To address some concerns about security, strip USER # from the

online scheduler logs. The only info that appears in these online logs is then the HOSTID. If the user has chosen to hide their hosts, then there is no way to figure out which user a given hostid belongs to. Note that this is exactly the same as the current approach of displaying the results by hostid, but hiding the identity of the user who owns a given host. Also, increase default time for retaining logs to two weeks. svn path=/trunk/boinc/; revision=9082
2005-12-17 15:51:18 +00:00 · 2005-12-17 15:51:18 +00:00 · d40a80fde4
parent b87eed0dd0
commit d40a80fde4
3 changed files with 21 additions and 3 deletions
--- a/17
+++ b/17
@ -14544,3 +14544,20 @@ Bruce 15 Dec 2005 [from Walt Gribben]
        sched_config.h
        sched_send.C

+Bruce 15 Dec 2005
+    - To address some concerns about security, strip USER # from the
+      online scheduler logs.  The only info that appears in these
+      online logs is then the HOSTID.  If the user has chosen to hide
+      their hosts, then there is no way to figure out which user a
+      given hostid belongs to.
+
+      Note that this is exactly the same as the current approach of
+      displaying the results by hostid, but hiding the identity of the
+      user who owns a given host.
+
+      Also, increase default time for retaining logs to two weeks.
+
+    tools/
+        makelog.sh
+        cleanlogs.sh
+
--- a/tools/cleanlogs.sh
+++ b/tools/cleanlogs.sh
@ -13,6 +13,6 @@
 # in your project's config.xml file

 cd ../html/user/sched_logs/ || exit 1
-find . -type d -name "20*" -mtime +7 | xargs rm -rf || exit 2
+find . -type d -name "20*" -mtime +14 | xargs rm -rf || exit 2
 echo "`date '+%Y-%m-%d %H:%M:'`" "cleaned scheduler logs"
 exit 0
--- a/tools/makelog.sh
+++ b/tools/makelog.sh
@ -40,13 +40,14 @@ while [ true ] ; do
    echo "computers clock.  This will allow comparisons of the time stamps to fractions of"       >> $filepath
    echo "a second."                                                                              >> $filepath
    echo " "                                                                                      >> $filepath
-    echo "Note also that these files are created with three-minute latency."                      >> $filepath
+    echo "These files are posted approximately three minutes after the events are logged."        >> $filepath
    echo " "                                                                                      >> $filepath
    echo " "                                                                                      >> $filepath

 # now grep for all log entries from 3 minutes ago.  Use sed to hide any sensitive info
 # such as authenticator and IP address.  Must
-    grep --no-filename "${currmin}" ../log_*/cgi.log ../log_*/cgi.log.0 | sed 's/authenticator .*//g; s/\[auth [^]]*\]//g; s/from [0-9.]*//g; s/auth [0-9a-f]*\,//g; s/\[IP [0-9.]*\]//g; s/IP [0-9.]*\,//g' >> $filepath 
+    grep --no-filename "${currmin}" ../log_*/cgi.log ../log_*/cgi.log.0 | \
+    sed 's/authenticator .*//g; s/\[auth [^]]*\]//g; s/from [0-9.]*//g; s/auth [0-9a-f]*\,//g; s/\[IP [0-9.]*\]//g; s/\[USER#[0-9]*\]//g; s/IP [0-9.]*\,//g' >> $filepath 
    export lastmin=$currmin
  else