Skip to content

Commit

Permalink
Download NSS lib errors to info
Browse files Browse the repository at this point in the history 
That way, we don’t spam logs for 3rd party applications using our
library as they are the one which should control the output to the user.
We send back those errors in a NSS format anyway to the caller already.

We thus only print details when AUTHD_NSS_INFO=stderr is set.
  • Loading branch information
@didrocks
didrocks committed Jul 4, 2024
1 parent 684d267 commit e6419d6
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 32 deletions.
20 changes: 10 additions & 10 deletions nss/src/group/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use crate::{error, REQUEST_TIMEOUT};
use crate::{info, REQUEST_TIMEOUT};
use libc::gid_t;
use libnss::group::{Group, GroupHooks};
use libnss::interop::Response;
Expand Down Expand Up @@ -31,7 +31,7 @@ fn get_all_entries() -> Response<Vec<Group>> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -40,7 +40,7 @@ fn get_all_entries() -> Response<Vec<Group>> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -50,7 +50,7 @@ fn get_all_entries() -> Response<Vec<Group>> {
match client.get_group_entries(req).await {
Ok(r) => Response::Success(group_entries_to_groups(r.into_inner().entries)),
Err(e) => {
error!("error when listing groups: {}", e.code());
info!("error when listing groups: {}", e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand All @@ -62,7 +62,7 @@ fn get_entry_by_gid(gid: gid_t) -> Response<Group> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -71,7 +71,7 @@ fn get_entry_by_gid(gid: gid_t) -> Response<Group> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -81,7 +81,7 @@ fn get_entry_by_gid(gid: gid_t) -> Response<Group> {
match client.get_group_by_gid(req).await {
Ok(r) => Response::Success(group_entry_to_group(r.into_inner())),
Err(e) => {
error!("error when getting group by gid '{}': {}", gid, e.code());
info!("error when getting group by gid '{}': {}", gid, e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand All @@ -93,7 +93,7 @@ fn get_entry_by_name(name: String) -> Response<Group> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -102,7 +102,7 @@ fn get_entry_by_name(name: String) -> Response<Group> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -112,7 +112,7 @@ fn get_entry_by_name(name: String) -> Response<Group> {
match client.get_group_by_name(req).await {
Ok(r) => Response::Success(group_entry_to_group(r.into_inner())),
Err(e) => {
error!(
info!(
"error when getting group by name '{}': {}",
name,
e.code().description()
Expand Down
2 changes: 1 addition & 1 deletion nss/src/logs/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ macro_rules! info {
macro_rules! error {
($($arg:tt)*) => {
let log_prefix = "authd:";
log::error!("{} {}", log_prefix, format_args!($($arg)*));
log::info!("{} {}", log_prefix, format_args!($($arg)*));
}
}

Expand Down
24 changes: 10 additions & 14 deletions nss/src/passwd/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use crate::{error, REQUEST_TIMEOUT};
use crate::{info, REQUEST_TIMEOUT};
use libc::uid_t;
use libnss::interop::Response;
use libnss::passwd::{Passwd, PasswdHooks};
Expand Down Expand Up @@ -31,7 +31,7 @@ fn get_all_entries() -> Response<Vec<Passwd>> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -40,7 +40,7 @@ fn get_all_entries() -> Response<Vec<Passwd>> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -50,7 +50,7 @@ fn get_all_entries() -> Response<Vec<Passwd>> {
match client.get_passwd_entries(req).await {
Ok(r) => Response::Success(passwd_entries_to_passwds(r.into_inner().entries)),
Err(e) => {
error!("error when listing passwd: {}", e.code());
info!("error when listing passwd: {}", e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand All @@ -62,7 +62,7 @@ fn get_entry_by_uid(uid: uid_t) -> Response<Passwd> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -71,7 +71,7 @@ fn get_entry_by_uid(uid: uid_t) -> Response<Passwd> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -81,7 +81,7 @@ fn get_entry_by_uid(uid: uid_t) -> Response<Passwd> {
match client.get_passwd_by_uid(req).await {
Ok(r) => Response::Success(passwd_entry_to_passwd(r.into_inner())),
Err(e) => {
error!("error when getting passwd by uid '{}': {}", uid, e.code());
info!("error when getting passwd by uid '{}': {}", uid, e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand All @@ -93,7 +93,7 @@ fn get_entry_by_name(name: String) -> Response<Passwd> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -102,7 +102,7 @@ fn get_entry_by_name(name: String) -> Response<Passwd> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -115,11 +115,7 @@ fn get_entry_by_name(name: String) -> Response<Passwd> {
match client.get_passwd_by_name(req).await {
Ok(r) => Response::Success(passwd_entry_to_passwd(r.into_inner())),
Err(e) => {
error!(
"error when getting passwd by name '{}': {}",
name,
e.code()
);
info!("error when getting passwd by name '{}': {}", name, e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand Down
14 changes: 7 additions & 7 deletions nss/src/shadow/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use crate::{error, REQUEST_TIMEOUT};
use crate::{info, REQUEST_TIMEOUT};
use libnss::interop::Response;
use libnss::shadow::{Shadow, ShadowHooks};
use tokio::runtime::Builder;
Expand Down Expand Up @@ -26,7 +26,7 @@ fn get_all_entries() -> Response<Vec<Shadow>> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -35,7 +35,7 @@ fn get_all_entries() -> Response<Vec<Shadow>> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -45,7 +45,7 @@ fn get_all_entries() -> Response<Vec<Shadow>> {
match client.get_shadow_entries(req).await {
Ok(r) => Response::Success(shadow_entries_to_shadows(r.into_inner().entries)),
Err(e) => {
error!("error when listing shadow: {}", e.code());
info!("error when listing shadow: {}", e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand All @@ -57,7 +57,7 @@ fn get_entry_by_name(name: String) -> Response<Shadow> {
let rt = match Builder::new_current_thread().enable_all().build() {
Ok(rt) => rt,
Err(e) => {
error!("could not create runtime for NSS: {}", e);
info!("could not create runtime for NSS: {}", e);
return Response::Unavail;
}
};
Expand All @@ -66,7 +66,7 @@ fn get_entry_by_name(name: String) -> Response<Shadow> {
let mut client = match client::new_client().await {
Ok(c) => c,
Err(e) => {
error!("could not connect to gRPC server: {}", e);
info!("could not connect to gRPC server: {}", e);
return Response::Unavail;
}
};
Expand All @@ -76,7 +76,7 @@ fn get_entry_by_name(name: String) -> Response<Shadow> {
match client.get_shadow_by_name(req).await {
Ok(r) => Response::Success(shadow_entry_to_shadow(r.into_inner())),
Err(e) => {
error!("error when getting shadow by name '{}': {}", name, e.code());
info!("error when getting shadow by name '{}': {}", name, e.code());
super::grpc_status_to_nss_response(e)
}
}
Expand Down

0 comments on commit e6419d6

Please sign in to comment.