On 03/27/2015 03:56 PM, Jakub Jelen wrote:
Hi all,
I would like to follow this topic from the end of January:
http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2015-January/002785.html
Discussion about this continued in our bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1187097
I did some investigation under the hood of cyrus-sasl and finally I
found a possible solution. When you grep through your plugins [ grep
"\->log(" plugins/* ], some of them use construct that trows
everything into syslog with ignoring LOG_LEVEL and user callbacks:
[...]->log(NULL, [...]
And some of them are using connection structure which enables them to
log using own handler and whatever developer needs:
[..]->log([...]->conn, [..]
From my point of view, there is no real order where is used which of
these (if there is, I would be glad for some explanation). I see that
digestmd5 is using conn _almost_ everywhere, but gssapi _almost_ nowhere.
I understand, that sometimes there is conn not available, but this is
not the case. Pavel tested attached patch and confirmed that it solved
his problem in SSSD. At this point I would like to open discussion
here, if you are willing to apply this patch into upstream to give
developers _some_ control over logging or if you can provide some
comments on this.
Unfortunately previous thread died with resolution "I suspect you are
right, as your analysis indicates.", because there was nobody with
solution. Now there is solution so I would be glad for some
constructive discussion to this issue.
Best Regards,
Jakub Jelen
Hi list,
I forked upstream repo and created pull requrest with this patch to
nacho's repo (as discussed on IRC):
https://github.com/nice-software/cyrus-sasl/pull/1
All important notes are in the pull request described once more. We use
this patch in Fedora for few months now and it solves our problem with
logging without any noted regression. I am misusing the meantime, when
we have some activity here and i hope it will persist for some time to
continue with productive discussions.
Best Regards,
--
Jakub Jelen
Security Technologies
Red Hat
