[Zope-Coders] new zLOG

[Guido van Rossum]

> > Having an import have the side effect of writing a file causes problems
> > when you have a process which needs to setuid after importing zLOG as
> > root.  The log file is written as root (which it shouldn't be) and the
> > effective user is only able to write to the log for as long as the file
> > stays open.  Suggestions?
> 
> Probably not some helpful ones:
> 
> 1. Give the 'stupid log file' its proper name back. This is another
> reason why writing to a file is a stupid way to do event logging.

Yes please.  There are way too many places that currently have to look
for two envvars where one would be enough.

> 2. Accept that Zope currently gives up root privelidges far too
> late. This is a bug with the privelidge dropping, not with the
> logging. Even worse, Zope currently writes a few ZODB transactions
> as root too.

I need to reopen this discussion.  Since Chris called my position
short-sighted, I've discovered several more programs (e.g. ZRS and the
test suite) that use zLOG where logging "mysteriously" disappeared for
lack of calling zLOG.initialize().  The problem with tracking all of
these down is that normally you may not have logging turned on for
some of these, so you may never realize that a piece of code broke
unless you try to turn on logging to do some heavy debugging -- and
then find yourself debugging the logging.

I propose that there be some interface where Zope (or any setuid
program) can call e.g. zLOG.initialize_later() immediately after
importing zLOG, and if this hasn't been called by the time LOG() is
called for the first time, the first LOG() call calls initialize().

This new interface could be called from z2.py.

--Guido van Rossum (home page: http://www.python.org/~guido/)