[tahoe-lafs-trac-stream] [Tahoe-LAFS] #3006: Expose the Eliot logs in a safer way

Tahoe-LAFS trac at tahoe-lafs.org
Wed Mar 20 17:06:04 UTC 2019


#3006: Expose the Eliot logs in a safer way
-------------------------+-----------------------
     Reporter:  exarkun  |      Owner:
         Type:  defect   |     Status:  new
     Priority:  normal   |  Milestone:  undecided
    Component:  unknown  |    Version:  1.12.1
   Resolution:           |   Keywords:
Launchpad Bug:           |
-------------------------+-----------------------

Comment (by exarkun):

 One possibility would be to have the Tahoe-LAFS node listen on a local TCP
 port and accept one (or more?) client connections to that server.  Clients
 would have Eliot logs streamed to them.  Some kind of authentication would
 be required to prevent attackers with local access from reading the logs.
 A possibility there is to use the existing `api_auth_token` as a
 credential.

 Pros:
 * TCP servers like this are a breeze with Twisted

 Cons:
 * It's impossible to reliably listen on a specified TCP port number (it
 might be in use already).
 * It's difficult to communicate an ephemeral port number to another piece
 of automation (for example, GridSync).

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3006#comment:1>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage


More information about the tahoe-lafs-trac-stream mailing list