From 3f3bb245cc792358ad037efddbf8d643001115e5 Mon Sep 17 00:00:00 2001
From: Vladimir Davydov <vdavydov@tarantool.org>
Date: Thu, 9 Dec 2021 19:10:30 +0300
Subject: [PATCH] Add audit log implementation stub
To build audit log as a part of the box library, set the following cmake
variables:
- ENABLE_AUDIT_LOG: ON
- AUDIT_LOG_SOURCES: audit log source files
- EXTRA_BOX_INCLUDE_DIRS: header files needed for compilation
and add "audit_impl.h" to EXTRA_BOX_INCLUDE_DIRS - then it will be
included by "audit.h".
If ENABLE_AUDIT_LOG is unset, then a stub implementation is built, which
spits a warning to the log on an attempt to configure audit log.
---
src/box/CMakeLists.txt | 11 ++++++++++-
src/box/audit.c | 21 +++++++++++++++++++++
src/box/audit.h | 28 ++++++++++++++++++++++++++++
src/box/box.cc | 4 ++++
src/box/lua/load_cfg.lua | 6 ++++++
src/trivia/config.h.cmake | 1 +
test/app-tap/init_script.result | 1 +
test/box/admin.result | 4 +++-
test/box/cfg.result | 8 ++++++--
9 files changed, 80 insertions(+), 4 deletions(-)
create mode 100644 src/box/audit.c
create mode 100644 src/box/audit.h
diff --git a/src/box/CMakeLists.txt b/src/box/CMakeLists.txt
index 31100d412a..cc1db34c09 100644
--- a/src/box/CMakeLists.txt
+++ b/src/box/CMakeLists.txt
@@ -77,6 +77,7 @@ set_property(DIRECTORY PROPERTY ADDITIONAL_MAKE_CLEAN_FILES ${lua_sources})
include_directories(${ZSTD_INCLUDE_DIRS})
include_directories(${PROJECT_BINARY_DIR}/src/box/sql)
include_directories(${PROJECT_BINARY_DIR}/src/box)
+include_directories(${EXTRA_BOX_INCLUDE_DIRS})
add_library(box_error STATIC error.cc errcode.c mp_error.cc)
target_link_libraries(box_error core stat mpstream vclock)
@@ -112,7 +113,7 @@ target_link_libraries(tuple json box_error core ${MSGPUCK_LIBRARIES} ${ICU_LIBRA
add_library(xlog STATIC xlog.c)
target_link_libraries(xlog core box_error crc32 ${ZSTD_LIBRARIES})
-add_library(box STATIC
+set(box_sources
allocator.cc
memtx_allocator.cc
msgpack.c
@@ -221,6 +222,14 @@ add_library(box STATIC
lua/watcher.c
${bin_sources})
+if(ENABLE_AUDIT_LOG)
+ list(APPEND box_sources ${AUDIT_LOG_SOURCES})
+else()
+ list(APPEND box_sources audit.c)
+endif()
+
+add_library(box STATIC ${box_sources})
+
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
add_definitions(-DSQL_DEBUG=1)
endif()
diff --git a/src/box/audit.c b/src/box/audit.c
new file mode 100644
index 0000000000..8ddce8d1c7
--- /dev/null
+++ b/src/box/audit.c
@@ -0,0 +1,21 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright 2010-2021, Tarantool AUTHORS, please see AUTHORS file.
+ */
+#include "audit.h"
+
+#include "say.h"
+#include "trivia/config.h"
+
+#if defined(ENABLE_AUDIT_LOG)
+# error unimplemented
+#endif
+
+void
+audit_log_init(const char *init_str, int log_nonblock)
+{
+ (void)log_nonblock;
+ if (init_str != NULL)
+ say_error("audit log is not available in this build");
+}
diff --git a/src/box/audit.h b/src/box/audit.h
new file mode 100644
index 0000000000..ff9f7d4ba2
--- /dev/null
+++ b/src/box/audit.h
@@ -0,0 +1,28 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright 2010-2021, Tarantool AUTHORS, please see AUTHORS file.
