v11.4 log path restriction#8731
Merged
cwarnermm merged 4 commits intov11.4-documentationfrom Feb 9, 2026
Merged
Conversation
* Update Playbooks v2.6 checklists documentation - Add channel checklists as first-class workflows from v2.6.0 - Document rebrand from "Playbook Runs" to "Checklists" - Update mobile v2.35.0 "Playbook checklists" terminology - Document channel-based permissions vs playbook permissions - Add API changes: Type field and optional playbook_id - Include mobile API endpoints for checklist operations - Mark PR evidence gaps for human validation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * Editorial review cleanup * Incorporated reviewer feedback --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com>
Document the new MM_LOG_PATH environment variable and log path validation feature introduced in Mattermost v11.4.0. This security enhancement restricts log file locations to a designated root directory to prevent unauthorized filesystem access via logging configuration. Changes include: Environment Variables: - Add MM_LOG_PATH documentation with purpose, default, usage examples - Document validation behavior and error handling Logging Configuration: - Add comprehensive "Log path restrictions" section - Document path validation mechanism (absolute path resolution, symlink handling, directory boundary enforcement) - Provide valid and invalid configuration examples - Add troubleshooting guidance for log access errors - Update file target configuration to note v11.4 path requirements Support Packet Generation: - Document audit logging for support packet generation (v11.4+) - Note audit trail metadata for compliance tracking Configuration Settings Reference: - Update FileLocation setting with v11.4 validation note - Update AdvancedLoggingJSON with path restriction requirements - Add cross-references to detailed logging documentation Security Guide: - Add log path restrictions to security features list - Highlight access control and configuration integrity benefits Troubleshooting: - Add "Log files not accessible" troubleshooting section - Provide step-by-step resolution procedures - Include decision flowchart for diagnosing log access issues - Offer migration paths for existing custom log configurations Addresses both System Admin and Risk Assessor personas with practical configuration guidance, security context, and comprehensive troubleshooting support. Resolves #8730 Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com>
Contributor
|
Newest code from mattermost has been published to preview environment for Git SHA 3e46368 |
wiggin77
reviewed
Feb 9, 2026
|
|
||
| The path you configure must exist, and Mattermost must have write permissions for this directory. | ||
| - The path you configure must exist, and Mattermost must have write permissions for this directory. | ||
| - From Mattermost v11.4, log file paths are validated to ensure they remain within the directory specified by the ``MM_LOG_PATH`` environment variable. If ``MM_LOG_PATH`` is not set, the default ``logs`` directory is used. Paths outside the allowed root directory are blocked. See the :doc:`Mattermost logging </administration-guide/manage/logging>` documentation for details. |
Member
There was a problem hiding this comment.
Paths outside the allowed root directory are blocked
Currently paths outside the root cause an error in logs (to inform the admin they need to align with the policy) for writing logs. The blocking happens when trying to download logs for support packet. We may block writing logs outside the root in a future release.
wiggin77
reviewed
Feb 9, 2026
| - See the :doc:`Mattermost logging </administration-guide/manage/logging>` documentation for details. These targets have been chosen as they support the vast majority of log aggregators, and other log analysis tools, without needing additional software installed. | ||
| - Logs are recorded asynchronously to reduce latency to the caller. | ||
| - Advanced logging supports hot-reloading of logger configuration. | ||
| - From Mattermost v11.4, all file paths specified in ``AdvancedLoggingJSON`` configurations must be within the directory specified by the ``MM_LOG_PATH`` environment variable. See :ref:`log path restrictions <administration-guide/manage/logging:log path restrictions>` for details. |
Member
There was a problem hiding this comment.
must be within the directory
Here I think the wording is more restrictive than the actual policy. We inform the admin on log writing, and block downloads of logs.
