RFE: keystone-manage CLI to allow using syslog & specific log files

Bug #1570463 reported by Emilien Macchi on 2016-04-14
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Medium
Unassigned

Bug Description

Currently, keystone-manage CLI tool will by default write in $log_dir/$log_file, which is most of the case /var/log/keystone.log.

Some actions (like fernet keys generations) are dynamic, and having them in a separated logfile would be a nice feature for operators. Also supporting syslog would be very helpful for production deployments.

Morgan Fainberg (mdrnstm) wrote :

The fernet keys should not be writable by the keystone user, typically by root (same as a certificate), therefore the log should likewise be separate to avoid breaking normal logging.

The use of syslog would easily solve this issue.

tags: added: fernet logging low-hanging-fruit
Changed in keystone:
status: New → Triaged
importance: Undecided → Medium
Steve Martinelli (stevemar) wrote :

unassigning due to inactivity

no longer affects: keystone/newton
Changed in keystone:
assignee: nobody → Annapoornima Koppad (annakoppad)
David Stanek (dstanek) wrote :

Unassigned due to inactivity.

Changed in keystone:
assignee: Annapoornima Koppad (annakoppad) → nobody
Richard (csravelar) on 2017-01-23
Changed in keystone:
assignee: nobody → Anthony Washington (anthony-washington)
Changed in keystone:
assignee: Anthony Washington (anthony-washington) → nobody
Huayu Ouyang (hlo323) on 2017-03-27
Changed in keystone:
assignee: nobody → Huayu Ouyang (hlo323)
Lance Bragstad (lbragstad) wrote :

Automatically unassigning due to inactivity.

Changed in keystone:
assignee: Huayu Ouyang (hlo323) → nobody
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers