free
/
freedombone
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
Преглед изворни кода

Replace shred when toggling logging

Bob Mottram пре 8 година
родитељ
ba1b541e3f
комит
9097354a78
1 измењених фајлова са 28 додато и 23 уклоњено
Један поглед Покажи статистику Diff
  1. 28
    23
      src/freedombone-logging

+ 28
- 23
src/freedombone-logging Прегледај датотеку

35
35
36 
 WEBSERVER_LOG_LEVEL='warn'
 36 
 WEBSERVER_LOG_LEVEL='warn'
37
37
38 
+# Shredding could be used here, but especially on microSD
39 
+# or SSD it's debatable how useful shredding really is.
40 
+# Also the shred command can be very slow on Beaglebone Black
41 
+REMOVE_FILES_COMMAND='rm -rf'
42 
+
38 
 function turn_off_rsys_logging {
 43 
 function turn_off_rsys_logging {
39 
     sed -i 's|mail,news.none.*|mail,news.none      /dev/null|g' /etc/rsyslog.conf
 44 
     sed -i 's|mail,news.none.*|mail,news.none      /dev/null|g' /etc/rsyslog.conf
40 
     sed -i 's|auth,authpriv.\*.*|auth,authpriv.\*         /dev/null|g' /etc/rsyslog.conf
 45 
     sed -i 's|auth,authpriv.\*.*|auth,authpriv.\*         /dev/null|g' /etc/rsyslog.conf
48 
     sed -i 's|\*.\*;auth,authpriv.none.*|\*.\*;auth,authpriv.none      /dev/null|g' /etc/rsyslog.conf
 53 
     sed -i 's|\*.\*;auth,authpriv.none.*|\*.\*;auth,authpriv.none      /dev/null|g' /etc/rsyslog.conf
49 
     sed -i 's|#cron.\*|cron.\*|g' /etc/rsyslog.conf
 54 
     sed -i 's|#cron.\*|cron.\*|g' /etc/rsyslog.conf
50 
     sed -i 's|cron.\*.*|cron.\*             /dev/null|g' /etc/rsyslog.conf
 55 
     sed -i 's|cron.\*.*|cron.\*             /dev/null|g' /etc/rsyslog.conf
51 
-    shred -zu /var/log/wtmp*
52 
-    shred -zu /var/log/debug*
53 
-    shred -zu /var/log/cron.*
54 
-    shred -zu /var/log/auth.*
55 
-    shred -zu /var/log/mail.*
56 
-    shred -zu /var/log/daemon.*
57 
-    shred -zu /var/log/user.*
58 
-    shred -zu /var/log/messages*
56 
+    $REMOVE_FILES_COMMAND /var/log/wtmp*
57 
+    $REMOVE_FILES_COMMAND /var/log/debug*
58 
+    $REMOVE_FILES_COMMAND /var/log/cron.*
59 
+    $REMOVE_FILES_COMMAND /var/log/auth.*
60 
+    $REMOVE_FILES_COMMAND /var/log/mail.*
61 
+    $REMOVE_FILES_COMMAND /var/log/daemon.*
62 
+    $REMOVE_FILES_COMMAND /var/log/user.*
63 
+    $REMOVE_FILES_COMMAND /var/log/messages*
59 
 }
 64 
 }
60
65
61 
 function turn_on_rsys_logging {
 66 
 function turn_on_rsys_logging {
155 
             sed -i 's|log_config:|#log_config:|g' /var/lib/matrix/homeserver.yaml
 160 
             sed -i 's|log_config:|#log_config:|g' /var/lib/matrix/homeserver.yaml
156 
         fi
 161 
         fi
157 
         if [ -f /etc/matrix/homeserver.log ]; then
 162 
         if [ -f /etc/matrix/homeserver.log ]; then
158 
-            shred -zu /etc/matrix/homeserver.log
163 
+            $REMOVE_FILES_COMMAND /etc/matrix/homeserver.log
159 
         fi
 164 
         fi
160 
         if [ -f /etc/matrix/homeserver.log.1 ]; then
 165 
         if [ -f /etc/matrix/homeserver.log.1 ]; then
161 
-            shred -zu /etc/matrix/homeserver.log.1
166 
+            $REMOVE_FILES_COMMAND /etc/matrix/homeserver.log.1
162 
         fi
 167 
         fi
163 
     fi
 168 
     fi
164 
     if [ -d /etc/tor ]; then
 169 
     if [ -d /etc/tor ]; then
165 
         sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
 170 
         sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
166 
         sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
 171 
         sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
167 
         if [ -d /var/log/tor ]; then
