Satys

## entrypoint.sh
# Remove any orphaned rsyslog.pid
rm -f /var/run/rsyslogd.pid

# Start Rsyslog
/usr/sbin/rsyslogd -n -f /etc/rsyslog.conf &

## DOCKERFILE
FROM safesecurity/rsyslog:8.2012.0

RUN apk add inotify-tools

# Rsyslog Configuration file
COPY --chown=root:root rsyslog.conf /etc/rsyslog.conf
RUN chmod 0644 /etc/rsyslog.conf

# Copy and configure Entrypoint.sh
COPY entrypoint.sh /entrypoint.sh

## Rsyslog live reloader
inotifywait --quiet --monitor --event CLOSE_WRITE /etc/rsyslog.d/rsyslog.conf \
| while read change; do
    echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload start"
    if [ -f /var/run/rsyslogd.pid ] && kill -TERM $(cat /var/run/rsyslogd.pid); then
        /usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
    else
        /usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
    fi
    echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload complete"
done

## gist:8d6b002a5ca3ebc9040d46c2dd0bfdbc
if [ -f /var/run/rsyslogd.pid ] && kill -TERM $(cat /var/run/rsyslogd.pid); then
    /usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
else
    /usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
fi
echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload complete"

## gist:504d980b2db9f394c9c73bb8b5bdd8a8
inotifywait --quiet --monitor --event CLOSE_WRITE /etc/rsyslog.d/rsyslog.conf \
| while read change; do
    echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload start"
done

## evaluate role access
for (i=0 -> permissions_to_be_checked.length) {
    if (permissions_to_be_checked[i] in allowed_permissions) {
        return {
            status: true,
            message: "Authorized"
        }
    }
}
return {
    status: false,

## get permissions to be checked
// read url_permission.js file
url_permission = parse(open("url_permission.js"))
permissions_to_be_checked = url_permission["assignments/submit"]
// it returns permissions_to_be_checked = ["submit_assignment"]

## get allowed permissions
//pseudo mysql query
all_permissions = query("SELECT id, name FROM Permissions")
// it returns all_permissions = [
                                   [1, "start_class"],
                                   [2, "end_class"],
                                   [3, "submit_assignment"],
                                   [4, "evaluate_assignment"]
                                ]
allowed_permissions = []
// pseudo code to evaluate allowed_permissions

## get permission status by policy
//pseudo mysql query
permissions_status = query(`SELECT permissions_status from Policy where id=${policy_id}`)
// it returns permissions_status = "0010"

## get policy by role
//pseudo mysql query
policy_id = query(`SELECT policy_id from Role_Policy_Map where role_id=${role_id}`)
// it returns policy_id = 1
	# Remove any orphaned rsyslog.pid
	rm -f /var/run/rsyslogd.pid

	# Start Rsyslog
	/usr/sbin/rsyslogd -n -f /etc/rsyslog.conf &
	FROM safesecurity/rsyslog:8.2012.0

	RUN apk add inotify-tools

	# Rsyslog Configuration file
	COPY --chown=root:root rsyslog.conf /etc/rsyslog.conf
	RUN chmod 0644 /etc/rsyslog.conf

	# Copy and configure Entrypoint.sh
	COPY entrypoint.sh /entrypoint.sh
	inotifywait --quiet --monitor --event CLOSE_WRITE /etc/rsyslog.d/rsyslog.conf \
	\| while read change; do
	echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload start"
	if [ -f /var/run/rsyslogd.pid ] && kill -TERM $(cat /var/run/rsyslogd.pid); then
	/usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
	else
	/usr/sbin/rsyslogd -f /etc/rsyslog.d/rsyslog.conf
	fi
	echo "[DEBUG] - `(date +%F\ %T)` - rsyslog daemon reload complete"
	done
	for (i=0 -> permissions_to_be_checked.length) {
	if (permissions_to_be_checked[i] in allowed_permissions) {
	return {
	status: true,
	message: "Authorized"
	}
	}
	}
	return {
	status: false,
	// read url_permission.js file
	url_permission = parse(open("url_permission.js"))
	permissions_to_be_checked = url_permission["assignments/submit"]
	// it returns permissions_to_be_checked = ["submit_assignment"]
	//pseudo mysql query
	all_permissions = query("SELECT id, name FROM Permissions")
	// it returns all_permissions = [
	[1, "start_class"],
	[2, "end_class"],
	[3, "submit_assignment"],
	[4, "evaluate_assignment"]
	]
	allowed_permissions = []
	// pseudo code to evaluate allowed_permissions
	//pseudo mysql query
	permissions_status = query(`SELECT permissions_status from Policy where id=${policy_id}`)
	// it returns permissions_status = "0010"
	//pseudo mysql query
	policy_id = query(`SELECT policy_id from Role_Policy_Map where role_id=${role_id}`)
	// it returns policy_id = 1