1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 16:22:43 +01:00

Support an SSH error log

Summary: Ref T13624. Depends on D21578. In "sshd" subprocess contexts, use "PhutilErrorLog" to direct errors to both stderr and, if configured, a logfile on disk.

Test Plan:
  - Confiugured an error log.
  - Forced `ssh-auth` to fatal.
  - Saw errors on stderr and in log.

Maniphest Tasks: T13624

Differential Revision: https://secure.phabricator.com/D21579
This commit is contained in:
epriestley 2021-02-26 11:59:29 -08:00
parent f970b350ea
commit 10162ad43b
3 changed files with 25 additions and 1 deletions

View file

@ -4,6 +4,11 @@
$root = dirname(dirname(dirname(__FILE__))); $root = dirname(dirname(dirname(__FILE__)));
require_once $root.'/scripts/init/init-script.php'; require_once $root.'/scripts/init/init-script.php';
$error_log = id(new PhutilErrorLog())
->setLogName(pht('SSH Error Log'))
->setLogPath(PhabricatorEnv::getEnvConfig('log.ssh-error.path'))
->activateLog();
// TODO: For now, this is using "parseParital()", not "parse()". This allows // TODO: For now, this is using "parseParital()", not "parse()". This allows
// the script to accept (and ignore) additional arguments. This preserves // the script to accept (and ignore) additional arguments. This preserves
// backward compatibility until installs have time to migrate to the new // backward compatibility until installs have time to migrate to the new

View file

@ -4,7 +4,12 @@
$ssh_start_time = microtime(true); $ssh_start_time = microtime(true);
$root = dirname(dirname(dirname(__FILE__))); $root = dirname(dirname(dirname(__FILE__)));
require_once $root.'/scripts/__init_script__.php'; require_once $root.'/scripts/init/init-script.php';
$error_log = id(new PhutilErrorLog())
->setLogName(pht('SSH Error Log'))
->setLogPath(PhabricatorEnv::getEnvConfig('log.ssh-error.path'))
->activateLog();
$ssh_log = PhabricatorSSHLog::getLog(); $ssh_log = PhabricatorSSHLog::getLog();

View file

@ -116,6 +116,20 @@ final class PhabricatorAccessLogConfigOptions
->setLocked(true) ->setLocked(true)
->setSummary(pht('SSH log format.')) ->setSummary(pht('SSH log format.'))
->setDescription($ssh_desc), ->setDescription($ssh_desc),
$this->newOption('log.ssh-error.path', 'string', null)
->setLocked(true)
->setSummary(pht('SSH error log location.'))
->setDescription(
pht(
'To enable the Phabricator SSH error log, specify a path. Errors '.
'occurring in contexts where Phabricator is serving SSH requests '.
'will be written to this log.'.
"\n\n".
'If not set, no log will be written.'))
->addExample(null, pht('Disable SSH error log.'))
->addExample(
'/var/log/phabricator/ssh-error.log',
pht('Write SSH error log here.')),
); );
} }