Make logfile's mode configurable.

The file logger currently resets the mode of the logfile to 0640.

When the webserver is running as a different user than the cron job
(but both are in the same group) the files mode has to be 0660. The
current implementation breaks logging for the user that is not the
owner of the logfile.

This patch introduces a new config option 'logfilemode' that expects
an octal value (defaults to 0640). Unless the value is lower or equal
than 0 the logfiles mode will be resetted to this value.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
This commit is contained in:
Roland Tapken 2018-02-09 16:09:56 +01:00 committed by Morris Jobke
parent c2ef47ee13
commit d17856a1e9
No known key found for this signature in database
GPG Key ID: FE03C3A163FEDE68
2 changed files with 12 additions and 2 deletions

View File

@ -728,6 +728,13 @@ $CONFIG = array(
*/ */
'logfile' => '/var/log/nextcloud.log', 'logfile' => '/var/log/nextcloud.log',
/**
* Log file mode for the Nextcloud loggin type in octal notation.
*
* Defaults to 0640 (writeable by user, readable by group).
*/
'logfilemode' => 0640,
/** /**
* Loglevel to start logging at. Valid values are: 0 = Debug, 1 = Info, 2 = * Loglevel to start logging at. Valid values are: 0 = Debug, 1 = Info, 2 =
* Warning, 3 = Error, and 4 = Fatal. The default value is Warning. * Warning, 3 = Error, and 4 = Fatal. The default value is Warning.

View File

@ -50,6 +50,8 @@ use OCP\ILogger;
class File implements IWriter, IFileBased { class File implements IWriter, IFileBased {
/** @var string */ /** @var string */
protected $logFile; protected $logFile;
/** @var int */
protected $logFileMode;
/** @var SystemConfig */ /** @var SystemConfig */
private $config; private $config;
@ -67,6 +69,7 @@ class File implements IWriter, IFileBased {
} }
} }
$this->config = $config; $this->config = $config;
$this->logFileMode = $config->getValue('logfilemode', 0640);
} }
/** /**
@ -134,8 +137,8 @@ class File implements IWriter, IFileBased {
} }
$entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR); $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR);
$handle = @fopen($this->logFile, 'a'); $handle = @fopen($this->logFile, 'a');
if ((fileperms($this->logFile) & 0777) != 0640) { if ($this->logFileMode > 0 && (fileperms($this->logFile) & 0777) != $this->logFileMode) {
@chmod($this->logFile, 0640); @chmod($this->logFile, $this->logFileMode);
} }
if ($handle) { if ($handle) {
fwrite($handle, $entry."\n"); fwrite($handle, $entry."\n");