Bug 1008127 - fresh install of packstack shows neutron has sudo problem
fresh install of packstack shows neutron has sudo problem
Status: CLOSED NOTABUG
Product: RDO
Classification: Community
Component: openstack-neutron (Show other bugs)
unspecified
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: RHOS Maint
Ofer Blaut
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-14 21:17 EDT by Mohammed Arafa
Modified: 2016-04-26 10:48 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-15 10:45:40 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mohammed Arafa 2013-09-14 21:17:07 EDT
Description of problem:
 this is a fresh install of packstack and just be chance i was looking through the system logs and i saw this in /var/log/secure. it is being repeated over and over again 

in 9 hours the log has reach 3.5mb in size. messages are repeated every 2 seconds.

Sep 14 21:13:23 compute02 sudo:  neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf ovs-vsctl --timeout=2 --format
=json -- --columns=name,external_ids list Interface
Sep 14 21:13:25 compute02 sudo:  neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf ovs-vsctl --timeout=2 list-por
ts br-int


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Mohammed Arafa 2013-09-18 23:25:19 EDT
34M now
Comment 2 Lars Kellogg-Stedman 2014-01-15 10:45:40 EST
This command is run periodically by neutron in order to monitor the state of OVS devices.

These log messages are expected when using "sudo" to gain elevated privileges.  

You could configure your logging environment to filter them out.  You could file a bug upstream if you would like to suggest that neutron use something other than "sudo" for privilege escalation.

Note You need to log in before you can comment on or make changes to this bug.