Contributor
Author
Contributor
|
Claude finished @cwarnermm's task in 2m 3s —— View job Technical Feedback IncorporatedCompleted Tasks:
SummaryUpdated wording across 3 documentation files to accurately reflect log path validation behavior: Key corrections:
Files updated:
Changes maintain concise technical language for admin audiences per your request. Branch: claude/issue-8730-20260206-2116 |
Update documentation to accurately reflect that log paths outside the root directory generate error logs and are excluded from support packet downloads, rather than being blocked from writing. Softened "must be" language to "should be" to align with actual enforcement level. Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com>
Contributor
|
Newest code from mattermost has been published to preview environment for Git SHA 9ad3e79 |
wiggin77
approved these changes
Feb 9, 2026
Contributor
|
Newest code from mattermost has been published to preview environment for Git SHA 9ad3e79 |
Contributor
|
Newest code from mattermost has been published to preview environment for Git SHA 9215a57 |
cwarnermm
added
3: Reviews Complete
amyblais
added a commit
that referenced
this pull request
Feb 16, 2026
* Update conf.py * Mobile v2.36 Docs: Add self-management capability to channel members (#8665) * Mobile v2.36 Docs: Add self-management capability to channel members - Added documentation for managing own membership from Manage Channel Members screen - Reflects PR #9301 / MM-66375 bug fix in mobile v2.36+ - Mobile-specific workflow for users with member management permissions 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * Update manage-channel-members.rst * Remove unrelated formatting changes - Remove trailing newline added in previous commit - Clean up trailing whitespace throughout file Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * Editorial review updates --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> * Mobile v2.37 Docs: Playbook run attributes UI (#8712) * docs: add mobile v2.37.0 support for playbook run attributes - Add note about mobile support from v2.37.0 for viewing and editing playbook run attributes - Document mobile limitations: no color support, URLs treated as plain text - Update Playbook attributes and Conditional playbooks sections Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * docs: add Mattermost Playbook v2.5.0 requirement - Add note that playbook attributes feature requires Playbook v2.5.0 or later - Addresses feedback from @Willyfrog Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> --------- Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * Add mobile task deletion documentation for v2.37.0 (#8713) Document new mobile capability to delete playbook tasks from Mattermost mobile v2.37.0 onward. Added "Delete tasks" subsection under Mobile playbooks task management with confirmation dialog and permanence warning. Closes #8711 Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * docs: add mobile v2.37.0 custom emoji and skin tone support (#8710) Add capability note for custom emoji selection and skin tone application on mobile devices from Mattermost mobile v2.37.0. Resolves #8708 Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * v11.4 log path restriction (#8731) * Update Playbooks v2.6 checklists documentation (#8656) * Update Playbooks v2.6 checklists documentation - Add channel checklists as first-class workflows from v2.6.0 - Document rebrand from "Playbook Runs" to "Checklists" - Update mobile v2.35.0 "Playbook checklists" terminology - Document channel-based permissions vs playbook permissions - Add API changes: Type field and optional playbook_id - Include mobile API endpoints for checklist operations - Mark PR evidence gaps for human validation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * Editorial review cleanup * Incorporated reviewer feedback --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * docs: Add v11.4 log path restriction documentation Document the new MM_LOG_PATH environment variable and log path validation feature introduced in Mattermost v11.4.0. This security enhancement restricts log file locations to a designated root directory to prevent unauthorized filesystem access via logging configuration. Changes include: Environment Variables: - Add MM_LOG_PATH documentation with purpose, default, usage examples - Document validation behavior and error handling Logging Configuration: - Add comprehensive "Log path restrictions" section - Document path validation mechanism (absolute path resolution, symlink handling, directory boundary enforcement) - Provide valid and invalid configuration examples - Add troubleshooting guidance for log access errors - Update file target configuration to note v11.4 path requirements Support Packet Generation: - Document audit logging for support packet generation (v11.4+) - Note audit trail metadata for compliance tracking Configuration Settings Reference: - Update FileLocation setting with v11.4 validation note - Update AdvancedLoggingJSON with path restriction requirements - Add cross-references to detailed logging documentation Security Guide: - Add log path