init/auth-failure.conf - chromiumos/third_party/trousers - Git at Google

 # Copyright 2021 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description     "Report auth failure"
 author          "chromium-os-dev@chromium.org"

 # Currently, the auth-failure is not reported properly by anomaly-detector
 # (b/201961686), so we add this upstart script to report the auth-failure again
 # if it is not detected by anomaly-detector.

 start on started anomaly-detector

 script
   setup() {
     local ready="/run/crash_reporter/anomaly-detector-ready"
     local retries=0

     # Wait 300 seconds until anomaly detector is ready to read the log.
     while [ ! -f "$ready" ] && [ $retries -le 30 ] ; do
       sleep 10
       retries=$((retries + 1))
     done
     if [ ! -f "$ready" ] ; then
       logger -t "tcsd" "timeout waiting for anomaly-detector to be ready"
       return 1
     fi

     # Make a copy of messages first to avoid race condition due to log rotation.
     if ! cp "/var/log/messages" "$tmp_log" ; then
       logger -t "tcsd" "unable to copy log file for processing auth-failure"
       return 1
     fi
     return 0
   }

   check_auth_failure() {
     # Find the line number of last occurance of the auth failure log.
     local pattern="Found auth failure in the last life cycle. (0x.*)"
     local lineno="$(grep "$pattern" -n $tmp_log | tail -n 1 | cut -d":" -f 1)"
     if [ -z "$lineno" ] ; then
       return
     fi

     # Check if the auth failure is already reported by anomaly detector.
     local invoked="anomaly_detector invoking crash_reporter with --auth_failure"
     local ignored="Ignoring auth_failure"
     local reported="\(${invoked}\|${ignored}\)"
     local reported_msg="$(awk "NR > ${lineno}" $tmp_log | grep "${reported}")"
     if [ -n "${reported_msg}" ] ; then
       logger -t "tcsd" "auth-failure is already reported by anomaly detector"
       return
     fi

     # Print the auth failure log again to trigger anomaly detector.
     local msg="$(sed -n "${lineno}p" $tmp_log | grep -o "$pattern")"
     if [ -z "$msg" ] ; then
       return
     fi
     logger -t "tcsd" "not reported auth-failure: $msg"
   }

   tmp_log="$(mktemp)"
   if setup ; then
     check_auth_failure
   fi
   rm "$tmp_log"
 end script
	# Copyright 2021 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Report auth failure"
	author "chromium-os-dev@chromium.org"

	# Currently, the auth-failure is not reported properly by anomaly-detector
	# (b/201961686), so we add this upstart script to report the auth-failure again
	# if it is not detected by anomaly-detector.

	start on started anomaly-detector

	script
	setup() {
	local ready="/run/crash_reporter/anomaly-detector-ready"
	local retries=0

	# Wait 300 seconds until anomaly detector is ready to read the log.
	while [ ! -f "$ready" ] && [ $retries -le 30 ] ; do
	sleep 10
	retries=$((retries + 1))
	done
	if [ ! -f "$ready" ] ; then
	logger -t "tcsd" "timeout waiting for anomaly-detector to be ready"
	return 1
	fi

	# Make a copy of messages first to avoid race condition due to log rotation.
	if ! cp "/var/log/messages" "$tmp_log" ; then
	logger -t "tcsd" "unable to copy log file for processing auth-failure"
	return 1
	fi
	return 0
	}

	check_auth_failure() {
	# Find the line number of last occurance of the auth failure log.
	local pattern="Found auth failure in the last life cycle. (0x.*)"
	local lineno="$(grep "$pattern" -n $tmp_log \| tail -n 1 \| cut -d":" -f 1)"
	if [ -z "$lineno" ] ; then
	return
	fi

	# Check if the auth failure is already reported by anomaly detector.
	local invoked="anomaly_detector invoking crash_reporter with --auth_failure"
	local ignored="Ignoring auth_failure"
	local reported="\(${invoked}\\|${ignored}\)"
	local reported_msg="$(awk "NR > ${lineno}" $tmp_log \| grep "${reported}")"
	if [ -n "${reported_msg}" ] ; then
	logger -t "tcsd" "auth-failure is already reported by anomaly detector"
	return
	fi

	# Print the auth failure log again to trigger anomaly detector.
	local msg="$(sed -n "${lineno}p" $tmp_log \| grep -o "$pattern")"
	if [ -z "$msg" ] ; then
	return
	fi
	logger -t "tcsd" "not reported auth-failure: $msg"
	}

	tmp_log="$(mktemp)"
	if setup ; then
	check_auth_failure
	fi
	rm "$tmp_log"
	end script