[enh] Make use of new logging facilities with the cli in the firewall

This commit is contained in:
Jérôme Lebleu 2015-11-12 22:39:09 +01:00
parent 71a21d71d2
commit 4978e48c9d
2 changed files with 42 additions and 41 deletions

View file

@ -18,11 +18,12 @@ PRINT_PLAIN = False
# Level for which loggers will log
LOGGERS_LEVEL = 'INFO'
TTY_LOG_LEVEL = 'SUCCESS'
# Handlers that will be used by loggers
# - file: log to the file LOG_DIR/LOG_FILE
# - console: log to stderr
LOGGERS_HANDLERS = ['file']
# - tty: log to current tty
LOGGERS_HANDLERS = ['file', 'tty']
# Directory and file to be used by logging
LOG_DIR = '/var/log/yunohost'
@ -54,30 +55,30 @@ def _check_in_devel():
def _parse_argv():
"""Parse additional arguments and return remaining ones"""
global USE_CACHE, PRINT_JSON, PRINT_PLAIN
global TTY_LOG_LEVEL, LOGGERS_LEVEL, LOGGERS_HANDLERS
argv = list(sys.argv)
argv.pop(0)
if '--no-cache' in argv:
global USE_CACHE
USE_CACHE = False
argv.remove('--no-cache')
if '--json' in argv:
global PRINT_JSON
PRINT_JSON = True
argv.remove('--json')
if '--plain' in argv:
global PRINT_PLAIN
PRINT_PLAIN = True
argv.remove('--plain')
if '--debug' in argv:
global LOGGERS_LEVEL
LOGGERS_LEVEL = 'DEBUG'
LOGGERS_LEVEL = TTY_LOG_LEVEL = 'DEBUG'
argv.remove('--debug')
if '--verbose' in argv:
global LOGGERS_HANDLERS
if 'console' not in LOGGERS_HANDLERS:
LOGGERS_HANDLERS.append('console')
TTY_LOG_LEVEL = 'INFO'
argv.remove('--verbose')
if '--quiet' in argv:
if 'tty' in LOGGERS_HANDLERS:
LOGGERS_HANDLERS.remove('tty')
argv.remove('--quiet')
return argv
def _init_moulinette():
@ -89,33 +90,35 @@ def _init_moulinette():
'version': 1,
'disable_existing_loggers': True,
'formatters': {
'simple': {
'format': '%(relativeCreated)-5d %(levelname)-8s %(name)s - %(message)s'
},
'precise': {
'format': '%(asctime)-15s %(levelname)-8s %(name)s %(funcName)s - %(message)s'
'format': '%(asctime)-15s %(levelname)-8s %(name)s %(funcName)s - %(fmessage)s'
},
},
'filters': {
'action': {
'()': 'moulinette.utils.log.ActionFilter',
},
},
'handlers': {
'console': {
'class': 'logging.StreamHandler',
'formatter': 'simple',
'stream': 'ext://sys.stderr',
'tty': {
'level': TTY_LOG_LEVEL,
'class': 'moulinette.interfaces.cli.TTYHandler',
},
'file': {
'class': 'logging.FileHandler',
'formatter': 'precise',
'filename': '%s/%s' % (LOG_DIR, LOG_FILE),
'filters': ['action'],
},
},
'loggers': {
'moulinette': {
'level': LOGGERS_LEVEL,
'handlers': LOGGERS_HANDLERS,
'level': LOGGERS_LEVEL,
},
'yunohost': {
'level': LOGGERS_LEVEL,
'handlers': LOGGERS_HANDLERS,
'level': LOGGERS_LEVEL,
},
},
}

