net> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 Received-SPF: pass client-ip=2605:6400:10:1424:8f2:1eb3:b35b:fe2d; envelope-from=mail@ykonai.net; helo=www.ykonai.net X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Mon, 23 May 2022 15:59:44 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" Reply-to: ykonai X-ACL-Warn: , ykonai via Guix-patches X-Patchwork-Original-From: ykonai via Guix-patches via From: ykonai X-getmail-retrieved-from-mailbox: Patches This adds a simple log rotation extension to every networking service that specifies a #:log-file in its Shepherd service, which should prevent some logs from accumulating indefinitely. * gnu/services/networking.scm: Add log rotation to most services. --- gnu/services/networking.scm | 72 +++++++++++++++++++++++++++++++------ 1 file changed, 62 insertions(+), 10 deletions(-) base-commit: 2f58393d995de9638140962cf4c40e5f2ba08c3a prerequisite-patch-id: cae10b00f0ef0adfefaae7541ddccbd244bb73c5 diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 399cd03c1d..d8fe638940 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -41,6 +41,7 @@ (define-module (gnu services networking) #:use-module (gnu services linux) #:use-module (gnu services shepherd) #:use-module (gnu services dbus) + #:use-module (gnu services admin) #:use-module (gnu system shadow) #:use-module (gnu system pam) #:use-module ((gnu system file-systems) #:select (file-system-mapping)) @@ -384,6 +385,11 @@ (define dhcpd-service-type ;;; NTP. ;;; + +(define %ntp-log-rotation + (list (log-rotation + (files '("/var/log/ntpd.log"))))) + (define ntp-server-types (make-enumeration '(pool server @@ -532,7 +538,9 @@ (define ntp-service-type (service-extension account-service-type (const %ntp-accounts)) (service-extension activation-service-type - ntp-service-activation))) + ntp-service-activation) + (service-extension rottlog-service-type + (const %ntp-log-rotation)))) (description "Run the @command{ntpd}, the Network Time Protocol (NTP) daemon of the @uref{http://www.ntp.org, Network Time Foundation}. The daemon @@ -614,7 +622,7 @@ (define ntpd.conf ;; When ntpd is daemonized it repeatedly tries to respawn ;; while running, leading shepherd to disable it. To ;; prevent spamming stderr, redirect output to logfile. - #:log-file "/var/log/ntpd")) + #:log-file "/var/log/ntpd.log")) (stop #~(make-kill-destructor)))))) (define (openntpd-service-activation config) @@ -640,7 +648,9 @@ (define openntpd-service-type (service-extension profile-service-type (compose list openntpd-configuration-openntpd)) (service-extension activation-service-type - openntpd-service-activation))) + openntpd-service-activation) + (service-extension rottlog-service-type + (const %ntp-log-rotation)))) (default-value (openntpd-configuration)) (description "Run the @command{ntpd}, the Network Time Protocol (NTP) @@ -987,6 +997,10 @@ (define (tor-shepherd-service config) (stop #~(make-kill-destructor)) (documentation "Run the Tor anonymous network overlay.")))))))) +(define %tor-log-rotation + (list (log-rotation + (files '("/var/log/tor.log"))))) + (define (tor-activation config) "Set up directories for Tor and its hidden services, if any." #~(begin @@ -1032,7 +1046,9 @@ (define tor-service-type (service-extension account-service-type (const %tor-accounts)) (service-extension activation-service-type - tor-activation))) + tor-activation) + (service-extension rottlog-service-type + (const %tor-log-rotation)))) ;; This can be extended with hidden services. (compose concatenate) @@ -1314,6 +1330,10 @@ (define (connman-shepherd-service config) #:log-file "/var/log/connman.log")) (stop #~(make-kill-destructor))))))) +(define %connman-log-rotation + (list (log-rotation + (files '("/var/log/connman.log"))))) + (define connman-service-type (let ((connman-package (compose list