[Openstack] compute node secure message flood rootwrap.conf ovs-ofctl dump-flows br-int table=22
Chris
contact at progbau.de
Wed Mar 25 03:26:26 UTC 2015
Hello Lars,
Thank you for the very detailed explanation, highly appreciated!
Cheers
Chris
-----Original Message-----
From: Lars Kellogg-Stedman [mailto:lars at redhat.com]
Sent: Tuesday, March 24, 2015 19:53
To: Chris
Cc: openstack at lists.openstack.org; rdo-list at redhat.com
Subject: Re: [Openstack] compute node secure message flood rootwrap.conf
ovs-ofctl dump-flows br-int table=22
On Tue, Mar 24, 2015 at 02:22:18PM +0700, Chris wrote:
> On our compute nodes the /var/log/secure log get flooded with the same
> kind of messages:
>
> Mar 22 10:17:57 xxx sudo: neutron : TTY=unknown ; PWD=/ ; USER=root ;
> COMMAND=/usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf ovs-ofctl
> dump-flows br-int table=22
>
> Any hint what's the purpose of this and how to fix it?
The purpose is that neutron is monitoring the flow rules in that particular
table, probably in order ensure they remain correct.
Because neutron is running as an unprivileged user, it needs to use "sudo"
to gain elevated privileges.
The `sudo` command is, by default, quite verbose, which makes sense in an
environment where 'sudo' commands happen rarely as the result of manual
administrator actions. In an environment where it is part of frequent
automated tasks it can be an annoyance.
You can disable these messages for a *particular* user using syntax like
this:
Defaults:neutron !syslog
This will disable syslogging of sudo activity for user "neutron" while still
leaving it enabled for everyone else.
--
Lars Kellogg-Stedman <lars at redhat.com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack | http://blog.oddbit.com/
More information about the Openstack
mailing list