From 90b663ce26a76120d550df6bbb996ed5f43ad0d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri.vosandi@gmail.com>
Date: Tue, 4 Apr 2017 05:02:08 +0000
Subject: [PATCH] Add file based rotating log handler

---
 certidude/api/__init__.py |  2 +-
 certidude/api/attrib.py   |  2 +-
 certidude/api/bundle.py   |  2 +-
 certidude/api/cfg.py      |  3 +--
 certidude/api/lease.py    |  3 +++
 certidude/api/request.py  |  2 +-
 certidude/api/revoked.py  |  2 +-
 certidude/api/signed.py   |  2 +-
 certidude/api/tag.py      |  2 +-
 certidude/cli.py          | 24 +++++++++++++++---------
 10 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/certidude/api/__init__.py b/certidude/api/__init__.py
index 007ada5..3d3bc0d 100644
--- a/certidude/api/__init__.py
+++ b/certidude/api/__init__.py
@@ -16,7 +16,7 @@ from certidude.decorators import serialize, event_source, csrf_protection
 from cryptography.x509.oid import NameOID
 from certidude import const, config
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class CertificateStatusResource(object):
     """
diff --git a/certidude/api/attrib.py b/certidude/api/attrib.py
index 46c4040..9186a5d 100644
--- a/certidude/api/attrib.py
+++ b/certidude/api/attrib.py
@@ -7,7 +7,7 @@ from datetime import datetime
 from certidude import config, authority
 from certidude.decorators import serialize
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class AttributeResource(object):
     @serialize
diff --git a/certidude/api/bundle.py b/certidude/api/bundle.py
index 8f76baa..db0a35f 100644
--- a/certidude/api/bundle.py
+++ b/certidude/api/bundle.py
@@ -3,7 +3,7 @@ import hashlib
 from certidude import config, authority
 from certidude.auth import login_required
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 KEYWORDS = (
     (u"Android", u"android"),
diff --git a/certidude/api/cfg.py b/certidude/api/cfg.py
index 7db0e01..092e265 100644
--- a/certidude/api/cfg.py
+++ b/certidude/api/cfg.py
@@ -9,8 +9,7 @@ from certidude.decorators import serialize
 from certidude.relational import RelationalMixin
 from jinja2 import Environment, FileSystemLoader
 
-logger = logging.getLogger("api")
-
+logger = logging.getLogger(__name__)
 env = Environment(loader=FileSystemLoader("/etc/certidude/scripts"), trim_blocks=True)
 
 SQL_SELECT_INHERITED = """
diff --git a/certidude/api/lease.py b/certidude/api/lease.py
index d27564e..8485cec 100644
--- a/certidude/api/lease.py
+++ b/certidude/api/lease.py
@@ -1,5 +1,6 @@
 
 import click
+import logging
 import xattr
 from datetime import datetime
 from pyasn1.codec.der import decoder
@@ -7,6 +8,8 @@ from certidude import config, authority, push
 from certidude.auth import login_required, authorize_admin
 from certidude.decorators import serialize
 
+logger = logging.getLogger(__name__)
+
 # TODO: lease namespacing (?)
 
 class LeaseDetailResource(object):
diff --git a/certidude/api/request.py b/certidude/api/request.py
index 81c1d5b..7ba8f55 100644
--- a/certidude/api/request.py
+++ b/certidude/api/request.py
@@ -19,7 +19,7 @@ from cryptography.exceptions import InvalidSignature
 from cryptography.x509.oid import NameOID
 from datetime import datetime
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class RequestListResource(object):
     @login_optional
diff --git a/certidude/api/revoked.py b/certidude/api/revoked.py
index d05d310..74b715a 100644
--- a/certidude/api/revoked.py
+++ b/certidude/api/revoked.py
@@ -9,7 +9,7 @@ from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.serialization import Encoding
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class RevocationListResource(object):
     def on_get(self, req, resp):
diff --git a/certidude/api/signed.py b/certidude/api/signed.py
index 02bfa41..ae185a1 100644
--- a/certidude/api/signed.py
+++ b/certidude/api/signed.py
@@ -7,7 +7,7 @@ from certidude import authority
 from certidude.auth import login_required, authorize_admin
 from certidude.decorators import csrf_protection
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class SignedCertificateDetailResource(object):
     def on_get(self, req, resp, cn):
diff --git a/certidude/api/tag.py b/certidude/api/tag.py
index 8175207..4887494 100644
--- a/certidude/api/tag.py
+++ b/certidude/api/tag.py
@@ -5,7 +5,7 @@ from certidude import authority, push
 from certidude.auth import login_required, authorize_admin
 from certidude.decorators import serialize, csrf_protection
 
-logger = logging.getLogger("api")
+logger = logging.getLogger(__name__)
 
 class TagResource(object):
     @serialize
diff --git a/certidude/cli.py b/certidude/cli.py
index 69c1c2a..af12737 100755
--- a/certidude/cli.py
+++ b/certidude/cli.py
@@ -28,6 +28,7 @@ from jinja2 import Environment, PackageLoader
 from setproctitle import setproctitle
 import const
 
+logger = logging.getLogger(__name__)
 env = Environment(loader=PackageLoader("certidude", "templates"), trim_blocks=True)
 
 # http://www.mad-hacking.net/documentation/linux/security/ssl-tls/creating-ca.xml
@@ -1062,6 +1063,7 @@ def certidude_serve(port, listen, fork):
     from certidude import const
     click.echo("Using configuration from: %s" % const.CONFIG_PATH)
 
+    log_handlers = []
 
     from certidude import config
 
@@ -1071,6 +1073,11 @@ def certidude_serve(port, listen, fork):
         _, _, uid, gid, gecos, root, shell = pwd.getpwnam("certidude")
         restricted_groups = []
         restricted_groups.append(gid)
+        from logging.handlers import RotatingFileHandler
+        rh = RotatingFileHandler("/var/log/certidude.log", maxBytes=1048576*5, backupCount=5)
+        rh.setFormatter(logging.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s"))
+        log_handlers.append(rh)
+
 
     """
     Spawn signer process
@@ -1169,8 +1176,6 @@ def certidude_serve(port, listen, fork):
 
 
     # Set up log handlers
-    log_handlers = []
-
     if config.LOGGING_BACKEND == "sql":
         from certidude.mysqllog import LogHandler
         from certidude.api.log import LogResource
@@ -1188,18 +1193,19 @@ def certidude_serve(port, listen, fork):
         from certidude.push import EventSourceLogHandler
         log_handlers.append(EventSourceLogHandler())
 
-    for facility in "api", "cli":
-        logger = logging.getLogger(facility)
-        logger.setLevel(logging.DEBUG)
-        for handler in log_handlers:
-            logger.addHandler(handler)
+    for j in logging.Logger.manager.loggerDict.values():
+        if isinstance(j, logging.Logger): # PlaceHolder is what?
+            if j.name.startswith("certidude."):
+                j.setLevel(logging.DEBUG)
+                for handler in log_handlers:
+                    j.addHandler(handler)
 
 
     def exit_handler():
-        logging.getLogger("cli").debug("Shutting down Certidude")
+        logger.debug("Shutting down Certidude")
     import atexit
     atexit.register(exit_handler)
-    logging.getLogger("cli").debug("Started Certidude at %s", const.FQDN)
+    logger.debug("Started Certidude at %s", const.FQDN)
 
     if not fork or not os.fork():
         httpd.serve_forever()