::proxy::ceilometer is broken due to permission issues
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| puppet-swift |
Fix Released
|
Critical
|
Unassigned | ||
Bug Description
When using the ceilometer middleware, swift needs access to:
/var/log/
- /var/log/ceilometer is 750, ceilometer:adm
- /var/log/
/etc/ceilometer
- /etc/ceilometer is 750, ceilometer:
- /etc/ceilometer
Adding swift to the ceilometer group does not work for ceilometer.conf because of the related bugs:
https:/
https:/
We need to find a good compromise to grant swift access to ceilometer.conf.
For the logs, there are several options - I think the cleanest would be to change the default logging for swift from /dev/log (syslog) to /var/log/swift and move the ceilometer logs to /var/log/swift.
| David Moreau Simard (dmsimard) wrote | #1 |
| David Moreau Simard (dmsimard) wrote | #2 |
| David Moreau Simard (dmsimard) wrote | #3 |
| Changed in puppet-swift: | |
| status: | New → Fix Committed |
| importance: | Undecided → Critical |
| Changed in puppet-swift: | |
| milestone: | none → 6.0.0 |
| Changed in puppet-swift: | |
| status: | Fix Committed → Fix Released |
FYI This is more complex than I initially thought since puppet-ceilometer enforces folder permissions on /etc/ceilometer and /etc/ceilometer
I'm looking at pushing a patch in swift at this time.