f5061fd022
The dictionary-based variables didn't work properly and this patch changes them to individual variables. If users followed the existing documentation, their environments will be unaffected by this change (they are still broken). The new variables follow the pattern `security_VARIABLENAME` which will soon become the standard for the role to avoid variable name collisions with other playbooks and roles. Release notes are included with this patch. Closes-bug: 1577944 Change-Id: I455f66a0b4f423e2cf0e753b129367427f29479f
423 B
423 B
Exception
The audit rules for monitoring deleted files can cause very high system load during OpenStack-Ansible deployments and during package updates using apt. It's recommended that deployers keep these rules disabled unless they're explicitly required.
These rules are disabled by default, but they can be enabled by setting the following Ansible variable:
security_audit_deletions: yes