 172 
         if [ -d /var/log/tor ]; then
168 
-            shred -zu /var/log/tor/*
173 
+            $REMOVE_FILES_COMMAND /var/log/tor/*
169 
             rm -rf /var/log/tor
 174 
             rm -rf /var/log/tor
170 
         fi
 175 
         fi
171 
     fi
 176 
     fi
172 
     if [ -f /etc/mumble-server.ini ]; then
 177 
     if [ -f /etc/mumble-server.ini ]; then
173 
         sed -i 's|logfile=.*|logfile=/dev/null|g' /etc/mumble-server.ini
 178 
         sed -i 's|logfile=.*|logfile=/dev/null|g' /etc/mumble-server.ini
174 
         if [ -d /var/log/mumble-server ]; then
 179 
         if [ -d /var/log/mumble-server ]; then
175 
-            shred -zu /var/log/mumble-server/*
180 
+            $REMOVE_FILES_COMMAND /var/log/mumble-server/*
176 
             rm -rf /var/log/mumble-server
 181 
             rm -rf /var/log/mumble-server
177 
         fi
 182 
         fi
178 
     fi
 183 
     fi
179 
     if [ -d /var/log/radicale ]; then
 184 
     if [ -d /var/log/radicale ]; then
180 
-        shred -zu /var/log/radicale/*
185 
+        $REMOVE_FILES_COMMAND /var/log/radicale/*
181 
         rm -rf /var/log/radicale
 186 
         rm -rf /var/log/radicale
182 
     fi
 187 
     fi
183 
     if [ -f /etc/php/7.0/fpm/php-fpm.conf ]; then
 188 
     if [ -f /etc/php/7.0/fpm/php-fpm.conf ]; then
184 
         sed -i 's|error_log =.*|error_log = /dev/null|g' /etc/php/7.0/fpm/php-fpm.conf
 189 
         sed -i 's|error_log =.*|error_log = /dev/null|g' /etc/php/7.0/fpm/php-fpm.conf
185 
-        shred -zu /var/log/php-fpm.*
190 
+        $REMOVE_FILES_COMMAND /var/log/php-fpm.*
186 
     fi
 191 
     fi
187 
     if [ -d /etc/nginx ]; then
 192 
     if [ -d /etc/nginx ]; then
188 
         for filename in /etc/nginx/sites-available/* ; do
 193 
         for filename in /etc/nginx/sites-available/* ; do
192 
         done
 197 
         done
193 
         sed -i 's|access_log.*|access_log /dev/null;|g' /etc/nginx/nginx.conf
 198 
         sed -i 's|access_log.*|access_log /dev/null;|g' /etc/nginx/nginx.conf
194 
         sed -i 's|error_log.*|error_log /dev/null;|g' /etc/nginx/nginx.conf
 199 
         sed -i 's|error_log.*|error_log /dev/null;|g' /etc/nginx/nginx.conf
195 
-        shred -zu /var/log/nginx/*
200 
+        $REMOVE_FILES_COMMAND /var/log/nginx/*
196 
     fi
 201 
     fi
197 
     if [ -f /etc/init.d/spamassassin ]; then
 202 
     if [ -f /etc/init.d/spamassassin ]; then
198 
         sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin
 203 
         sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin
201 
         sed -i 's|info = "/var/log/prosody/prosody.log";|info = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
 206 
         sed -i 's|info = "/var/log/prosody/prosody.log";|info = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
202 
         sed -i 's|error = "/var/log/prosody/prosody.err";|error = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
 207 
         sed -i 's|error = "/var/log/prosody/prosody.err";|error = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
203 
         sed -i 's|levels = { "error" }; to = "syslog";|levels = { "error" }; to = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
 208 
         sed -i 's|levels = { "error" }; to = "syslog";|levels = { "error" }; to = "/dev/null";|g' /etc/prosody/prosody.cfg.lua
204 
-        shred -zu /var/log/prosody/*
209 
+        $REMOVE_FILES_COMMAND /var/log/prosody/*
205 
         rm -rf /var/log/prosody
 210 
         rm -rf /var/log/prosody
