Open vSwitch log files not readable by fluentd
Bug #1795609 reported by
Mark Goddard
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| kolla-ansible |
In Progress
|
Medium
|
Mark Goddard | ||
Bug Description
Open vSwitch log files (/var/log/
This was seen while adding a check in CI for readability of these files via the following command:
$ docker exec -it fluentd bash
find /var/log/kolla/ -type f | while read f; do test -r $f || echo "Cannot read $f"; done
Generally there are a few ways in which access is provided to log file for fluentd:
1. Set log file ownership to $USER:kolla, permissions to 0640.
2. Set log file ownership to $USER:$USER, permissions to 0644.
3. MariaDB is a special case, and uses 0640 with the fluentd user added to the mysql group.
Of these, 1. seems the most secure.
| Changed in kolla-ansible: | |
| assignee: | nobody → Mark Goddard (mgoddard) |
| importance: | Undecided → Medium |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to kolla-ansible (master) | #1 |
Revision history for this message
| Mark Goddard (mgoddard) wrote | #2 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Change abandoned on kolla-ansible (master) | #3 |
To post a comment you must log in.
Fix proposed to branch: master
Review: https:/