Merge branch 'main' into becca/remove-old-autoupdater

kolide · Feb 7, 2024 · 7977a53 · 7977a53
2 parents 0ea6f56 + 5922d2f
commit 7977a53
Show file tree

Hide file tree

Showing 14 changed files with 77 additions and 24 deletions.
diff --git a/cmd/launcher/extension.go b/cmd/launcher/extension.go
@@ -84,7 +84,7 @@ func createExtensionRuntime(ctx context.Context, k types.Knapsack, launcherClien
 		if k.Transport() == "grpc" && k.LogMaxBytesPerBatch() > 3 {
 			slogger.Log(ctx, slog.LevelInfo,
 				"LogMaxBytesPerBatch is set above the grpc recommended maximum of 3. Expect errors",
-				"LogMaxBytesPerBatch", k.LogMaxBytesPerBatch(),
+				"log_max_bytes_per_batch", k.LogMaxBytesPerBatch(),
 			)
 		}
 		extOpts.MaxBytesPerBatch = k.LogMaxBytesPerBatch() << 20

diff --git a/cmd/launcher/launcher.go b/cmd/launcher/launcher.go
@@ -316,7 +316,8 @@ func runLauncher(ctx context.Context, cancel func(), multiSlogger, systemMultiSl
 	runGroup.Add("osqueryExtension", extension.Execute, extension.Interrupt)
 
 	versionInfo := version.Version()
-	k.SystemSlogger().Info("started kolide launcher",
+	k.SystemSlogger().Log(ctx, slog.LevelInfo,
+		"started kolide launcher",
 		"version", versionInfo.Version,
 		"build", versionInfo.Revision,
 	)

diff --git a/ee/desktop/runner/runner.go b/ee/desktop/runner/runner.go
@@ -385,7 +385,7 @@ func (r *DesktopUsersProcessesRunner) FlagsChanged(flagKeys ...keys.FlagKey) {
 		r.processSpawningEnabled = r.knapsack.DesktopEnabled()
 		r.slogger.Log(context.TODO(), slog.LevelDebug,
 			"runner processSpawningEnabled set by control server",
-			"processSpawningEnabled", r.processSpawningEnabled,
+			"process_spawning_enabled", r.processSpawningEnabled,
 		)
 	}
 }
@@ -811,7 +811,7 @@ func (r *DesktopUsersProcessesRunner) desktopCommand(executablePath, uid, socket
 		scanner := bufio.NewScanner(combined)
 
 		for scanner.Scan() {
-			r.slogger.Log(context.TODO(), slog.LevelDebug,
+			r.slogger.Log(context.TODO(), slog.LevelDebug, // nolint:sloglint // it's fine to not have a constant or literal here
 				scanner.Text(),
 				"uid", uid,
 				"subprocess", "desktop",

diff --git a/ee/desktop/runner/runner_linux.go b/ee/desktop/runner/runner_linux.go
@@ -7,6 +7,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"io/fs"
 	"log/slog"
 	"os"
 	"os/exec"
@@ -22,7 +23,10 @@ import (
 	"github.com/shirou/gopsutil/v3/process"
 )
 
-const defaultDisplay = ":0"
+const (
+	defaultDisplay        = ":0"
+	defaultWaylandDisplay = "wayland-0"
+)
 
 // Display takes the format host:displaynumber.screen
 var displayRegex = regexp.MustCompile(`^[a-z]*:\d+.?\d*$`)
@@ -147,6 +151,7 @@ func (r *DesktopUsersProcessesRunner) userEnvVars(ctx context.Context, uid strin
 			break
 		} else if sessionType == "wayland" {
 			envVars["DISPLAY"] = r.displayFromXwayland(ctx, int32(uidInt))
+			envVars["WAYLAND_DISPLAY"] = r.getWaylandDisplay(ctx, uid)
 
 			break
 		}
@@ -159,6 +164,7 @@ func (r *DesktopUsersProcessesRunner) userEnvVars(ctx context.Context, uid strin
 	// but also include the snapd directory due to an issue on Ubuntu 22.04 where the default
 	// /usr/share/applications/mimeinfo.cache does not contain any applications installed via snap.
 	envVars["XDG_DATA_DIRS"] = "/usr/local/share/:/usr/share/:/var/lib/snapd/desktop"
+	envVars["XDG_RUNTIME_DIR"] = getXdgRuntimeDir(uid)
 
