diff options
| author | fengweihao <[email protected]> | 2022-02-28 14:53:04 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2022-02-28 14:53:04 +0800 |
| commit | 3dce53c1daf6e4f48bf1602e35b802f63efd8760 (patch) | |
| tree | cb1205457a0a286f9f6a906bb478e7ec48354269 | |
| parent | 2f1dfd65808cd2e701ba002e1cc4326029c6bfdd (diff) | |
TSG-9756 修改默认工作线程数为3,拆分安全策略和管控策略maat句柄v2.3.2-20220301
| -rw-r--r-- | common/src/verify_policy_logging.cpp | 2 | ||||
| -rw-r--r-- | conf/verify_policy.conf | 2 | ||||
| -rw-r--r-- | conf/zlog.conf | 7 | ||||
| -rw-r--r-- | scan/src/policy_scan.cpp | 19 |
4 files changed, 22 insertions, 8 deletions
diff --git a/common/src/verify_policy_logging.cpp b/common/src/verify_policy_logging.cpp index 758689d..8fab9dc 100644 --- a/common/src/verify_policy_logging.cpp +++ b/common/src/verify_policy_logging.cpp @@ -42,7 +42,7 @@ void * verify_syslog_init(const char *config) goto finish; } - logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle("./logs", RLOG_LV_DEBUG); + logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle("verify_policy", RLOG_LV_DEBUG); if(logging_sc_lid.run_log_handle == NULL){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!"); goto finish; diff --git a/conf/verify_policy.conf b/conf/verify_policy.conf index d9da9e9..129c2e2 100644 --- a/conf/verify_policy.conf +++ b/conf/verify_policy.conf @@ -13,7 +13,7 @@ breakpad_upload_url="http://127.0.0.1/" [CONFIG] #Number of running threads -thread-nu = 4 +thread-nu = 3 [maat] # 0:json 1: redis 2: iris diff --git a/conf/zlog.conf b/conf/zlog.conf index c386d5c..29726bc 100644 --- a/conf/zlog.conf +++ b/conf/zlog.conf @@ -7,7 +7,8 @@ DEBUG=10 INFO=20 FATAL=30 [rules] -*.fatal "./logs/error.log.%d(%F)"; -!*.debug "./logs/verify_policy.log.%d(%F)" -!*.info "./logs/verify_policy.log.%d(%F)" +*.fatal "./logs/error.log.%d(%F)"; +verify_policy.fatal "./logs/verify_policy.log.%d(%F)"; +proxy_policy_maat.fatal "./logs/proxy_policy_maat.log.%d(%F)"; +security_policy_maat.fatal "./logs/security_policy_maat.log.%d(%F)"; diff --git a/scan/src/policy_scan.cpp b/scan/src/policy_scan.cpp index e063821..cabda2d 100644 --- a/scan/src/policy_scan.cpp +++ b/scan/src/policy_scan.cpp @@ -1342,12 +1342,19 @@ error_out: int proxy_policy_init(struct verify_policy * verify, const char* profile_path) { int ret = -1; + void *local_logger = NULL; g_pangu_rt = ALLOC(struct pangu_rt, 1); - g_pangu_rt->thread_num = verify->nr_work_threads; + local_logger = MESA_create_runtime_log_handle("proxy_policy_maat", RLOG_LV_DEBUG); + if(local_logger == NULL) + { + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!"); + } + g_pangu_rt->local_logger = verify->logger; - g_pangu_rt->maat[PXY_TABLE_MANIPULATION] = create_maat_feather("static", profile_path, "MAAT", "table_info", g_pangu_rt->thread_num, g_pangu_rt->local_logger); + g_pangu_rt->thread_num = verify->nr_work_threads; + g_pangu_rt->maat[PXY_TABLE_MANIPULATION] = create_maat_feather("static", profile_path, "MAAT", "table_info", g_pangu_rt->thread_num, local_logger); if (!g_pangu_rt->maat[PXY_TABLE_MANIPULATION]) { goto error_out; @@ -1392,7 +1399,13 @@ int security_policy_init(struct verify_policy * verify, const char* profile_path { int ret = -1; - g_pangu_rt->maat[PXY_TABLE_SECURITY] = create_maat_feather("static", profile_path, "MAAT", "table_info_tsg", g_pangu_rt->thread_num, g_pangu_rt->local_logger); + void *local_logger = MESA_create_runtime_log_handle("security_policy_maat", RLOG_LV_DEBUG); + if(local_logger == NULL) + { + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!"); + } + + g_pangu_rt->maat[PXY_TABLE_SECURITY] = create_maat_feather("static", profile_path, "MAAT", "table_info_tsg", g_pangu_rt->thread_num, local_logger); if (!g_pangu_rt->maat[PXY_TABLE_SECURITY]) { goto error_out; |