OpenStack Identity (keystone)

RFE: keystone-manage CLI to allow using syslog & specific log files

Bug #1570463 reported by Emilien Macchi on 2016-04-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Medium	Maram El-Salamouny

Bug Description

Currently, keystone-manage CLI tool will by default write in $log_dir/$log_file, which is most of the case /var/log/keystone.log.

Some actions (like fernet keys generations) are dynamic, and having them in a separated logfile would be a nice feature for operators. Also supporting syslog would be very helpful for production deployments.

Tags:

Revision history for this message

Morgan Fainberg (mdrnstm) wrote on 2016-04-14:

The fernet keys should not be writable by the keystone user, typically by root (same as a certificate), therefore the log should likewise be separate to avoid breaking normal logging.

The use of syslog would easily solve this issue.

tags:	added: fernet logging low-hanging-fruit
Changed in keystone:
status:	New → Triaged
importance:	Undecided → Medium

Revision history for this message

Steve Martinelli (stevemar) wrote on 2016-08-01:

unassigning due to inactivity

Steve Martinelli (stevemar) on 2016-09-16

no longer affects:

keystone/newton

Annapoornima Koppad (annakoppad) on 2016-09-28

Changed in keystone:
assignee:	nobody → Annapoornima Koppad (annakoppad)

Revision history for this message

David Stanek (dstanek) wrote on 2017-01-23:

Unassigned due to inactivity.

Changed in keystone:
assignee:	Annapoornima Koppad (annakoppad) → nobody

Richard (csravelar) on 2017-01-23

Changed in keystone:
assignee:	nobody → Anthony Washington (anthony-washington)

Anthony Washington (anthony-washington) on 2017-02-01

Changed in keystone:
assignee:	Anthony Washington (anthony-washington) → nobody

Huayu Ouyang (hlo323) on 2017-03-27

Changed in keystone:
assignee:	nobody → Huayu Ouyang (hlo323)

Revision history for this message

Lance Bragstad (lbragstad) wrote on 2017-08-02:

Automatically unassigning due to inactivity.

Changed in keystone:
assignee:	Huayu Ouyang (hlo323) → nobody

Maram El-Salamouny (maramelsalamouny) on 2018-10-21

Changed in keystone:
assignee:	nobody → Maram El-Salamouny (maramelsalamouny)

Revision history for this message

Colleen Murphy (krinkle) wrote on 2018-10-29:

Is this not already handled? There is a --use-syslog option and a --log-file option for keystone-manage: https://docs.openstack.org/keystone/latest/cli/keystone-manage.html

Changed in keystone:
status:	Triaged → Incomplete
tags:	removed: low-hanging-fruit

Revision history for this message

David Wilde (dave-wilde) wrote on 2022-12-16:

This functionality is now available in keystone-manage

Changed in keystone:
status:	Incomplete → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.