98fdd520a0
This patch disables all of the discretionary access control (DAC) auditing in auditd. This should reduce the volume of logs created during deployments and during OpenStack CI jobs. The patch also corrects an incorrect key in the audit logs for V-38568. Closes-Bug: 1620849 Change-Id: I193f739647cfb7d0ce395984b51867bf6bd46cd8
13 lines
356 B
ReStructuredText
13 lines
356 B
ReStructuredText
**Exception**
|
|
|
|
The audit rules for permission changes made with ``chown`` are disabled by
|
|
default as they can generate an excessive amount of logs in a short period of
|
|
time, especially during a deployment.
|
|
|
|
Deployers can enable auditing for ``chown`` usage by setting the following
|
|
Ansible variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_audit_DAC_chown: yes
|