connman-configuration-connman))) (service-type (name 'connman) @@ -1328,7 +1348,9 @@ (define connman-service-type connman-activation) ;; Add connman to the system profile. (service-extension profile-service-type - connman-package))) + connman-package) + (service-extension rottlog-service-type + (const %connman-log-rotation)))) (default-value (connman-configuration)) (description "Run @url{https://01.org/connman,Connman}, @@ -1570,12 +1592,18 @@ (define* (hostapd-shepherd-services config #:key (requirement '())) #:log-file "/var/log/hostapd.log")) (stop #~(make-kill-destructor))))) +(define %hostapd-log-rotation + (list (log-rotation + (files '("/var/log/hostapd.log"))))) + (define hostapd-service-type (service-type (name 'hostapd) (extensions (list (service-extension shepherd-root-service-type - hostapd-shepherd-services))) + hostapd-shepherd-services) + (service-extension rottlog-service-type + (const %hostapd-log-rotation)))) (description "Run the @uref{https://w1.fi/hostapd/, hostapd} daemon for Wi-Fi access points and authentication servers."))) @@ -1867,6 +1895,10 @@ (define (pagekite-shepherd-service config) ;; SIGTERM doesn't always work for some reason. (stop #~(make-kill-destructor SIGINT)))))) +(define %pagekite-log-rotation + (list (log-rotation + (files '("/var/log/pagekite.log"))))) + (define %pagekite-accounts (list (user-group (name "pagekite") (system? #t)) (user-account @@ -1885,7 +1917,9 @@ (define pagekite-service-type (list (service-extension shepherd-root-service-type (compose list pagekite-shepherd-service)) (service-extension account-service-type - (const %pagekite-accounts)))) + (const %pagekite-accounts)) + (service-extension rottlog-service-type + (const %pagekite-log-rotation)))) (description "Run @url{https://pagekite.net/,PageKite}, a tunneling solution to make local servers publicly accessible on the web, even behind NATs and firewalls."))) @@ -1976,6 +2010,10 @@ (define yggdrasil-command #:group "yggdrasil")) (stop #~(make-kill-destructor))))) +(define %yggdrasil-log-rotation + (list (log-rotation + (files '("/var/log/yggdrasil.log"))))) + (define %yggdrasil-accounts (list (user-group (name "yggdrasil") (system? #t)))) @@ -1991,7 +2029,9 @@ (define yggdrasil-service-type (service-extension account-service-type (const %yggdrasil-accounts)) (service-extension profile-service-type - (compose list yggdrasil-configuration-package)))))) + (compose list yggdrasil-configuration-package)) + (service-extension rottlog-service-type + (const %yggdrasil-log-rotation)))))) ;;; @@ -2061,6 +2101,10 @@ (define ipfs-daemon-command #:environment-variables #$%ipfs-environment)) (stop #~(make-kill-destructor))))) +(define %ipfs-log-rotation + (list (log-rotation + (files '("/var/log/ipfs.log"))))) + (define (%ipfs-activation config) "Return an activation gexp for IPFS with CONFIG" (define (exec-command . args) @@ -2116,7 +2160,9 @@ (define ipfs-service-type (service-extension activation-service-type %ipfs-activation) (service-extension shepherd-root-service-type - ipfs-shepherd-service))) + ipfs-shepherd-service) + (service-extension rottlog-service-type + (const %ipfs-log-rotation)))) (default-value (ipfs-configuration)) (description "Run @command{ipfs daemon}, the reference implementation @@ -2153,10 +2199,16 @@ (define keepalived-shepherd-service (respawn? #f) (stop #~(make-kill-destructor))))))) +(define %keepalived-log-rotation + (list (log-rotation + (files '("/var/log/keepalived.log"))))) + (define keepalived-service-type (service-type (name 'keepalived) (extensions (list (service-extension shepherd-root-service-type - keepalived-shepherd-service))) + keepalived-shepherd-service) + (service-extension rottlog-service-type + (const %keepalived-log-rotation)))) (description "Run @uref{https://www.keepalived.org/, Keepalived} routing software.")))