Adds SysLogHandler to log everything on rsyslog

[kushaldas]

Now all log lines will go to /var/log/syslog file.
Also black reformatted the file.

Test Plan

• Run the application
• Try to Login as a journalist account (name or password is incorrect)
• login with a proper account

You should be able to see the log entries in /var/log/syslog file.

Checklist

If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:

• I have tested these changes in the appropriate Qubes environment
• I do not have an appropriate Qubes OS workstation set up (the reviewer will need to test these changes)
• These changes should not need testing in Qubes

[redshiftzero]

can we put the black change in another PR? (since it will need similar changes as https://github.com/freedomofpress/securedrop-proxy/issues/57)

[kushaldas]

can we put the black change in another PR? (since it will need similar changes as freedomofpress/securedrop-proxy#144)

Yes, I will remove my autoformat tool from VS Code first :) I will repush this PR with only the code change.

[sssoleileraaa]

Can we also log to a separate client.log file like we currently do? This makes it difficult to develop or repro an issue and provide logs if there are bunch of kernel and other logs mixed in with client logs.

As far as the black formatter changes, I think we should agree on what the standard should be for the client that black will enforce before committing changes. Perhaps we could have a separate PR that introduces black formatting changes across all files?

[rmol]

With rsyslog it's possible to route log messages to an application-specific destination. We could put securedrop-client: at the beginning of our log format template and add an rsyslog conf snippet containing:

if $programname == "securedrop-client" then /var/log/securedrop-client.log
& stop

If we further change /etc/rsyslog.conf so that user facility messages are not written to /var/log/syslog, by adding user.none here:

*.*;auth,authpriv,user.none		-/var/log/syslog

then our logging would only go to that dedicated file.

This could be done locally, in the centralized logging VM, or both. If having the file under /var/log/ is sufficient, no more changes need to be made to the securedrop-client code, but if we want to preserve the old behavior of logging under SDC_HOME we'll need to add back the old handler.

Personally, I think I'd find a single log file in the central VM containing all workstation-related logging -- from client, proxy, everything -- the most useful.

[kushaldas]

Found the discussion on black #23 it was for securedrop-client itself :)

[kushaldas]

Personally, I think I'd find a single log file in the central VM containing all workstation-related logging -- from client, proxy, everything -- the most useful.

I think that was the idea to have rsyslog enabled. This way we can monitor the status of the VM and also our application in the same place.

To see only the client related logs, one can do tail -f /var/log/syslog | grep client to grep out the required lines.

[sssoleileraaa]

if we no longer allow logs to be written to {sdc-home}/logs then docs will need to be updated with this change here to explain where to look for logs and how to find specific logs, e.g. tail -f /var/log/syslog | grep client (we might want to change this to tail -f /var/log/syslog | grep securedrop-client to make it less likely to capture extra logs we don't want and hopefully other applications don't mention "securedrop-client" anywhere in their logs but if they do i guess we can mentally sort it out later... :/)

personally i think it would be very nice to be able to continue to use sdc-home for capturing application-level logs in the specified directory as well as using SysLogHandler so that we can collect all the logs in the central vm, but since you have a solution for getting client logs (tail -f /var/log/syslog | grep client) i don't think this needs to hold up your PR

so the request for changes is just for the docs and maybe adding back logging to {sdc-home}/logs if you can do it in an straight-forward simple way

[redshiftzero]

we'll also want to add a check for the platform here as we do in prevent_second_instance, since this won't work on non-Linux platforms (recall that right now this project can be developed by contributors on other platforms, this is something we want to preserve)

[sssoleileraaa]

I moved this from "Ready to Review" to "In Development" because there are requested changes.

[sssoleileraaa]

It looks like now you are no longer logging to rsyslog and switched back to {sdc-home}/logs, is that right @kushaldas? Maybe I don't understand your solution, but is this supposed to be logging to both locations?

[sssoleileraaa]

Ah, when I switched to my Qubes workstation and ran the client, I could see that this does log to /var/log/syslog AND {sdc-home}/logs so lgtm!