Skip to content

Always redirect STDOUT to logfile#19

Open
amalek215 wants to merge 10 commits intopgaudit:integrationfrom
amalek215:redirect_stdout
Open

Always redirect STDOUT to logfile#19
amalek215 wants to merge 10 commits intopgaudit:integrationfrom
amalek215:redirect_stdout

Conversation

@amalek215
Copy link
Contributor

@amalek215 amalek215 commented May 5, 2021

When run as a systemd process without the --daemon flag the print statements that implicitly use STDOUT do not make it into the logfile

@dwsteele dwsteele mentioned this pull request May 11, 2021
Closed
dwsteele
dwsteele requested changes May 11, 2021
View reviewed changes
@dwsteele dwsteele self-requested a review May 11, 2021 13:36
@dwsteele dwsteele self-assigned this May 11, 2021
@dwsteele dwsteele changed the base branch from master to integration July 2, 2021 13:39
Alex Malek and others added 7 commits July 22, 2021 09:58
improve comment to be clear what $| does and assist in finding docume…
965f56e 
…ntation
@amalek215
Merge branch 'integration' into redirect_stdout
b3600a2
@crunchyheath
Close STDERR when running as a daemon.
975952f 
When testing on the CentOS8 Stream OS and trying to run the pgaudit_analyze binary as a daemon over an SSH connection, the entire SSH connection would hang and never return. After a lot of investigation, we were able to determine that this was happening when using openssh 8.0p1-9.el8 and also 8.0p1-8.el8. However, when you downgrade openssh to 8.0p1-7.el8, launching the daemon works as it has in the past. After digging through the openssh commits we found this:

On May 2, 2021, CentOS 8 Stream packagers introduced a change to its openssh libraries, which you can see here: https://git.centos.org/rpms/openssh/c/1c3003998fcc4d40fe9e4544bca70dbc03324e65?branch=c8s

After a lot more digging and testing, the issue was related to the fact that STDERR was never closed so in the newer openssh versions it would not release the connection and would hang. After this change we are able to run the pgaudit_analyze daemon over an SSH connection like before.
@dwsteele
Merge branch 'integration' into redirect_stdout
05767f1
@dwsteele
Updates from review.
3138768
@dwsteele
Comment update.
a52863f
@dwsteele
Merge branch 'integration' into redirect_stdout
0fb6de8 
# Conflicts:
#	bin/pgaudit_analyze
dwsteele
dwsteele approved these changes Jul 26, 2021
View reviewed changes
Copy link
Collaborator

@dwsteele dwsteele left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tweaked the comments/code in 3138768 and a52863f. This is ready to merge if the changes look OK to you.

@amalek215
Copy link
Contributor Author

amalek215 commented Jun 23, 2023

Not sure if this paused waiting from a response from me.
I had initially commented "Looks good!" on the original commit you had asked for a comment on but now not seeing it in this PR log / convo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dwsteele dwsteele dwsteele approved these changes

Assignees

@dwsteele dwsteele

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@amalek215 @dwsteele @crunchyheath