Merge pull request #310 from garrettr/logging-hotfix

Logging hotfix. Fixes #261.

install_files/app.logs.ossec.conf

@@ -39,3 +39,12 @@
     <location>/var/chroot/document/var/log/tor/log</location>
   </localfile>
 
+  <localfile>
+    <log_format>syslog</log_format>
+    <location>/var/chroot/source/var/www/securedrop/securedrop.log</location>
+  </localfile>
+
+  <localfile>
+    <log_format>syslog</log_format>
+    <location>/var/chroot/document/var/www/securedrop/securedrop.log</location>
+  </localfile>

install_files/document.config.py

@@ -44,6 +44,35 @@ class TestingConfig(BaseConfig):
     # test_journalist_key.pub
     JOURNALIST_KEY='65A1B5FF195B56353CC63DFFCC40EF1228271441'
 
+### Logging
+
+# Note that the loggers propagate up to the root logger, which has a default
+# logging level of WARNING. This means logged messages with severity < WARNING
+# will not appear unless *both* the handler and the logger are set to desired
+# level.
+# http://docs.python.org/2.7/library/logging.html
+#
+# Also note that Flask's built-in logger will adjust its level based on the
+# DEBUG flag, and will also automatically log to stdout if the flag is set.
+
+import logging
+
+logfile_path = os.path.join(SECUREDROP_ROOT, 'securedrop.log')
+file_handler = logging.FileHandler(logfile_path)
+# can .setLevel here, but the default of warning is fine
+
+# more handlers here ...
+# e.g.
+#
+# from logging.handlers import SysLogHandler
+# syslog_handler = SysLogHandler(address='/dev/log')
+
+handlers = [file_handler]
+
+def register_handlers(logger):
+    for handler in handlers:
+        logger.addHandler(handler)
+
 # Database Configuration
 
 # Default to using a sqlite database file for development

install_files/source.config.py

@@ -35,6 +35,7 @@ class TestingConfig(BaseConfig):
 
 # Default to the production configuration
 FlaskConfig = ProductionConfig
+SECUREDROP_ROOT=os.path.abspath('/var/www/securedrop')
 
 if os.environ.get('SECUREDROP_ENV') == 'test':
     FlaskConfig = TestingConfig
@@ -44,6 +45,35 @@ class TestingConfig(BaseConfig):
     # test_journalist_key.pub
     JOURNALIST_KEY='65A1B5FF195B56353CC63DFFCC40EF1228271441'
 
+### Logging
+
+# Note that the loggers propagate up to the root logger, which has a default
+# logging level of WARNING. This means logged messages with severity < WARNING
+# will not appear unless *both* the handler and the logger are set to desired
+# level.
+# http://docs.python.org/2.7/library/logging.html
+#
+# Also note that Flask's built-in logger will adjust its level based on the
+# DEBUG flag, and will also automatically log to stdout if the flag is set.
+
+import logging
+
+logfile_path = os.path.join(SECUREDROP_ROOT, 'securedrop.log')
+file_handler = logging.FileHandler(logfile_path)
+# can .setLevel here, but the default of warning is fine
+
+# more handlers here ...
+# e.g.
+#
+# from logging.handlers import SysLogHandler
+# syslog_handler = SysLogHandler(address='/dev/log')
+
+handlers = [file_handler]
+
+def register_handlers(logger):
+    for handler in handlers:
+        logger.addHandler(handler)
+
 # Database Configuration
 
 # Default to using a sqlite database file for development

install_files/var.chroot.document.usr.lib.apache2.mpm-worker.apache2

@@ -782,7 +782,8 @@
   /var/chroot/document/var/www/securedrop/version.py r,
   /var/chroot/document/var/www/securedrop/version.pyc rw,
   /var/chroot/document/var/www/securedrop/wordlist r,
-
+  /var/chroot/document/var/www/securedrop/securedrop.log w,
+  /var/chroot/document/var/www/securedrop/securedrop.log~ w,
 
   ^DEFAULT_URI {
 

install_files/var.chroot.source.usr.lib.apache2.mpm-worker.apache2

@@ -571,7 +571,8 @@
   /var/chroot/source/var/www/securedrop/version.py r,
   /var/chroot/source/var/www/securedrop/version.pyc rw,
   /var/chroot/source/var/www/securedrop/wordlist r,
-
+  /var/chroot/source/var/www/securedrop/securedrop.log w,
+  /var/chroot/source/var/www/securedrop/securedrop.log~ w,
 
