The log() method writes the given message to the system logger prefixed with the JavaScript filename and line number. Log entries are emitted using the >LOG_AUTHPRIV flag meaning that the log entries usually ends up in the file /var/log/secure. The log() method is usually only used when debugging rules. >The Action and Subject types has suitable toString() methods defined for easy logging, for example,
None of this works with duktape engine which just dumps whatever it got as string, so attempt to print action or subject or anything non-string results >in error. And in any case, no file name/line number is added even for string content.
I think the main issue could be fixed by using duk_to_string (or better, duk_safe_to_string). The harder part is to get the line number and file name. While the line number can be gathered by using duk_inspect_callstack_entry, the file name is FWICT only exposed through Error objects.
There's the "logging" module in the extras folder in duktape which is rather promising, but it's not API/ABI stable FWICT and we'd have to bundle it IIUC.
In GitLab by @fvogt on Jul 4, 2022, 14:53
Originally reported downstream at https://bugzilla.opensuse.org/show_bug.cgi?id=1201118.
I think the main issue could be fixed by using
duk_to_string(or better,duk_safe_to_string). The harder part is to get the line number and file name. While the line number can be gathered by usingduk_inspect_callstack_entry, the file name is FWICT only exposed throughErrorobjects.There's the "logging" module in the extras folder in duktape which is rather promising, but it's not API/ABI stable FWICT and we'd have to bundle it IIUC.