 	// We need xauthority set in order to launch the browser on Ubuntu 23.04
 	if xauthorityLocation := r.getXauthority(ctx, uid, username); xauthorityLocation != "" {
@@ -319,9 +325,42 @@ func (r *DesktopUsersProcessesRunner) displayFromXwayland(ctx context.Context, u
 	return defaultDisplay
 }
 
+// getWaylandDisplay returns the appropriate value to set as WAYLAND_DISPLAY
+func (r *DesktopUsersProcessesRunner) getWaylandDisplay(ctx context.Context, uid string) string {
+	// Find the wayland display socket
+	waylandDisplaySocketPattern := filepath.Join(getXdgRuntimeDir(uid), "wayland-*")
+	matches, err := filepath.Glob(waylandDisplaySocketPattern)
+	if err != nil || len(matches) == 0 {
+		r.slogger.Log(ctx, slog.LevelDebug,
+			"could not get wayland display from xdg runtime dir",
+			"err", err,
+		)
+		return defaultWaylandDisplay
+	}
+
+	// We may also match a lock file wayland-0.lock, so iterate through matches and only return the one that's a socket
+	for _, match := range matches {
+		info, err := os.Stat(match)
+		if err != nil {
+			r.slogger.Log(ctx, slog.LevelDebug,
+				"could not stat potential wayland display socket",
+				"file_path", match,
+				"err", err,
+			)
+			continue
+		}
+
+		if info.Mode().Type() == fs.ModeSocket {
+			return filepath.Base(match)
+		}
+	}
+
+	return defaultWaylandDisplay
+}
+
 // getXauthority checks known locations for the xauthority file
 func (r *DesktopUsersProcessesRunner) getXauthority(ctx context.Context, uid string, username string) string {
-	xdgRuntimeDir := filepath.Join("run", "user", uid)
+	xdgRuntimeDir := getXdgRuntimeDir(uid)
 
 	// Glob for Wayland matches first
 	waylandXAuthorityLocationPattern := filepath.Join(xdgRuntimeDir, ".mutter-Xwaylandauth.*")
@@ -343,14 +382,18 @@ func (r *DesktopUsersProcessesRunner) getXauthority(ctx context.Context, uid str
 
 	r.slogger.Log(ctx, slog.LevelDebug,
 		"could not find xauthority in any known location",
-		"wayland", waylandXAuthorityLocationPattern,
-		"x11", x11XauthorityLocation,
-		"default", homeLocation,
+		"wayland_location", waylandXAuthorityLocationPattern,
+		"x11_location", x11XauthorityLocation,
+		"default_location", homeLocation,
 	)
 
 	return ""
 }
 
+func getXdgRuntimeDir(uid string) string {
+	return fmt.Sprintf("/run/user/%s", uid)
+}
+
 func osversion() (string, error) {
 	return "", errors.New("not implemented")
 }
diff --git a/ee/log/osquerylogs/log.go b/ee/log/osquerylogs/log.go
@@ -80,7 +80,7 @@ func (l *OsqueryLogAdapter) Write(p []byte) (int, error) {
 
 	msg := strings.TrimSpace(string(p))
 	caller := extractOsqueryCaller(msg)
-	l.slogger.Log(context.TODO(), level,
+	l.slogger.Log(context.TODO(), level, // nolint:sloglint // it's fine to not have a constant or literal here
 		msg,
 		"caller", caller,
 	)

