OpenStack-Ansible

AIDE should not look at changes in /run

Bug #1617343 reported by Major Hayden
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Fix Released
Low
Major Hayden

Bug Description

AIDE shouldn't be wandering into /run since things there only live temporarily.

---------------------------------------------------
Changed entries:
---------------------------------------------------

d =.... mc.. .. .: /etc/apparmor.d/libvirt
d =.... mc.. .. .: /etc/libvirt/qemu
d =.... mc.. .. .: /root
f >b... mc..C.. .: /root/.bash_history
f >.... mc..C.. .: /root/.ssh/known_hosts
f >b... mci.C.. .: /root/.viminfo
f =.... mci.C.. : /run/motd.dynamic
d >.... mc.. .. : /run/shm
f =.... ....C.. : /run/shm/spice.29052
d =.... mc.. .. : /run/systemd/sessions
d =.... mc.. .. : /run/systemd/users
f =.... mci.C.. : /run/systemd/users/0
d >.... . .. : /run/udev/data
d =.... mc.. .. : /run/user

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-security (master)

Fix proposed to branch: master
Review: https://review.openstack.org/361237

Changed in openstack-ansible:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-security (master)

Reviewed: https://review.openstack.org/361237
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=129e6292547f347b2038ba75655e95f73373b6cf
Submitter: Jenkins
Branch: master

commit 129e6292547f347b2038ba75655e95f73373b6cf
Author: Major Hayden <email address hidden>
Date: Fri Aug 26 09:17:18 2016 -0500

    Exclude /run from AIDE checks

    The /run directory contains items that change frequently and often
    change when services start/stop or the system reboots. This patch
    excludes the /run directory from AIDE checks.

    Closes-bug: 1617343
    Change-Id: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16

Changed in openstack-ansible:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-security (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/362242

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-security (stable/mitaka)

Reviewed: https://review.openstack.org/362242
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=a32903414c2e50bd251a928584c7b9b8c88f1862
Submitter: Jenkins
Branch: stable/mitaka

commit a32903414c2e50bd251a928584c7b9b8c88f1862
Author: Major Hayden <email address hidden>
Date: Fri Aug 26 09:17:18 2016 -0500

    Exclude /run from AIDE checks

    The /run directory contains items that change frequently and often
    change when services start/stop or the system reboots. This patch
    excludes the /run directory from AIDE checks.

    Closes-bug: 1617343
    Change-Id: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16

tags: added: in-stable-mitaka
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-security (liberty)

Fix proposed to branch: liberty
Review: https://review.openstack.org/362830

Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/openstack-ansible-security 14.0.0.0b3

This issue was fixed in the openstack/openstack-ansible-security 14.0.0.0b3 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-security (liberty)

Reviewed: https://review.openstack.org/362830
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=e7373c4985ae8f4921b54002e2416554cb0da200
Submitter: Jenkins
Branch: liberty

commit e7373c4985ae8f4921b54002e2416554cb0da200
Author: Major Hayden <email address hidden>
Date: Fri Aug 26 09:17:18 2016 -0500

    Exclude /run from AIDE checks

    The /run directory contains items that change frequently and often
    change when services start/stop or the system reboots. This patch
    excludes the /run directory from AIDE checks.

    Closes-bug: 1617343
    Backport-of: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16
    Change-Id: Ib74d6ec24991039299b3ad2c2d550f488fc463ba

tags: added: in-liberty
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/openstack-ansible-security 13.3.4

This issue was fixed in the openstack/openstack-ansible-security 13.3.4 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/openstack-ansible-security 12.2.4

This issue was fixed in the openstack/openstack-ansible-security 12.2.4 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.