[MAGNOLIA-5105] Log viewer list files but did not display logfiles if symlinks are used Created: 12/Jun/13  Updated: 14/Jan/14  Resolved: 25/Jun/13

Status: Closed
Project: Magnolia
Component/s: admininterface
Affects Version/s: 4.4.10, 4.5.7, 4.5.8, 4.5.9
Fix Version/s: 4.5.10

Type: Bug Priority: Neutral
Reporter: Frank Sommer Assignee: Roman Kovařík
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Cloners
is cloned by MAGNOLIA-5623 CLONE - Log viewer list files but did... Closed
is cloned by MGNLADMLEG-15 Log viewer list files but did not dis... Closed
causality
relation
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:

 Description   

Before displaying the logfile in log viewer the canonical path of the log file is checked, that the logfile is located in the logs folder. But if you use symlink the canonical path is always different of the log folder path and so the log files are not displayed.

I think the method isValidPath in info.magnolia.module.admininterface.pages.LogViewerPage is buggy in this use case and furthermore needless in my point of view.



 Comments   
Comment by Jan Haderka [ 12/Jun/13 ]

I think the method isValidPath in info.magnolia.module.admininterface.pages.LogViewerPage is buggy in this use case and furthermore needless in my point of view.

Method is necessary to make sure if some user gains access to AdminCentral, such user can exploit log viewer functionality to browse the file system unchecked. The point of the method is to make sure no one can escape the log folder specified in the properties.

Why would you link to different folder rather then specify correct log folder location in your properties file? Even if you need different folders for different deployments, you can use properties overloading mechanism to change log folder location.

Comment by Frank Sommer [ 12/Jun/13 ]

We use symlinks for the tomcat installation. Instead of /home/mgnl/apache-tomcat-7.0.41/logs we can use /home/mgnl/tomcat/logs. The advantage is that we don't to reconfigure the paths on tomcat update.

In log viewer the canonical path of the log file is compared with the log folder path. So the canonical path is always without symlink and the log folder path is with symlink.

Another solution could be the log viewer uses for the comparison the canonical path of the log folder.

Comment by Jan Haderka [ 08/Jul/13 ]

The fix is to convert configured log directory to canonical path as well and then compare two canonical paths. If admin configured path to point sym linked directory, this is by choice, not by accident. We still keep fix from MAGNOLIA-4646 intact by enforcing canonical path check on the files that are requested.

Comment by Edgar Vonk [ 11/Nov/13 ]

Hi Jan / Magnolia,

We now come across this issue in a Magnolia 4.4.12 installation for one of our existing clients (who is not going to upgrade to Magnolia 4.5 or 5 anytime soon).

Am I correct in understanding that this fix was only done in in the Magnolia 4.5 branch (4.5.10) and not in the 4.4 branch? This seems to be the case since we do not encounter the issue in our Magnolia 4.5 installations. If so, could you please backport the fix to the 4.4 branch? We are really suffering from this issue..

Similar to mentioned previously we also use symbolic links in our Tomcat installations to link the Tomcat logs folder (= a sym link) to our /var/log log partition on the file system.

Furthermore we do not (cannot I think) use magnolia.logs.dir as a system property outside of the Magnolia web app since we need to have separate Magnolia log dirs for our multiple Magnolia web apps on the same machine (author vs public).

What we want is:

  • use symbolic links on our file systems for log file folders
  • absolutely no log files in our web app folders, or even in our Tomcat folder. log files must reside on a separate partition (/var/log) for monitoring purposes
  • have a single distributable Magnolia web app (WAR file) which can be deployed to any of our servers (all with potentially different file system configurations) without change
  • if possible no need to set system properties on all our servers to define Magnolia log file locations

cheers, Edgar

Generated at Mon Feb 12 04:02:02 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.