diff --git a/pkg/log/logshipper/logshipper.go b/pkg/log/logshipper/logshipper.go
@@ -307,14 +307,16 @@ func (ls *LogShipper) updateLogShippingLevel() {
 	case "error":
 		ls.slogLevel.Set(slog.LevelError)
 	case "default":
-		ls.knapsack.Slogger().Error("unrecognized flag value for log shipping level",
+		ls.knapsack.Slogger().Log(context.TODO(), slog.LevelError,
+			"unrecognized flag value for log shipping level",
 			"flag_value", ls.knapsack.LogShippingLevel(),
 			"current_log_level", ls.slogLevel.String(),
 		)
 	}
 
 	if startingLevel != ls.slogLevel.Level() {
-		ls.knapsack.Slogger().Info("log shipping level changed",
+		ls.knapsack.Slogger().Log(context.TODO(), slog.LevelInfo,
+			"log shipping level changed",
 			"old_log_level", startingLevel.String(),
 			"new_log_level", ls.slogLevel.Level().String(),
 			"send_interval", sendInterval.String(),

diff --git a/pkg/log/multislogger/multislogger_test.go b/pkg/log/multislogger/multislogger_test.go
@@ -24,29 +24,29 @@ func TestMultiSlogger(t *testing.T) {
 	}
 
 	multislogger := New()
-	multislogger.Logger.Debug("dont panic")
+	multislogger.Logger.DebugContext(context.TODO(), "dont panic")
 
 	multislogger = New(slog.NewJSONHandler(&debugLogBuf, &slog.HandlerOptions{Level: slog.LevelDebug}))
 
 	shipperLogLevel := new(slog.LevelVar)
 	shipperLogLevel.Set(slog.LevelInfo)
 	multislogger.AddHandler(slog.NewJSONHandler(&shipperBuf, &slog.HandlerOptions{Level: shipperLogLevel}))
 
-	multislogger.Logger.Debug("debug_msg")
+	multislogger.Logger.DebugContext(context.TODO(), "debug_msg")
 
 	require.Contains(t, debugLogBuf.String(), "debug_msg", "should be in debug log since it's debug level")
 	require.Empty(t, shipperBuf.String(), "should not be in shipper log since it's debug level")
 	clearBufsFn()
 
-	multislogger.Logger.Info("info_msg")
+	multislogger.Logger.InfoContext(context.TODO(), "info_msg")
 
 	require.Contains(t, debugLogBuf.String(), "info_msg", "should be in debug log since it's info level and that's higher than debug level")
 	require.Contains(t, shipperBuf.String(), "info_msg", "should be in shipper log since it's info level")
 	clearBufsFn()
 
 	// set shipper level to debug
 	shipperLogLevel.Set(slog.LevelDebug)
-	multislogger.Logger.Debug("debug_msg")
+	multislogger.Logger.DebugContext(context.TODO(), "debug_msg")
 
 	require.Contains(t, debugLogBuf.String(), "debug_msg", "should be in debug log since it's debug level")
 	require.Contains(t, shipperBuf.String(), "debug_msg", "should now be in shipper log since it's level was set to debug")

diff --git a/pkg/service/check_health.go b/pkg/service/check_health.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"log/slog"
 	"time"
 
 	"github.com/go-kit/kit/endpoint"
@@ -106,7 +107,7 @@ func (s *grpcServer) CheckHealth(ctx context.Context, req *pb.AgentApiRequest) (
 func (mw logmw) CheckHealth(ctx context.Context) (status int32, err error) {
 	defer func(begin time.Time) {
 		uuid, _ := uuid.FromContext(ctx)
-		mw.knapsack.Slogger().Debug("check health",
+		mw.knapsack.Slogger().Log(ctx, slog.LevelDebug, "check health",
 			"method", "CheckHealth",
 			"uuid", uuid,
 			"status", status,

diff --git a/pkg/service/client_grpc.go b/pkg/service/client_grpc.go
@@ -3,6 +3,7 @@ package service
 import (
 	"context"
 	"crypto/x509"
+	"log/slog"
 	"net"
 	"strings"
 	"time"
@@ -105,7 +106,8 @@ func DialGRPC(
 	opts ...grpc.DialOption, // Used for overrides in testing
 ) (*grpc.ClientConn, error) {
 
