OpenStack Nova Cloud Controller Charm

n-c-c charm causes non DISA-STIG compliance

Bug #1996947 reported by Jeff Hillman on 2022-11-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Nova Cloud Controller Charm	New	Undecided	Unassigned

Bug Description

ubuntu 20.04.5
juju 2.9.37
charm latest/stable rev CH:566
nova-c-c 21.2.4

When running `sudo usg fix disa_stig` against an ubuntu 20.04.5 machine, it becomes DISA-STIG compliant.

running `juju add-machine <user>@<ip>` and then `juju deploy nova-cloud-controller --to 0` causes DISA-STIG to no longer be compliant

Specifically, running a diff against the compliant results `sudo usg audit disa_stig` and then against the newly deployed nova-cloud-controller charm causes the following diff:

```
- <rule-result idref="permissions_local_var_log" time="2022-11-16T15:38:14" severity="medium" weight="1.000000">
- <result>pass</result>
+ <rule-result idref="permissions_local_var_log" time="2022-11-17T21:17:08" severity="medium" weight="1.000000">
+ <result>fail</result>

```

nova-cloud-controller charm is breaking the permissions_local_var_log DISA-STIG compliance.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.