206 
     fi
 211 
     fi
207 
     if [ -d /etc/exim4 ]; then
 212 
     if [ -d /etc/exim4 ]; then
208 
         sed -i 's|MAIN_LOG_SELECTOR = .*|MAIN_LOG_SELECTOR = -all|g' /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs
 213 
         sed -i 's|MAIN_LOG_SELECTOR = .*|MAIN_LOG_SELECTOR = -all|g' /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs
209 
         sed -i 's|MAIN_LOG_SELECTOR = .*|MAIN_LOG_SELECTOR = -all|g' /etc/exim4/exim4.conf.template
 214 
         sed -i 's|MAIN_LOG_SELECTOR = .*|MAIN_LOG_SELECTOR = -all|g' /etc/exim4/exim4.conf.template
210 
         sed -i 's|log_selector =.*|log_selector = -all|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector
 215 
         sed -i 's|log_selector =.*|log_selector = -all|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector
211 
-        shred -zu /var/log/exim4/*
216 
+        $REMOVE_FILES_COMMAND /var/log/exim4/*
212 
     fi
 217 
     fi
213 
     if [ -f /etc/dovecot/dovecot.conf ]; then
 218 
     if [ -f /etc/dovecot/dovecot.conf ]; then
214 
         sed -i 's|log_path =.*|log_path = /dev/null|g' /etc/dovecot/dovecot.conf
 219 
         sed -i 's|log_path =.*|log_path = /dev/null|g' /etc/dovecot/dovecot.conf
215 
         sed -i 's|info_log_path =.*|info_log_path = /dev/null|g' /etc/dovecot/dovecot.conf
 220 
         sed -i 's|info_log_path =.*|info_log_path = /dev/null|g' /etc/dovecot/dovecot.conf
216 
         sed -i 's|debug_log_path =.*|debug_log_path = /dev/null|g' /etc/dovecot/dovecot.conf
 221 
         sed -i 's|debug_log_path =.*|debug_log_path = /dev/null|g' /etc/dovecot/dovecot.conf
217 
-        shred -zu /var/log/mail.*
218 
-        shred -zu /var/log/dovecot*
222 
+        $REMOVE_FILES_COMMAND /var/log/mail.*
223 
+        $REMOVE_FILES_COMMAND /var/log/dovecot*
219 
     fi
 224 
     fi
220 
     if [ -d /etc/mysql ]; then
 225 
     if [ -d /etc/mysql ]; then
221 
         if [ -d /var/log/mysql ]; then
 226 
         if [ -d /var/log/mysql ]; then
222 
-            shred -zu /var/log/mysql/*
227 
+            $REMOVE_FILES_COMMAND /var/log/mysql/*
223 
         fi
 228 
         fi
224 
         if [ -f /var/log/mysql.err ]; then
 229 
         if [ -f /var/log/mysql.err ]; then
225 
-            shred -zu /var/log/mysql.err
230 
+            $REMOVE_FILES_COMMAND /var/log/mysql.err
226 
         fi
 231 
         fi
227 
         if [ -f /var/log/mysql.log ]; then
 232 
         if [ -f /var/log/mysql.log ]; then
228 
-            shred -zu /var/log/mysql.log
233 
+            $REMOVE_FILES_COMMAND /var/log/mysql.log
229 
         fi
 234 
         fi
230 
         if [ -f /etc/mysql/my.cnf ]; then
 235 
         if [ -f /etc/mysql/my.cnf ]; then
231 
             sed -i 's|log_error =.*|log_error = /dev/null|g' /etc/mysql/my.cnf
 236 
             sed -i 's|log_error =.*|log_error = /dev/null|g' /etc/mysql/my.cnf
234 
     if [ -f /etc/fail2ban/fail2ban.conf ]; then
 239 
     if [ -f /etc/fail2ban/fail2ban.conf ]; then
235 
         sed -i 's|loglevel.*|loglevel = 1|g' /etc/fail2ban/fail2ban.conf
 240 
         sed -i 's|loglevel.*|loglevel = 1|g' /etc/fail2ban/fail2ban.conf
236 
         sed -i 's|logtarget.*|logtarget = /dev/null|g' /etc/fail2ban/fail2ban.conf
 241 
         sed -i 's|logtarget.*|logtarget = /dev/null|g' /etc/fail2ban/fail2ban.conf
237 
-        shred -zu /var/log/fail2ban.*
242 
+        $REMOVE_FILES_COMMAND /var/log/fail2ban.*
238 
     fi
 243 
     fi
239 
     turn_off_rsys_logging
 244 
     turn_off_rsys_logging
240 
 fi
 245 
 fi