modification logging of shibboleth, httpd, supervisor and crond; remo…

…ving mistakes in cron configuration
slavek · Sep 21, 2018 · 95756d4 · 95756d4
1 parent 8dedf79
commit 95756d4
Show file tree

Hide file tree

Showing 8 changed files with 58 additions and 27 deletions.
diff --git a/grouper-midpoint/mp-gr/midpoint-server/Dockerfile b/grouper-midpoint/mp-gr/midpoint-server/Dockerfile
@@ -11,7 +11,7 @@ RUN curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.re
 RUN yum -y update
 RUN yum -y install \
  	zulu-8 \
-        cronie \
+        cron \
         supervisor \
 	libcurl \
 	&& yum clean -y all
@@ -20,33 +20,30 @@ RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem \
     && cd /etc/httpd/conf.d/ \
     && rm -f autoindex.conf ssl.conf userdir.conf welcome.conf
 
-COPY container_files/supervisor/supervisord.conf /etc/supervisord.conf
+COPY container_files/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
 COPY container_files/httpd/conf/* /etc/httpd/conf.d/
 COPY container_files/httpd/possible-conf/* /etc/httpd/possible-conf/
 COPY container_files/shibboleth/* /etc/shibboleth/
 COPY container_files/usr-local-bin/ /usr/local/bin/
 
+RUN mv /usr/local/bin/setenv.sh /opt/tier/setenv.sh \
+    && chmod 755 /opt/tier/setenv.sh
+
 RUN chmod 755 /usr/local/bin/sendtierbeacon.sh \
     && chmod 755 /usr/local/bin/setupcron.sh \
     && chmod 755 /usr/local/bin/init.sh \
     && chmod 755 /usr/local/bin/library.sh \
+    && chmod 755 /usr/local/bin/startup.sh \
     && /usr/local/bin/setupcron.sh
 
 RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
     && sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
     && echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \
-    && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/dev\/fd\/1"/g' /etc/httpd/conf/httpd.conf \
-    && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/dev\/fd\/1"/g' /etc/httpd/conf/httpd.conf \
+    && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/loghttpd"/g' /etc/httpd/conf/httpd.conf \
+    && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/loghttpd"/g' /etc/httpd/conf/httpd.conf \
     && echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \
     && echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf
 
-
-
-
-# TODO switch to other appropriate Java implementation
-
-
-
 ARG MP_VERSION=3.9-SNAPSHOT
 ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
 
@@ -79,4 +76,5 @@ ENV LOGOUT_URL https://localhost:4438/Shibboleth.sso/Logout
 ENV TIER_RELEASE=test-non-release
 ENV TIER_MAINTAINER=tier
 
-CMD ["/usr/bin/supervisord"]
+#CMD ["/usr/bin/supervisord"]
+CMD ["/usr/local/bin/startup.sh"]
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger
@@ -28,12 +28,12 @@ log4j.category.XMLTooling.libcurl=INFO
 # define the appender
 
 log4j.appender.native_log=org.apache.log4j.FileAppender
-log4j.appender.native_log.fileName=/dev/fd/6
+log4j.appender.native_log.fileName=/tmp/logshib
 log4j.appender.native_log.layout=org.apache.log4j.PatternLayout
 log4j.appender.native_log.layout.ConversionPattern=shibd;native.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 
 log4j.appender.warn_log=org.apache.log4j.FileAppender
-log4j.appender.warn_log.fileName=/dev/fd/7
+log4j.appender.warn_log.fileName=/tmp/logshib
 log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout
 log4j.appender.warn_log.layout.ConversionPattern=shibd;native_warn.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 log4j.appender.warn_log.threshold=WARN
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger
@@ -42,18 +42,18 @@ log4j.additivity.Shibboleth-TRANSACTION=false
 # define the appenders
 
 log4j.appender.shibd_log=org.apache.log4j.FileAppender
-log4j.appender.shibd_log.fileName=/dev/fd/3
+log4j.appender.shibd_log.fileName=/tmp/logshib
 log4j.appender.shibd_log.maxFileSize=0
 log4j.appender.shibd_log.layout=org.apache.log4j.PatternLayout
 log4j.appender.shibd_log.layout.ConversionPattern=shibd;shibd.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 
 log4j.appender.tran_log=org.apache.log4j.FileAppender
-log4j.appender.tran_log.fileName=/dev/fd/4
+log4j.appender.tran_log.fileName=/tmp/logshib
 log4j.appender.tran_log.maxFileSize=0
 log4j.appender.tran_log.layout=org.apache.log4j.PatternLayout
 log4j.appender.tran_log.layout.ConversionPattern=shibd;transaction.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 
 log4j.appender.sig_log=org.apache.log4j.FileAppender
-log4j.appender.sig_log.fileName=/dev/fd/5
+log4j.appender.sig_log.fileName=/tmp/logshib
 log4j.appender.sig_log.layout=org.apache.log4j.PatternLayout
 log4j.appender.sig_log.layout.ConversionPattern=shibd;signature.log;${ENV};${USERTOKEN};%m
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/supervisor/supervisord.conf b/grouper-midpoint/mp-gr/midpoint-server/container_files/supervisor/supervisord.conf
@@ -1,9 +1,13 @@
 [supervisord]
+logfile=/tmp/logsuperd
+logfile_maxbytes=0
+loglevel=error
 nodaemon=true
+user=root
 