+ */
+#pragma once
+
+#include "trivia/config.h"
+
+#if defined(ENABLE_AUDIT_LOG)
+# include "audit_impl.h"
+#else /* !defined(ENABLE_AUDIT_LOG) */
+
+#if defined(__cplusplus)
+extern "C" {
+#endif /* defined(__cplusplus) */
+
+void
+audit_log_init(const char *init_str, int log_nonblock);
+
+static inline void
+audit_log_free(void) {}
+
+#if defined(__cplusplus)
+} /* extern "C" */
+#endif /* defined(__cplusplus) */
+
+#endif /* !defined(ENABLE_AUDIT_LOG) */
diff --git a/src/box/box.cc b/src/box/box.cc
index a6c1a36737..5f1595ad3c 100644
--- a/src/box/box.cc
+++ b/src/box/box.cc
@@ -82,6 +82,7 @@
#include "msgpack.h"
#include "raft.h"
#include "watcher.h"
+#include "audit.h"
#include "trivia/util.h"
#include "version.h"
@@ -3174,6 +3175,7 @@ box_free(void)
gc_free();
engine_shutdown();
wal_free();
+ audit_log_free();
sql_built_in_functions_cache_free();
}
}
@@ -3738,6 +3740,8 @@ box_cfg_xc(void)
/* Follow replica */
replicaset_follow();
+ audit_log_init(cfg_gets("audit_log"), cfg_geti("audit_nonblock"));
+
fiber_gc();
is_box_configured = true;
/*
diff --git a/src/box/lua/load_cfg.lua b/src/box/lua/load_cfg.lua
index eb858dbbdc..9b218a445d 100644
--- a/src/box/lua/load_cfg.lua
+++ b/src/box/lua/load_cfg.lua
@@ -67,6 +67,9 @@ local default_cfg = {
-- a separate log module; they are
-- 'log_' prefixed
+ audit_log = nil,
+ audit_nonblock = true,
+
io_collect_interval = nil,
readahead = 16320,
snap_io_rate_limit = nil, -- no limit
@@ -174,6 +177,9 @@ local template_cfg = {
log_level = 'module',
log_format = 'module',
+ audit_log = 'string',
+ audit_nonblock = 'boolean',
+
io_collect_interval = 'number',
readahead = 'number',
snap_io_rate_limit = 'number',
diff --git a/src/trivia/config.h.cmake b/src/trivia/config.h.cmake
index c8d80eb4a3..dd939ea301 100644
--- a/src/trivia/config.h.cmake
+++ b/src/trivia/config.h.cmake
@@ -256,6 +256,7 @@
/* Cacheline size to calculate alignments */
#define CACHELINE_SIZE 64
+#cmakedefine ENABLE_AUDIT_LOG 1
#cmakedefine ENABLE_FEEDBACK_DAEMON 1
#cmakedefine EXPORT_LIBCURL_SYMBOLS 1
diff --git a/test/app-tap/init_script.result b/test/app-tap/init_script.result
index aefc506630..4cadfe2cb0 100644
--- a/test/app-tap/init_script.result
+++ b/test/app-tap/init_script.result
@@ -3,6 +3,7 @@
--
box.cfg
+audit_nonblock:true
background:false
checkpoint_count:2
checkpoint_interval:3600
diff --git a/test/box/admin.result b/test/box/admin.result
index 68636c1d61..338a1f4a2b 100644
--- a/test/box/admin.result
+++ b/test/box/admin.result
@@ -27,7 +27,9 @@ help()
...
cfg_filter(box.cfg)
---
-- - - background
+- - - audit_nonblock
+ - true
+ - - background
- false
- - checkpoint_count
- 2
diff --git a/test/box/cfg.result b/test/box/cfg.result
index 70d3b766c3..38ce39c723 100644
--- a/test/box/cfg.result
+++ b/test/box/cfg.result
@@ -15,7 +15,9 @@ box.cfg.nosuchoption = 1
| ...
cfg_filter(box.cfg)
| ---
- | - - - background
+ | - - - audit_nonblock
+ | - true
+ | - - background
| - false
| - - checkpoint_count
| - 2
@@ -142,7 +144,9 @@ box.cfg()
| ...
cfg_filter(box.cfg)
| ---
- | - - - background
+ | - - - audit_nonblock
+ | - true
+ | - - background
| - false
| - - checkpoint_count
| - 2
--
GitLab