Bug #13788 fix vitamui log rotation compression

[gueyebabacar]

Description

Problem

The accesslogs and management_accesslogs files of VitamUI were not compressed during daily rotation.

Resolution

1. Creation of /etc/logrotate.d/vitamui with the following configuration:

   • Log targeting: /vitamui/log/*/accesslog*.log /vitamui/log/*/management_accesslog*.log
   • Detailed options:
     • "daily": Rotation performed once a day.
     • "rotate 7": Retention of the last 7 versions of the logs before deletion.
     • "compress": Compression of rotated logs in gzip format (.gz).
     • "missingok": Ignores errors if a targeted log file does not exist.
     • "notifempty": Does not rotate files if they are empty.
     • "create 640 root root": Creates a new log file after rotation with permissions 640 (read/write for root, read for the root group).
     • "dateext": Adds the date to the name of rotated files (e.g., -20250326).

2. Verification that logrotate is scheduled in /etc/cron.daily/ for automatic daily execution.

Result

The logs are now rotated daily and compressed in .gz format, as required.

Type of Change

• Ansible Management
• Fix

Contributor

• Program Vitam

[vitam-prg]

Checkmarx One – Scan Summary & Details – fb51f88a-fffc-427c-acd5-0e296ecc85aa

New Issues (67)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Passwords And Secrets - Generic Password	/vitamui_vars.yml: 205	details Query to find passwords and secrets in infrastructure code.
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitController.java: 197	details Method startDeletionAction at line 197 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitControll... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitController.java: 197	details Method startDeletionAction at line 197 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitControll... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitController.java: 197	details Method startDeletionAction at line 197 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionArchiveUnitControll... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java: 183	details Method reclassification at line 183 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java gets u... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java: 183	details Method reclassification at line 183 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java gets u... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java: 183	details Method reclassification at line 183 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java gets u... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java: 183	details Method reclassification at line 183 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java gets u... Attack Vector
	Log_Forging	/api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java: 183	details Method reclassification at line 183 of /api/api-collect/collect/src/main/java/fr/gouv/vitamui/collect/server/rest/TransactionController.java gets u... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 229	details Method updateArchiveUnitsRules at line 229 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arch... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 218	details Method startEliminationUnitTreeAction at line 218 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/re... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 239	details Method computedInheritedRules at line 239 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archi... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 249	details Method selectUnitWithInheritedRules at line 249 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 259	details Method reclassification at line 259 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSea... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 208	details Method startEliminationAction at line 208 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archi... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 249	details Method selectUnitWithInheritedRules at line 249 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 116	details Method searchArchiveUnitsByCriteria at line 116 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 239	details Method computedInheritedRules at line 239 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archi... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 249	details Method selectUnitWithInheritedRules at line 249 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 259	details Method reclassification at line 259 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSea... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 198	details Method startEliminationAnalysis at line 198 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arc... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 208	details Method startEliminationAction at line 208 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archi... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 218	details Method startEliminationUnitTreeAction at line 218 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/re... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 229	details Method updateArchiveUnitsRules at line 229 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arch... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 178	details Method exportDIPByCriteria at line 178 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archives... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 188	details Method transferRequest at line 188 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSear... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 168	details Method exportCsvArchiveUnitsByCriteria at line 168 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/r... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 239	details Method computedInheritedRules at line 239 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archi... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 229	details Method updateArchiveUnitsRules at line 229 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arch... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 178	details Method exportDIPByCriteria at line 178 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Archives... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 188	details Method transferRequest at line 188 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSear... Attack Vector
	Log_Forging	/api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 168	details Method exportCsvArchiveUnitsByCriteria at line 168 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/r... Attack Vector

More results are available on the CxOne platform

Fixed Issues (1)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	~~Passwords And Secrets - Generic Password~~	/vitamui_vars.yml: 204