   ^DEFAULT_URI {
 

securedrop/example_config.py

@@ -36,10 +36,14 @@ class TestingConfig(BaseConfig):
     # Tests are simpler if CSRF protection is disabled
     WTF_CSRF_ENABLED = False
 
-if os.environ.get('SECUREDROP_ENV') == 'test':
+env = os.environ.get('SECUREDROP_ENV')
+if env == 'test':
     FlaskConfig=TestingConfig
     SECUREDROP_ROOT='/tmp/securedrop_test'
     JOURNALIST_KEY='65A1B5FF195B56353CC63DFFCC40EF1228271441' # test_journalist_key.pub
+elif env == 'development':
+    FlaskConfig = DevelopmentConfig
+    SECUREDROP_ROOT=os.path.abspath('.securedrop')
 else:
     FlaskConfig = ProductionConfig
     SECUREDROP_ROOT=os.path.abspath('.securedrop')
@@ -60,6 +64,37 @@ def has_perms(path, mode):
 if not has_perms(GPG_KEY_DIR, safe_perms):
     os.chmod(GPG_KEY_DIR, safe_perms)
 
+
+### Logging
+
+# Note that the loggers propagate up to the root logger, which has a default
+# logging level of WARNING. This means logged messages with severity < WARNING
+# will not appear unless *both* the handler and the logger are set to desired
+# level.
+# http://docs.python.org/2.7/library/logging.html
+#
+# Also note that Flask's built-in logger will adjust its level based on the
+# DEBUG flag, and will also automatically log to stdout if the flag is set.
+
+import logging
+
+logfile_path = os.path.join(SECUREDROP_ROOT, 'securedrop.log')
+file_handler = logging.FileHandler(logfile_path)
+# can .setLevel here, but the default of warning is fine
+
+# more handlers here ...
+# e.g.
+#
+# from logging.handlers import SysLogHandler
+# syslog_handler = SysLogHandler(address='/dev/log')
+
+handlers = [file_handler]
+
+def register_handlers(logger):
+    for handler in handlers:
+        logger.addHandler(handler)
+
+
 ### Database Configuration
 
 # Default to using a sqlite database file for development

securedrop/journalist.py

@@ -17,6 +17,8 @@
 app = Flask(__name__, template_folder=config.JOURNALIST_TEMPLATES_DIR)
 app.config.from_object(config.FlaskConfig)
 CsrfProtect(app)
+config.register_handlers(app.logger)
+
 
 app.jinja_env.globals['version'] = version.__version__
 if getattr(config, 'CUSTOM_HEADER_IMAGE', None):
@@ -190,5 +192,4 @@ def create_flag(sid):
     return render_template('flag.html', sid=sid, codename=db.display_id(sid, db.sqlalchemy_handle()))
 
 if __name__ == "__main__":
-    # TODO make sure debug=False in production
-    app.run(debug=True, port=8081)
+    app.run(port=8081)

securedrop/source.py

@@ -4,11 +4,6 @@
 import uuid
 from functools import wraps
 
-import logging
-# This module's logger is explicitly labeled so the correct logger is used,
-# even when this is run from the command line (e.g. during development)
-log = logging.getLogger('source')
-
 from flask import (Flask, request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file)
 from flask_wtf.csrf import CsrfProtect
@@ -24,6 +19,8 @@
 app = Flask(__name__, template_folder=config.SOURCE_TEMPLATES_DIR)
 app.config.from_object(config.FlaskConfig)
 CsrfProtect(app)
+config.register_handlers(app.logger)
+
 
 app.jinja_env.globals['version'] = version.__version__
 if getattr(config, 'CUSTOM_HEADER_IMAGE', None):
@@ -121,7 +118,7 @@ def create():
     sid = crypto_util.hash_codename(session['codename'])
     if os.path.exists(store.path(sid)):
         # if this happens, we're not using very secure crypto
-        log.warning("Got a duplicate ID '%s'" % sid)
+        app.logger.warning("Got a duplicate ID '%s'" % sid)
     else:
         os.mkdir(store.path(sid))
     session['logged_in'] = True
@@ -267,5 +264,4 @@ def page_not_found(error):
     return render_template('notfound.html'), 404
 
 if __name__ == "__main__":
-    # TODO make sure debug is not on in production
-    app.run(debug=True, port=8080)
+    app.run(port=8080)

securedrop/store.py

@@ -9,9 +9,6 @@
 import subprocess
 from cStringIO import StringIO
 
-import logging
-log = logging.getLogger(__name__)
-
 from werkzeug import secure_filename
 
 VALIDATE_FILENAME = re.compile(