From bd4c8934bf9ca7fcaaa264b3680e9c26331999a8 Mon Sep 17 00:00:00 2001 From: Serge Panev Date: Wed, 18 Mar 2026 01:07:15 -0700 Subject: [PATCH] fix(sandbox): rotate openshell.log daily, keep 3 files Replace unbounded append-only log with a RollingFileAppender (daily rotation, max 3 files). tracing-appender is already a workspace dependency so no new crates are needed. Closes #30 Signed-off-by: Serge Panev --- crates/openshell-sandbox/src/main.rs | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/crates/openshell-sandbox/src/main.rs b/crates/openshell-sandbox/src/main.rs index 7e02459e..cdf5f6ff 100644 --- a/crates/openshell-sandbox/src/main.rs +++ b/crates/openshell-sandbox/src/main.rs @@ -95,15 +95,18 @@ struct Args { async fn main() -> Result<()> { let args = Args::parse(); - // Try to open the log file; fall back to stdout-only logging if it fails + // Try to open a rolling log file; fall back to stdout-only logging if it fails // (e.g., /var/log is not writable in custom workload images). - let file_logging = std::fs::OpenOptions::new() - .create(true) - .append(true) - .open("/var/log/openshell.log") + // Rotates daily, keeps the 3 most recent files to bound disk usage. + let file_logging = tracing_appender::rolling::RollingFileAppender::builder() + .rotation(tracing_appender::rolling::Rotation::DAILY) + .filename_prefix("openshell") + .filename_suffix("log") + .max_log_files(3) + .build("/var/log") .ok() - .map(|file| { - let (writer, guard) = tracing_appender::non_blocking(file); + .map(|roller| { + let (writer, guard) = tracing_appender::non_blocking(roller); (writer, guard) }); @@ -156,7 +159,7 @@ async fn main() -> Result<()> { .with(push_layer) .init(); // Log the warning after the subscriber is initialized - warn!("Could not open /var/log/openshell.log; using stdout-only logging"); + warn!("Could not open /var/log for log rotation; using stdout-only logging"); None };