beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

fix #1168 (#1179)

Browse source 
* fix #1168
This commit is contained in:
Thibault "bui" Koechlin 2022-01-19 11:34:40 +01:00 committed by GitHub
parent a88848009a
commit c81fc87d4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
pkg/acquisition/modules/file/file.go
View file

@ -20,7 +20,6 @@ import (
"github.com/pkg/errors"
"github.com/prometheus/client_golang/prometheus"
log "github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
"gopkg.in/tomb.v2"
"gopkg.in/yaml.v2"
)
@ -230,11 +229,18 @@ func (f *FileSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb) er
return f.monitorNewFiles(out, t)
})
for _, file := range f.files {
err := unix.Access(file, unix.R_OK)
//cf. https://github.com/crowdsecurity/crowdsec/issues/1168
//do not rely on stat, reclose file immediately as it's opened by Tail
fd, err := os.Open(file)
if err != nil {
f.logger.Errorf("unable to read %s : %s", file, err)
continue
}
if err := fd.Close(); err != nil {
f.logger.Errorf("unable to close %s : %s", file, err)
continue
}
fi, err := os.Stat(file)
if err != nil {
return fmt.Errorf("could not stat file %s : %w", file, err)
@ -300,9 +306,15 @@ func (f *FileSource) monitorNewFiles(out chan types.Event, t *tomb.Tomb) error {
logger.Debugf("Already tailing file %s, not creating a new tail", event.Name)
break
}
err = unix.Access(event.Name, unix.R_OK)
//cf. https://github.com/crowdsecurity/crowdsec/issues/1168
//do not rely on stat, reclose file immediately as it's opened by Tail
fd, err := os.Open(event.Name)
if err != nil {
logger.Errorf("unable to read %s : %s", event.Name, err)
f.logger.Errorf("unable to read %s : %s", event.Name, err)
continue
}
if err := fd.Close(); err != nil {
f.logger.Errorf("unable to close %s : %s", event.Name, err)
continue
}
//Slightly different parameters for Location, as we want to read the first lines of the newly created file

2
pkg/acquisition/modules/file/file_test.go
View file

@ -238,7 +238,7 @@ func TestLiveAcquisition(t *testing.T) {
mode: tail
filename: /etc/shadow`,
expectedErr: "",
expectedOutput: "unable to read /etc/shadow : permission denied",
expectedOutput: "unable to read /etc/shadow : open /etc/shadow: permission denied",
logLevel: log.InfoLevel,
expectedLines: 0,
},