Re: [log4perl-devel] Log4perl::Appender - delaying appender instantiation

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Wed, 2 Oct 2002, Kevin Goess wrote:

> Interesting idea, but I have a possible objection to it.  If I set up my
> config to log somewhere I don't have permission to write to, I would
> like it to tell me right now, not two days from now when fails to log
> that intermittent error I've been trying to catch.  The principle of
> least surprise would seem to be on the side of an immediate failure.

Yes, that's reasonable. Part of my problem with the current setup is that
the config mechanism will try to instantiate appenders that have nothing
to do with the call to &get_logger(AppenderFoo);

There is the issue of memory/processor usage but also of an appender for
sending email notices causing a completely unrelated appender for logfiles
to blast the last logfile, even though the logging process itself
isn't being run, because the file-mode is set to 'write'.

If I have a whole whack of appenders in my config shouldn't they atleast
be created on an as-needed basis?

I haven't had a chance to look at the code yet, but if I had to go back to
the drawing board I would look at atleast *not* instantiating appenders
not explictly set in the config file for :

 log4perl.logger.FooBar=MIN_LEVEL, A1, A2, etc.

FWIW, though, the Log::Dispatch::Jabber spills its guts to
Log::Dispatch::Screen (stderr) whenever it runs into a problem :-)

> I understand your situation, but I wonder if there might be inherent
> problems in the way you're setting it up.  If some other guy comes along
> to maintain your program, he might not know your appender is "root-only"
> and try to use it where he shouldn't, and be in the same boat I
> described above.  Wouldn't it be safer having your root-only appender in
> some other place?

Well, one of the attractions to log4perl is that all your logging data can
be centralized. We are already subclass the main package so that the
config path or data structure can be automagically specified.

I can imagine adding additional checks $EUID and plugging in relevant
information but I'm not wild about the idea.

Anyway, we are generally pretty strict about doing things like :

  die "You must be root to run this program" unless ($EUID == 0);

And if someone doesn't know what that means by the time they are
working on root-only scripts then we probably get what we deserve. ;-)

> > I ask because I came across a problem when Log4perl is used in a context
> > where there is a single config file slurped and parsed by multiple
> > processes with different permissions sets.
> >
> > Specifically, if my program is running as "joeuser" and the config file
> > contains an appender for use by "root"-only processes to log stuff to
> > /super/secret/logfiles via Log::Dispatch::File, the first process will
> > always die as soon as it calls &get_logger.