 [program:init-httpd-shib]
 command=/bin/bash -c "/usr/local/bin/init.sh && httpd-shib-foreground"
-stdout_logfile=/dev/fd/1
+stdout_logfile=/tmp/loghttpd
 stdout_logfile_maxbytes=0
 redirect_stderr=true
 
@@ -17,20 +21,21 @@ command=/bin/bash -c "java -Xmx2048M -Xms2048M -Dfile.encoding=UTF8 \
        -Dmidpoint.repository.hibernateHbm2ddl=none \
        -Dmidpoint.repository.missingSchemaAction=create \
        -Dmidpoint.repository.initializationFailTimeout=60000 \
-       -Dmidpoint.logging.console.enabled=true -Dmidpoint.logging.console.prefix='midpoint;midpoint.log;$ENV;$USERTOKEN;' -Dmidpoint.logging.console.timezone=UTC \
+       -Dmidpoint.logging.console.enabled=true -Dmidpoint.logging.console.prefix='midpoint;midpoint.log;${ENV};${USERTOKEN};' -Dmidpoint.logging.console.timezone=UTC \
        -Dspring.profiles.active=$ACTIVE_PROFILE \
        -Dauth.sso.header=$SSO_HEADER \
        -Dauth.logout.url=$LOGOUT_URL \
        -Dserver.tomcat.ajp.enabled=$AJP_ENABLED \
        -Dserver.tomcat.ajp.port=$AJP_PORT \
-       -jar $MP_DIR/lib/midpoint.war"
+       -jar $MP_DIR/lib/midpoint.war
+       -Dlogging.path=/tmp/logtomcat"
 stdout_logfile=/dev/fd/2
 stdout_logfile_maxbytes=0
 redirect_stderr=true
 
 [program:tier-beacon]
 command=/usr/sbin/crond -i -m off
-stdout_logfile=/dev/fd/10
+stdout_logfile=/tmp/logcrond
 stdout_logfile_maxbytes=0
 redirect_stderr=true
 autorestart=false
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/sendtierbeacon.sh b/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/sendtierbeacon.sh
@@ -3,6 +3,10 @@
 LOGHOST="localhost"
 LOGPORT="80"
 
+if [ -s /opt/tier/env.bash ]; then
+  . /opt/tier/env.bash
+fi
+
 messagefile="/tmp/beaconmsg"
 
 if [ -z "$TIER_BEACON_OPT_OUT" ]; then

diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/setenv.sh b/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/setenv.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+printenv | sed 's/^\(.*\)$/\1/g' | grep -E "^MP_VERSION" > /opt/tier/env.bash
+printenv | sed 's/^\(.*\)$/\1/g' | grep -E "^TIER_RELEASE" >> /opt/tier/env.bash
+printenv | sed 's/^\(.*\)$/\1/g' | grep -E "^TIER_MAINTAINER" >> /opt/tier/env.bash
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/setupcron.sh b/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/setupcron.sh
@@ -1,9 +1,10 @@
 #!/bin/bash
 
-CRONTMPFILE=/tmp/cronfile
+CRONFILE=/opt/tier/cronfile
 
-echo "#send daily \"beacon\" to central" > ${CRONTMPFILE}
-#echo $(expr $RANDOM % 59) $(expr $RANDOM % 3) "* * * /usr/local/bin/sendtierbeacon.sh >> /tmp/logcrond 2>&1" >> ${CRONTMPFILE}
-echo 47 "* * * * /usr/local/bin/sendtierbeacon.sh >> /dev/fd/8 2>&1" >> ${CRONTMPFILE}
-chmod 644 ${CRONTMPFILE}
-crontab ${CRONTMPFILE}
+/opt/tier/setenv.sh
+
+echo "#send daily \"beacon\" to central" > ${CRONFILE}
+echo $(expr $RANDOM % 59) $(expr $RANDOM % 3) "* * * /usr/local/bin/sendtierbeacon.sh >> /tmp/logcrond 2>&1" >> ${CRONFILE}
+chmod 644 ${CRONFILE}
+crontab ${CRONFILE}
diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/startup.sh b/grouper-midpoint/mp-gr/midpoint-server/container_files/usr-local-bin/startup.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# generic console logging pipe for anyone
+mkfifo -m 666 /tmp/logpipe
+cat <> /tmp/logpipe 1>&2 &
+
+mkfifo -m 666 /tmp/loghttpd
+(cat <> /tmp/loghttpd  | awk '{printf "%s\n", $0; fflush()}' 1>/tmp/logpipe) &
+
+mkfifo -m 666 /tmp/logshib
+(cat <> /tmp/logshib  | awk '{printf "%s\n", $0; fflush()}' 1>/tmp/logpipe) &
+
+mkfifo -m 666 /tmp/logcrond
+(cat <> /tmp/logcrond  | awk -v ENV="$ENV" -v USERTOKEN="$USERTOKEN" '{printf "crond;console;%s;%s;%s\n", ENV, USERTOKEN, $0; fflush()}' 1>/tmp/logpipe) &
+
+mkfifo -m 666 /tmp/logsuperd
+(cat <> /tmp/logsuperd | awk -v ENV="$ENV" -v USERTOKEN="$USERTOKEN" '{printf "supervisord;console;%s;%s;%s\n", ENV, USERTOKEN, $0; fflush()}' 1>/tmp/logpipe) &
+
+/usr/bin/supervisord -c /etc/supervisor/supervisord.conf