log: Only chmod if permission bits differ; make log dir (#6761)

* log: Only chmod if permission bits differ

Follow-up to #6314 and https://caddy.community/t/caddy-2-9-0-breaking-change/27576/11

* Fix test

* Refactor FileWriter

* Ooooh octal... right...
This commit is contained in:
Matt Holt 2025-01-07 21:51:03 -07:00 committed by GitHub
parent 50778b5542
commit 1f927d6b07
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 58 additions and 39 deletions

View file

@ -20,6 +20,7 @@ import (
"io"
"math"
"os"
"path/filepath"
"strconv"
"github.com/dustin/go-humanize"
@ -146,12 +147,47 @@ func (fw FileWriter) WriterKey() string {
// OpenWriter opens a new file writer.
func (fw FileWriter) OpenWriter() (io.WriteCloser, error) {
if fw.Mode == 0 {
fw.Mode = 0o600
modeIfCreating := os.FileMode(fw.Mode)
if modeIfCreating == 0 {
modeIfCreating = 0o600
}
// roll log files by default
if fw.Roll == nil || *fw.Roll {
// roll log files as a sensible default to avoid disk space exhaustion
roll := fw.Roll == nil || *fw.Roll
// create the file if it does not exist; create with the configured mode, or default
// to restrictive if not set. (lumberjack will reuse the file mode across log rotation)
if err := os.MkdirAll(filepath.Dir(fw.Filename), 0o700); err != nil {
return nil, err
}
file, err := os.OpenFile(fw.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, modeIfCreating)
if err != nil {
return nil, err
}
info, err := file.Stat()
if roll {
file.Close() // lumberjack will reopen it on its own
}
// Ensure already existing files have the right mode, since OpenFile will not set the mode in such case.
if configuredMode := os.FileMode(fw.Mode); configuredMode != 0 {
if err != nil {
return nil, fmt.Errorf("unable to stat log file to see if we need to set permissions: %v", err)
}
// only chmod if the configured mode is different
if info.Mode()&os.ModePerm != configuredMode&os.ModePerm {
if err = os.Chmod(fw.Filename, configuredMode); err != nil {
return nil, err
}
}
}
// if not rolling, then the plain file handle is all we need
if !roll {
return file, nil
}
// otherwise, return a rolling log
if fw.RollSizeMB == 0 {
fw.RollSizeMB = 100
}
@ -165,20 +201,6 @@ func (fw FileWriter) OpenWriter() (io.WriteCloser, error) {
if fw.RollKeepDays == 0 {
fw.RollKeepDays = 90
}
// create the file if it does not exist with the right mode.
// lumberjack will reuse the file mode across log rotation.
f_tmp, err := os.OpenFile(fw.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, os.FileMode(fw.Mode))
if err != nil {
return nil, err
}
f_tmp.Close()
// ensure already existing files have the right mode,
// since OpenFile will not set the mode in such case.
if err = os.Chmod(fw.Filename, os.FileMode(fw.Mode)); err != nil {
return nil, err
}
return &lumberjack.Logger{
Filename: fw.Filename,
MaxSize: fw.RollSizeMB,
@ -189,10 +211,6 @@ func (fw FileWriter) OpenWriter() (io.WriteCloser, error) {
}, nil
}
// otherwise just open a regular file
return os.OpenFile(fw.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, os.FileMode(fw.Mode))
}
// UnmarshalCaddyfile sets up the module from Caddyfile tokens. Syntax:
//
// file <filename> {

View file

@ -20,6 +20,7 @@ import (
"encoding/json"
"os"
"path"
"path/filepath"
"syscall"
"testing"
@ -77,7 +78,7 @@ func TestFileCreationMode(t *testing.T) {
t.Fatalf("failed to create tempdir: %v", err)
}
defer os.RemoveAll(dir)
fpath := path.Join(dir, "test.log")
fpath := filepath.Join(dir, "test.log")
tt.fw.Filename = fpath
logger, err := tt.fw.OpenWriter()
@ -92,7 +93,7 @@ func TestFileCreationMode(t *testing.T) {
}
if st.Mode() != tt.wantMode {
t.Errorf("file mode is %v, want %v", st.Mode(), tt.wantMode)
t.Errorf("%s: file mode is %v, want %v", tt.name, st.Mode(), tt.wantMode)
}
})
}