restrictions to security features list - Highlight access control and configuration integrity benefits Troubleshooting: - Add "Log files not accessible" troubleshooting section - Provide step-by-step resolution procedures - Include decision flowchart for diagnosing log access issues - Offer migration paths for existing custom log configurations Addresses both System Admin and Risk Assessor personas with practical configuration guidance, security context, and comprehensive troubleshooting support. Resolves #8730 Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * docs: Clarify log path validation behavior per technical feedback Update documentation to accurately reflect that log paths outside the root directory generate error logs and are excluded from support packet downloads, rather than being blocked from writing. Softened "must be" language to "should be" to align with actual enforcement level. Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * Editorial reviews --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> * v11.4: Added debug log to indicate the job is not running as the node is not a leader node (#8707) * docs: Document v11.4 cluster job execution debug messages Add documentation for new debug log messages introduced in Mattermost v11.4.0 that help system admins understand cluster job execution behavior in high availability deployments. Changes: - Added new section in logging.rst documenting cluster job debug messages for scheduled posts, DND status reset, and post reminders - Added notes in high-availability-cluster-based-deployment.rst about debug messages in leader election and job server sections - Added tip in experimental-configuration-settings.rst about verifying cluster job execution with debug messages These DEBUG-level messages indicate normal operation when non-leader nodes skip job execution, helping admins troubleshoot cluster behavior. Resolves #8706 Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * docs: Clarify debug log messages apply only to Recurring Tasks Update documentation to specify that v11.4 debug log messages for cluster job execution apply only to Recurring Tasks (Scheduled Posts, Post Reminders, and DND Status Reset), not all cluster jobs. This prevents admins from incorrectly assuming the absence of these debug messages for other job types (Elasticsearch indexing, SAML sync, LDAP sync, etc.) indicates a problem with job execution. Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> * Editorial reviews --------- Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> * V11.4 sync agents submodule (#8737) * Update AI docs * Sync'd Agents submodule for v11.4 * Apply suggestion from @cwarnermm * v11.4 Changelog (#8645) * Update docs for v11.4 Feature Release (February 16th) - Added v11.4.0 release section to v11 changelog - Updated server releases table with v11.4 download links and support dates - Updated RHEL and tar deployment guides with latest v11.4.0 download URLs - Added v11.4 compatibility to desktop app v6.0 compatibility matrix - Added v11.4.0 to open source components server list - Added v11.4 placeholder entry in important upgrade notes 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> * Update release-policy.md * Update software-hardware-requirements.rst * Update deprecated-features.rst * Update open-source-components.rst * Update mattermost-desktop-releases.md * Update mattermost-v11-changelog.md * Update deprecated-features.rst * Update mattermost-v11-changelog.md * Update important-upgrade-notes.rst * Update important-upgrade-notes.rst * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update important-upgrade-notes.rst * Update deprecated-features.rst * Update source/product-overview/mattermost-v11-changelog.md Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> * Update source/administration-guide/upgrade/important-upgrade-notes.rst Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> * Update important-upgrade-notes.rst * Update deprecated-features.rst * Update mattermost-v11-changelog.md * Update important-upgrade-notes.rst * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md * Update source/product-overview/mattermost-v11-changelog.md Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Update mattermost-v11-changelog.md * Update software-hardware-requirements.rst * Update mattermost-v11-changelog.md * Update mattermost-v11-changelog.md --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Update ui-ada-changelog.rst (#8704) * Update mattermost-desktop-releases.md --------- Co-authored-by: Combs7th <147677911+Combs7th@users.noreply.github.com> Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Combs7th <Combs7th@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> Co-authored-by: Doug Lauder <wiggin77@warpmail.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Document the new
MM_LOG_PATHenvironment variable and log path validation feature introduced in Mattermost v11.4.0. This security enhancement restricts log file locations to a designated root directory to prevent unauthorized filesystem access via logging configuration.Changes
Resolves #8730
Generated with Claude Code