View file

@ -83,8 +83,7 @@ def firewall_allow(protocol, port, ipv4_only=False, ipv6_only=False,
firewall[i][p].append(port)
else:
ipv = "IPv%s" % i[3]
msignals.display(m18n.n('port_already_opened', port, ipv),
'warning')
logger.warning(m18n.n('port_already_opened', port, ipv))
# Add port forwarding with UPnP
if not no_upnp and port not in firewall['uPnP'][p]:
firewall['uPnP'][p].append(port)
@ -141,8 +140,7 @@ def firewall_disallow(protocol, port, ipv4_only=False, ipv6_only=False,
firewall[i][p].remove(port)
else:
ipv = "IPv%s" % i[3]
msignals.display(m18n.n('port_already_closed', port, ipv),
'warning')
logger.warning(m18n.n('port_already_closed', port, ipv))
# Remove port forwarding with UPnP
if upnp and port in firewall['uPnP'][p]:
firewall['uPnP'][p].remove(port)
@ -214,9 +212,9 @@ def firewall_reload(skip_upnp=False):
try:
process.check_output("iptables -L")
except process.CalledProcessError as e:
logger.info('iptables seems to be not available, it outputs:\n%s',
prependlines(e.output.rstrip(), '> '))
msignals.display(m18n.n('iptables_unavailable'), 'info')
logger.debug('iptables seems to be not available, it outputs:\n%s',
prependlines(e.output.rstrip(), '> '))
logger.warning(m18n.n('iptables_unavailable'))
else:
rules = [
"iptables -F",
@ -243,9 +241,9 @@ def firewall_reload(skip_upnp=False):
try:
process.check_output("ip6tables -L")
except process.CalledProcessError as e:
logger.info('ip6tables seems to be not available, it outputs:\n%s',
prependlines(e.output.rstrip(), '> '))
msignals.display(m18n.n('ip6tables_unavailable'), 'info')
logger.debug('ip6tables seems to be not available, it outputs:\n%s',
prependlines(e.output.rstrip(), '> '))
logger.warning(m18n.n('ip6tables_unavailable'))
else:
rules = [
"ip6tables -F",
@ -282,9 +280,9 @@ def firewall_reload(skip_upnp=False):
os.system("service fail2ban restart")
if errors:
msignals.display(m18n.n('firewall_rules_cmd_failed'), 'warning')
logger.warning(m18n.n('firewall_rules_cmd_failed'))
else:
msignals.display(m18n.n('firewall_reloaded'), 'success')
logger.success(m18n.n('firewall_reloaded'))
return firewall_list()
@ -306,7 +304,7 @@ def firewall_upnp(action='status', no_refresh=False):
# Compatibility with previous version
if action == 'reload':
logger.warning("'reload' action is deprecated and will be removed")
logger.info("'reload' action is deprecated and will be removed")
try:
# Remove old cron job
os.remove('/etc/cron.d/yunohost-firewall')
@ -349,14 +347,14 @@ def firewall_upnp(action='status', no_refresh=False):
nb_dev = upnpc.discover()
logger.debug('found %d UPnP device(s)', int(nb_dev))
if nb_dev < 1:
msignals.display(m18n.n('upnp_dev_not_found'), 'error')
logger.error(m18n.n('upnp_dev_not_found'))
enabled = False
else:
try:
# Select UPnP device
upnpc.selectigd()
except:
logger.exception('unable to select UPnP device')
logger.info('unable to select UPnP device', exc_info=1)
enabled = False
else:
# Iterate over ports
@ -374,8 +372,8 @@ def firewall_upnp(action='status', no_refresh=False):
upnpc.addportmapping(port, protocol, upnpc.lanaddr,
port, 'yunohost firewall: port %d' % port, '')
except:
logger.exception('unable to add port %d using UPnP',
port)
logger.info('unable to add port %d using UPnP',
port, exc_info=1)
enabled = False
if enabled != firewall['uPnP']['enabled']:
@ -390,9 +388,9 @@ def firewall_upnp(action='status', no_refresh=False):
if not no_refresh:
# Display success message if needed
if action == 'enable' and enabled:
msignals.display(m18n.n('upnp_enabled'), 'success')
logger.success(m18n.n('upnp_enabled'))
elif action == 'disable' and not enabled:
msignals.display(m18n.n('upnp_disabled'), 'success')
logger.success(m18n.n('upnp_disabled'))
# Make sure to disable UPnP
elif action != 'disable' and not enabled:
firewall_upnp('disable', no_refresh=True)
@ -455,6 +453,6 @@ def _update_firewall_file(rules):
def _on_rule_command_error(returncode, cmd, output):
"""Callback for rules commands error"""
# Log error and continue commands execution
logger.error('"%s" returned non-zero exit status %d:\n%s',
cmd, returncode, prependlines(output.rstrip(), '> '))
logger.info('"%s" returned non-zero exit status %d:\n%s',
cmd, returncode, prependlines(output.rstrip(), '> '))
return True