Bug 1008127

Summary: fresh install of packstack shows neutron has sudo problem
Product: [Community] RDO Reporter: Mohammed Arafa <bugzilla>
Component: openstack-neutronAssignee: RHOS Maint <rhos-maint>
Status: CLOSED NOTABUG QA Contact: Ofer Blaut <oblaut>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: chrisw, lars
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-15 15:45:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mohammed Arafa 2013-09-15 01:17:07 UTC 
Description of problem:
 this is a fresh install of packstack and just be chance i was looking through the system logs and i saw this in /var/log/secure. it is being repeated over and over again 

in 9 hours the log has reach 3.5mb in size. messages are repeated every 2 seconds.

Sep 14 21:13:23 compute02 sudo:  neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf ovs-vsctl --timeout=2 --format
=json -- --columns=name,external_ids list Interface
Sep 14 21:13:25 compute02 sudo:  neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf ovs-vsctl --timeout=2 list-por
ts br-int


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Mohammed Arafa 2013-09-19 03:25:19 UTC 
34M now
Comment 2 Lars Kellogg-Stedman 2014-01-15 15:45:40 UTC 
This command is run periodically by neutron in order to monitor the state of OVS devices.

These log messages are expected when using "sudo" to gain elevated privileges.  

You could configure your logging environment to filter them out.  You could file a bug upstream if you would like to suggest that neutron use something other than "sudo" for privilege escalation.