diff --git a/modules/cucumber_testsuite/main.tf b/modules/cucumber_testsuite/main.tf
index 4f0cbee8b..70abdbe67 100644
--- a/modules/cucumber_testsuite/main.tf
+++ b/modules/cucumber_testsuite/main.tf
@@ -60,6 +60,8 @@ locals {
host_key => lookup(var.host_settings[host_key], "create_first_user", false) if var.host_settings[host_key] != null }
repository_disk_use_cloud_setup = { for host_key in local.hosts :
host_key => lookup(var.host_settings[host_key], "repository_disk_use_cloud_setup", null) if var.host_settings[host_key] != null }
+ scc_access_logging = { for host_key in local.hosts :
+ host_key => lookup(var.host_settings[host_key], "scc_access_logging", false) if var.host_settings[host_key] != null }
}
module "server" {
@@ -94,6 +96,7 @@ module "server" {
additional_repos_only = lookup(local.additional_repos_only, "server", false)
additional_packages = lookup(local.additional_packages, "server", [])
login_timeout = var.login_timeout
+ scc_access_logging = lookup(local.scc_access_logging, "server", false)
saltapi_tcpdump = var.saltapi_tcpdump
provider_settings = lookup(local.provider_settings_by_host, "server", {})
diff --git a/modules/server/main.tf b/modules/server/main.tf
index ea0a58ec0..3990b8766 100644
--- a/modules/server/main.tf
+++ b/modules/server/main.tf
@@ -66,6 +66,7 @@ module "server" {
java_salt_debugging = var.java_salt_debugging
skip_changelog_import = var.skip_changelog_import
create_first_user = var.create_first_user
+ scc_access_logging = var.scc_access_logging
mgr_sync_autologin = var.mgr_sync_autologin
create_sample_channel = var.create_sample_channel
create_sample_activation_key = var.create_sample_activation_key
diff --git a/modules/server/variables.tf b/modules/server/variables.tf
index b368edcde..337ce7a0b 100644
--- a/modules/server/variables.tf
+++ b/modules/server/variables.tf
@@ -207,6 +207,12 @@ variable "traceback_email" {
default = null
}
+variable "scc_access_logging" {
+ description = "Enable logging for SCC access through taskomatic and tomcat"
+ type = bool
+ default = false
+}
+
variable "swap_file_size" {
description = "Swap file size in MiB, or 0 for none"
default = 0
diff --git a/salt/server/taskomatic.sls b/salt/server/taskomatic.sls
index 6d3e3c32b..79b7cd9c2 100644
--- a/salt/server/taskomatic.sls
+++ b/salt/server/taskomatic.sls
@@ -1,4 +1,4 @@
-{% if grains.get('java_debugging') or grains.get('java_hibernate_debugging') %}
+{% if grains.get('java_debugging') or grains.get('java_hibernate_debugging') or grains.get('scc_access_logging') %}
include:
- server.rhn
{% endif %}
@@ -33,6 +33,18 @@ taskomatic_hibernate_debug_log:
- sls: server.rhn
{% endif %}
+{% if grains.get('scc_access_logging') %}
+taskomatic_scc_access_logging:
+ file.line:
+ - name: /usr/share/rhn/classes/log4j2.xml
+ - content: ''
+ - before: ""
+ - mode: ensure
+ - indent: True
+ - require:
+ - sls: server.rhn
+{% endif %}
+
taskomatic:
service.running:
- watch:
diff --git a/salt/server/tomcat.sls b/salt/server/tomcat.sls
index f16d9e5ae..18dc4f388 100644
--- a/salt/server/tomcat.sls
+++ b/salt/server/tomcat.sls
@@ -1,4 +1,4 @@
-{% if grains.get('java_debugging') or grains.get('java_salt_debugging') %}
+{% if grains.get('java_debugging') or grains.get('java_salt_debugging') or grains.get('scc_access_logging') %}
include:
- server.rhn
{% endif %}
@@ -32,6 +32,23 @@ salt_server_action_service_debug_log:
- sls: server.rhn
{% endif %}
+{% if grains.get('scc_access_logging') %}
+{% if '4.3' in grains['product_version'] %}
+{% set tomcat_log4j2_xml_path = "/srv/tomcat/webapps/rhn/WEB-INF/classes/log4j2.xml" %}
+{% else %}
+{% set tomcat_log4j2_xml_path = "/usr/share/susemanager/www/tomcat/webapps/rhn/WEB-INF/classes/log4j2.xml" %}
+{% endif %}
+tomcat_scc_access_logging:
+ file.line:
+ - name: {{ tomcat_log4j2_xml_path }}
+ - content: ''
+ - before: ""
+ - mode: ensure
+ - indent: True
+ - require:
+ - sls: server.rhn
+{% endif %}
+
{% if grains.get('login_timeout') %}
extend_tomcat_login_timeout:
file.replace: