commit 004403c7b7c36c7e027494681b99223542df64ba
Author: Petr Malik <email address hidden>
Date: Fri Feb 20 11:59:02 2015 -0500
Do not use '/tmp' as default guestagent log location
The Problem:
Redstack sets 'GUEST_LOGDIR' to the 'log_dir' value from
'etc/trove/trove-guestagent.conf.sample' which happens to be '/tmp/'.
Aside from not being the canonical log file destination,
temporary directory in Linux is a subject to the, so called,
'restricted deletion' policy which dictates that only file owners
(and the directory owner) can delete the files, irrespective of
other access modifiers on the directory.
Redstack changes the owner of 'GUEST_LOGDIR' (default='/tmp')
to the 'trove' user. This may easily mask any potential issues with
the 'restricted deletion' that would only show up later on
production systems where '/tmp' is commonly owned by the root
(see bug/1423759).
The Solution:
Change the default value of 'log_dir' to a directory
which is not subject to the 'restricted deletion'.
Chose '/var/log/trove/' as it is a common place for
trove-related log files on the guestagent.
Reviewed: https:/ /review. openstack. org/157973 /git.openstack. org/cgit/ openstack/ trove/commit/ ?id=004403c7b7c 36c7e027494681b 99223542df64ba
Committed: https:/
Submitter: Jenkins
Branch: master
commit 004403c7b7c36c7 e027494681b9922 3542df64ba
Author: Petr Malik <email address hidden>
Date: Fri Feb 20 11:59:02 2015 -0500
Do not use '/tmp' as default guestagent log location
The Problem: trove/trove- guestagent. conf.sample' which happens to be '/tmp/'.
Redstack sets 'GUEST_LOGDIR' to the 'log_dir' value from
'etc/
Aside from not being the canonical log file destination,
temporary directory in Linux is a subject to the, so called,
'restricted deletion' policy which dictates that only file owners
(and the directory owner) can delete the files, irrespective of
other access modifiers on the directory.
Redstack changes the owner of 'GUEST_LOGDIR' (default='/tmp')
to the 'trove' user. This may easily mask any potential issues with
the 'restricted deletion' that would only show up later on
production systems where '/tmp' is commonly owned by the root
(see bug/1423759).
The Solution:
Change the default value of 'log_dir' to a directory
which is not subject to the 'restricted deletion'.
Chose '/var/log/trove/' as it is a common place for
trove-related log files on the guestagent.
Change-Id: I39d801a7e19f32 9c129a0c6df0c39 87049d16394 c4f84065ea4bf37 37960de6e24
Closes-Bug: 1423760
Related-Bug: 1423759
Depends-On: I9dd6ed543a01ec