From 63be0a4da723a844bb17bfa0dafe8795bde8a296 Mon Sep 17 00:00:00 2001 From: Papoteur Date: Sun, 16 Oct 2016 17:00:39 +0200 Subject: Use journald instead of syslog to get log on tty12 (mga#10034) this is set by ENABLE_CONSOLE_LOG --- src/msec/plugins/msec.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/msec/plugins/msec.py b/src/msec/plugins/msec.py index 6bf5675..a37bc4b 100755 --- a/src/msec/plugins/msec.py +++ b/src/msec/plugins/msec.py @@ -62,6 +62,7 @@ SSHDCONFIG = '/etc/ssh/sshd_config' STARTX = '/usr/bin/startx' SYSCTLCONF = '/etc/sysctl.conf' SYSLOGCONF = '/etc/syslog.conf' +JOURNALDCONF = '/etc/systemd/journald.conf' XDM = '/etc/pam.d/xdm' XSERVERS = '/etc/X11/xdm/Xservers' EXPORT = '/root/.xauth/export' @@ -104,6 +105,7 @@ class msec: self.configfiles.add_config_assoc(SSHDCONFIG, '[ -f /var/lock/subsys/sshd ] && /etc/rc.d/init.d/sshd restart') self.configfiles.add_config_assoc(LILOCONF, '[ `/usr/sbin/detectloader` = LILO ] && /sbin/lilo') self.configfiles.add_config_assoc(SYSLOGCONF, '[ -f /var/lock/subsys/syslog ] && service syslog reload') + self.configfiles.add_config_assoc(JOURNALDCONF, '[ -f /var/lock/subsys/journald ] && systemctl restart journald') self.configfiles.add_config_assoc('^/etc/issue$', '/usr/bin/killall mingetty') # security options @@ -430,18 +432,16 @@ class msec: def enable_console_log(self, arg, expr='*.*', dev='tty12'): ''' Log syslog messages on console terminal 12.''' - syslogconf = self.configfiles.get_config_file(SYSLOGCONF) - - val = syslogconf.get_match('\s*[^#]+/dev/([^ ]+)', '@1') + journaldconf = self.configfiles.get_config_file(JOURNALDCONF) if arg == "yes": - if dev != val: self.log.info(_('Enabling log on console')) - syslogconf.exists() and syslogconf.replace_line_matching('\s*[^#]+/dev/', expr + ' /dev/' + dev, 1) + journaldconf.exists() and journaldconf.replace_line_matching('ForwardToConsole', 'ForwardToConsole=yes', 1) + journaldconf.exists() and journaldconf.replace_line_matching('TTYPath', 'TTYPath=/dev/' + dev, 1) else: - if val != None: self.log.info(_('Disabling log on console')) - syslogconf.exists() and syslogconf.remove_line_matching('\s*[^#]+/dev/') + journaldconf.exists() and journaldconf.replace_line_matching('ForwardToConsole', 'ForwardToConsole=no', 1) + journaldconf.exists() and journaldconf.replace_line_matching('TTYPath', '#TTYPath=/dev/' + dev, 1) def authorize_services(self, arg): ''' Allow full access to network services controlled by tcp_wrapper (see hosts.deny(5)). If yes, all services are allowed. If local, only connections to local services are authorized. If no, the services must be authorized manually in /etc/hosts.allow (see hosts.allow(5)).''' -- cgit v1.2.1