chef-cookbooks icon indicating copy to clipboard operation
chef-cookbooks copied to clipboard

Published 20 hours ago verified publisher icon rcbops

[openstack-logging] Ubuntu /var/log/auth.log growing too large with useless messages

Open jameswthorne opened this issue 11 years ago • 4 comments
trafficstars

This seems to only happen on Ubuntu, but /var/log/auth.log on the controller and compute nodes is being written to every two seconds with the following useless message:

sudo:  quantum : TTY=unknown ; PWD=/ ; USER=root ; \
COMMAND=/usr/bin/quantum-rootwrap /etc/quantum/rootwrap.conf \
ovs-vsctl --timeout=2 --format=json -- --columns=name,external_ids list Interface

At one customer this one log file was 20+ GB in size.

This looks to be because of the following:

https://ask.openstack.org/en/question/2596/why-is-this-ovs-vsctl-running-so-often/

This is moderately related to #756.

jameswthorne avatar Mar 24 '14 20:03 jameswthorne

Surfing for launchpads:

  • https://bugs.launchpad.net/openstack-cisco/+bug/1197428

claco avatar Mar 24 '14 20:03 claco

Also it's possible to disable sudo logging for just this command (if really needed) by doing something similar to the following in /etc/sudoers:

Cmnd_Alias QUANTUM_ROOTWRAP = /usr/bin/quantum-rootwrap
Defaults!QUANTUM_ROOTWRAP !syslog

( I haven't done it - just pointing out the possibility. )

brc avatar Mar 24 '14 21:03 brc

@jameswthorne Did you implement any specific version of this fix for the impacted customers, or will the simple fix above ignoring that command work?

claco avatar May 28 '14 18:05 claco

@claco I did not implement any fixes. I encountered it at one customer and told them I would open a GitHub Issue for it. The simple fix above should work. I don't see why this command needs to be logged every 2 seconds.

jameswthorne avatar May 28 '14 18:05 jameswthorne