parent
a88848009a
commit
c81fc87d4e
|
@ -20,7 +20,6 @@ import (
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
"golang.org/x/sys/unix"
|
|
||||||
"gopkg.in/tomb.v2"
|
"gopkg.in/tomb.v2"
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
)
|
)
|
||||||
|
@ -230,11 +229,18 @@ func (f *FileSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb) er
|
||||||
return f.monitorNewFiles(out, t)
|
return f.monitorNewFiles(out, t)
|
||||||
})
|
})
|
||||||
for _, file := range f.files {
|
for _, file := range f.files {
|
||||||
err := unix.Access(file, unix.R_OK)
|
//cf. https://github.com/crowdsecurity/crowdsec/issues/1168
|
||||||
|
//do not rely on stat, reclose file immediately as it's opened by Tail
|
||||||
|
fd, err := os.Open(file)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
f.logger.Errorf("unable to read %s : %s", file, err)
|
f.logger.Errorf("unable to read %s : %s", file, err)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
if err := fd.Close(); err != nil {
|
||||||
|
f.logger.Errorf("unable to close %s : %s", file, err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
fi, err := os.Stat(file)
|
fi, err := os.Stat(file)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("could not stat file %s : %w", file, err)
|
return fmt.Errorf("could not stat file %s : %w", file, err)
|
||||||
|
@ -300,9 +306,15 @@ func (f *FileSource) monitorNewFiles(out chan types.Event, t *tomb.Tomb) error {
|
||||||
logger.Debugf("Already tailing file %s, not creating a new tail", event.Name)
|
logger.Debugf("Already tailing file %s, not creating a new tail", event.Name)
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
err = unix.Access(event.Name, unix.R_OK)
|
//cf. https://github.com/crowdsecurity/crowdsec/issues/1168
|
||||||
|
//do not rely on stat, reclose file immediately as it's opened by Tail
|
||||||
|
fd, err := os.Open(event.Name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Errorf("unable to read %s : %s", event.Name, err)
|
f.logger.Errorf("unable to read %s : %s", event.Name, err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if err := fd.Close(); err != nil {
|
||||||
|
f.logger.Errorf("unable to close %s : %s", event.Name, err)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
//Slightly different parameters for Location, as we want to read the first lines of the newly created file
|
//Slightly different parameters for Location, as we want to read the first lines of the newly created file
|
||||||
|
|
|
@ -238,7 +238,7 @@ func TestLiveAcquisition(t *testing.T) {
|
||||||
mode: tail
|
mode: tail
|
||||||
filename: /etc/shadow`,
|
filename: /etc/shadow`,
|
||||||
expectedErr: "",
|
expectedErr: "",
|
||||||
expectedOutput: "unable to read /etc/shadow : permission denied",
|
expectedOutput: "unable to read /etc/shadow : open /etc/shadow: permission denied",
|
||||||
logLevel: log.InfoLevel,
|
logLevel: log.InfoLevel,
|
||||||
expectedLines: 0,
|
expectedLines: 0,
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue