PyCADF library not installing audit maps to /etc/pycadf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla |
Fix Released
|
Undecided
|
Michal Arbet |
Bug Description
Hi,
As we are using PyCADF lib for auditing [1] (and fixing issue in downstream git repositories for now), we would like to finally merge a fix to kolla and kolla-ansible gits.
When pycadf for auditing is used, there are missing audit maps in /etc/pycadf so auditing can't work.
The reason is that pycadf PIP package installing them to /var/lib/
(venv) (glance-
(venv) (glance-
(venv) (glance-
pycadf==3.1.1
(venv) (glance-
total 36
drwxr-xr-x 2 root root 4096 Oct 9 07:09 .
drwxr-xr-x 1 root root 4096 Oct 9 07:11 ..
-rw-r--r-- 1 root root 376 Oct 9 07:09 ceilometer_
-rw-r--r-- 1 root root 689 Oct 9 07:09 cinder_
-rw-r--r-- 1 root root 364 Oct 9 07:09 glance_
-rw-r--r-- 1 root root 710 Oct 9 07:09 neutron_
-rw-r--r-- 1 root root 1592 Oct 9 07:09 nova_api_
-rw-r--r-- 1 root root 340 Oct 9 07:09 swift_api_
-rw-r--r-- 1 root root 500 Oct 9 07:09 trove_api_
Audit maps which should be included - all of them >>
https:/
So, fix will be in kolla project to just include default ones, and kolla-ansible to allow override per project.
[1] https:/
Thanks,
Michal Arbet (kevko)
Changed in kolla: | |
assignee: | nobody → Michal Arbet (michalarbet) |
Oh, forgot to say that services without mapping reporting something as below :
>>
No such file or directory: '/etc/pycadf/ cinder_ api_audit_ map.conf'
<<