fix: logging handler must not crash its caller on reopen failure

When decnet.system.log is root-owned (e.g. created by a pre-fix 'sudo decnet deploy') and a subsequent non-root process tries to log, the InodeAwareRotatingFileHandler raised PermissionError out of emit(), which propagated up through logger.debug/info and killed the collector's log stream loop ('log stream ended ... reason=[Errno 13]'). Now matches stdlib behaviour: wrap _open() in try/except OSError and defer to handleError() on failure. Adds a regression test. Also: scripts/profile/view.sh 'pyinstrument' keyword was matching memray-flamegraph-*.html files. Exclude the memray-* prefix.
2026-04-17 14:01:36 -04:00
parent c29ca977fd
commit cb12e7c475
3 changed files with 32 additions and 2 deletions
--- a/decnet/logging/inode_aware_handler.py
+++ b/decnet/logging/inode_aware_handler.py
@@ -48,5 +48,13 @@ class InodeAwareRotatingFileHandler(logging.handlers.RotatingFileHandler):
                    self.close()
            except Exception:  # nosec B110
                pass
-            self.stream = self._open()
+            try:
+                self.stream = self._open()
+            except OSError:
+                # A logging handler MUST NOT crash its caller. If we can't
+                # reopen (e.g. file is root-owned after `sudo decnet deploy`
+                # and the current process is non-root), defer to the stdlib
+                # error path, which just prints a traceback to stderr.
+                self.handleError(record)
+                return
        super().emit(record)