From 3e9ff2503374c53b4b19142d89d479ad8cc6978f Mon Sep 17 00:00:00 2001 From: Jacquin Antoine Date: Sun, 1 Mar 2026 01:49:39 +0100 Subject: [PATCH] conf: change default socket path to /var/run/logcorrelator/http.sock - Update mod_reqin_log.conf example configuration - Update README.md documentation and examples - Update architecture.yml specification - Update test_config_parsing.c test case Co-authored-by: Qwen-Coder --- README.md | 8 ++++---- architecture.yml | 4 ++-- conf/mod_reqin_log.conf | 2 +- tests/unit/test_config_parsing.c | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 0ee1d33..9a191f0 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ LoadModule reqin_log_module modules/mod_reqin_log.so JsonSockLogEnabled On # Unix socket path -JsonSockLogSocket "/var/run/mod_reqin_log.sock" +JsonSockLogSocket "/var/run/logcorrelator/http.sock" # Headers to log (be careful not to log sensitive data) JsonSockLogHeaders X-Request-Id X-Trace-Id User-Agent Referer @@ -147,7 +147,7 @@ import socket import os import json -SOCKET_PATH = os.environ.get("MOD_REQIN_LOG_SOCKET", "/var/run/mod_reqin_log.sock") +SOCKET_PATH = os.environ.get("MOD_REQIN_LOG_SOCKET", "/var/run/logcorrelator/http.sock") # Remove existing socket file if os.path.exists(SOCKET_PATH): @@ -199,7 +199,7 @@ These headers are silently skipped (logged at DEBUG level only). ### Socket Security - **Socket permissions**: Default to `0o660` (owner and group only) -- **Recommended path**: `/var/run/mod_reqin_log.sock` (not `/tmp`) +- **Recommended path**: `/var/run/logcorrelator/http.sock` (not `/tmp`) - **Environment variable**: Use `MOD_REQIN_LOG_SOCKET` to configure path - **Group membership**: Ensure Apache user is in the socket's group @@ -227,7 +227,7 @@ ls -la /usr/lib/apache2/modules/mod_reqin_log.so ### Socket connection failures ``` -[mod_reqin_log] Unix socket connect failed: /var/run/mod_reqin_log.sock +[mod_reqin_log] Unix socket connect failed: /var/run/logcorrelator/http.sock ``` - Ensure the socket consumer is running diff --git a/architecture.yml b/architecture.yml index 84cb61e..63c8481 100644 --- a/architecture.yml +++ b/architecture.yml @@ -163,7 +163,7 @@ configuration: type: string context: server-config required_when_enabled: true - example: "/var/run/mod_reqin_log.sock" + example: "/var/run/logcorrelator/http.sock" description: > Filesystem path of the Unix domain socket to which JSON log lines will be written. @@ -294,7 +294,7 @@ constraints: - Module includes built-in blacklist of sensitive headers to prevent accidental credential leakage (Authorization, Cookie, X-Api-Key, etc.). - Socket permissions default to 0o660 (owner+group only) for security. - - Recommended socket path: /var/run/mod_reqin_log.sock (not /tmp). + - Recommended socket path: /var/run/logcorrelator/http.sock (not /tmp). - Use environment variable MOD_REQIN_LOG_SOCKET to configure socket path. - Module does not anonymize IPs; data protection is delegated to configuration. - No requests are rejected due to logging failures. diff --git a/conf/mod_reqin_log.conf b/conf/mod_reqin_log.conf index 808f5a5..347dfd4 100644 --- a/conf/mod_reqin_log.conf +++ b/conf/mod_reqin_log.conf @@ -10,7 +10,7 @@ JsonSockLogEnabled On # Unix domain socket path for JSON log output # Important: if JsonSockLogEnabled is On and this directive is missing/empty, # Apache startup fails due to strict configuration validation. -JsonSockLogSocket "/var/run/mod_reqin_log.sock" +JsonSockLogSocket "/var/run/logcorrelator/http.sock" # HTTP headers to include in the JSON log # Warning: Be careful not to log sensitive headers like Authorization, Cookie, etc. diff --git a/tests/unit/test_config_parsing.c b/tests/unit/test_config_parsing.c index 6d29760..a6b5f49 100644 --- a/tests/unit/test_config_parsing.c +++ b/tests/unit/test_config_parsing.c @@ -116,8 +116,8 @@ static void test_parse_enabled_off(void **state) static void test_parse_socket_path_valid(void **state) { (void)state; - const char *result = parse_socket_path("/var/run/mod_reqin_log.sock"); - assert_string_equal(result, "/var/run/mod_reqin_log.sock"); + const char *result = parse_socket_path("/var/run/logcorrelator/http.sock"); + assert_string_equal(result, "/var/run/logcorrelator/http.sock"); } /* Test: Parse socket path empty */