etcdctl snap not able to write to /var/lib/nagios/etcd-alarm-list.txt
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Etcd Charm |
Fix Released
|
Medium
|
Unassigned |
Bug Description
When we run the etcd snap in an LXD container, we see a couple of denials on the host hosting the LXD container such as:
[70955.020329] audit: type=1400 audit(168551832
In a VM for example, this works fine and I do not see the apparmor deny.
I see two ways forward to fixing the issue:
1) Add the following to the etcdctl snap apparmor profile:
/var/lib/
2) Change the cron template file in order to use tee to write the file instead of directing the output at https:/
Example:
* * * * * root [ -x /snap/bin/etcdctl ] && ETCDCTL_API=3 /snap/bin/etcdctl --endpoints=
I am happy to send a patch, just looking to know what is your preferred way of patching before sending a PR.
Thanks.
David.
Changed in charm-etcd: | |
status: | Triaged → Fix Committed |
tags: | removed: needs-review |
Changed in charm-etcd: | |
status: | Fix Committed → Fix Released |
Hey David, thanks for the report and patch offer! My preference is option 2 (| tee) over adjusting the aa profile.