-	k.Slogger().Debug("dialing grpc server",
+	k.Slogger().Log(context.TODO(), slog.LevelDebug,
+		"dialing grpc server",
 		"server", k.KolideServerURL(),
 		"tls_secure", !k.InsecureTLS(),
 		"transport_secure", !k.InsecureTransportTLS(),

diff --git a/pkg/service/publish_logs.go b/pkg/service/publish_logs.go
@@ -179,7 +179,7 @@ func (mw logmw) PublishLogs(ctx context.Context, nodeKey string, logType logger.
 			}
 		}
 
-		mw.knapsack.Slogger().Log(ctx, levelForError(err), message,
+		mw.knapsack.Slogger().Log(ctx, levelForError(err), message, // nolint:sloglint // it's fine to not have a constant or literal here
 			"method", "PublishLogs",
 			"uuid", uuid,
 			"logType", logType,

diff --git a/pkg/service/publish_results.go b/pkg/service/publish_results.go
@@ -194,7 +194,7 @@ func (mw logmw) PublishResults(ctx context.Context, nodeKey string, results []di
 			}
 		}
 
-		mw.knapsack.Slogger().Log(ctx, levelForError(err), message,
+		mw.knapsack.Slogger().Log(ctx, levelForError(err), message, // nolint:sloglint // it's fine to not have a constant or literal here
 			"method", "PublishResults",
 			"uuid", uuid,
 			"results", string(resJSON),

diff --git a/pkg/service/request_config.go b/pkg/service/request_config.go
@@ -140,7 +140,7 @@ func (mw logmw) RequestConfig(ctx context.Context, nodeKey string) (config strin
 			message = "failure"
 		}
 
-		mw.knapsack.Slogger().Log(ctx, levelForError(err), message,
+		mw.knapsack.Slogger().Log(ctx, levelForError(err), message, // nolint:sloglint // it's fine to not have a constant or literal here
 			"method", "RequestConfig",
 			"uuid", uuid,
 			"config_size", len(config),

diff --git a/pkg/service/request_enrollment.go b/pkg/service/request_enrollment.go
@@ -217,7 +217,7 @@ func (mw logmw) RequestEnrollment(ctx context.Context, enrollSecret, hostIdentif
 			)
 		}
 
-		mw.knapsack.Slogger().Log(ctx, levelForError(err), message, keyvals...)
+		mw.knapsack.Slogger().Log(ctx, levelForError(err), message, keyvals...) // nolint:sloglint // it's fine to not have a constant or literal here
 	}(time.Now())
 
 	nodekey, reauth, err = mw.next.RequestEnrollment(ctx, enrollSecret, hostIdentifier, details)

diff --git a/pkg/service/tls.go b/pkg/service/tls.go
@@ -2,10 +2,12 @@ package service
 
 import (
 	"bytes"
+	"context"
 	"crypto/sha256"
 	"crypto/tls"
 	"crypto/x509"
 	"errors"
+	"log/slog"
 	"net/url"
 
 	"github.com/kolide/launcher/ee/agent/types"
@@ -18,7 +20,8 @@ func makeTLSConfig(k types.Knapsack, rootPool *x509.CertPool) *tls.Config {
 		// gRPC doesn't use the port for TLS verification. So we strip it here.
 		u, err := url.Parse(k.KolideServerURL())
 		if err != nil {
-			k.Slogger().Error("failed to parse server URL",
+			k.Slogger().Log(context.TODO(), slog.LevelError,
+				"failed to parse server URL",
 				"err", err,
 			)
 			return nil
@@ -54,7 +57,8 @@ func makeTLSConfig(k types.Knapsack, rootPool *x509.CertPool) *tls.Config {
 			// gRPC does not seem to expose the error in a way that
 			// we can get at it later. At least this provides some
 			// feedback to the user about what is going wrong.
-			k.Slogger().Error("no match found with pinned certificates",
+			k.Slogger().Log(context.TODO(), slog.LevelError,
+				"no match found with pinned certificates",
 				"err", "certificate pin validation failed",
 			)
 			return errors.New("no match found with pinned cert")