auth.log fills disk
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cisco Openstack |
Fix Released
|
Critical
|
Chris Ricker | ||
Grizzly |
Fix Released
|
Critical
|
Chris Ricker |
Bug Description
in a normally running system installed with default configuration, I saw auth.log fill the disk. The quantity of auth logging is highly dependent on what the ovs-agent is doing, and I believe the log rotates once a day, so I would suggest, to reproduce:
- make lots of routers on lots of networks
- leave the system running for a day
ovs-agent will sit there constantly monitoring the vswitch:
Jul 3 14:25:16 control sudo: quantum : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=
Jul 3 14:25:16 control sudo: pam_unix(
Jul 3 14:25:16 control sudo: pam_unix(
Jul 3 14:25:16 control sudo: quantum : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=
Jul 3 14:25:16 control sudo: pam_unix(
Jul 3 14:25:17 control sudo: pam_unix(
Jul 3 14:25:17 control sudo: quantum : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=
Jul 3 14:25:17 control sudo: pam_unix(
Jul 3 14:25:17 control sudo: pam_unix(
and fill the disk up.
In my case, the indication was that quantum net-create wouldn't work and quantum agent-list reported all agents were dead (no heartbeats). I believe rabbit was largely inoperable.
Changed in openstack-cisco: | |
importance: | Undecided → Critical |
Changed in openstack-cisco: | |
milestone: | none → g.1 |
status: | Incomplete → Triaged |
assignee: | nobody → Chris Ricker (chris-ricker) |
Changed in openstack-cisco: | |
status: | Triaged → In Progress |
Changed in openstack-cisco: | |
status: | In Progress → Fix Committed |
I would suggest something like:
Defaults:quantum !syslog
- but this would turn off all logging of 'sudo' activity from quantum - it would be better if it were more specific, specifying the actual rootwrap command for no-log treatment.