3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
478 B
478 B
---id: V-38543 status: opt-in tag: auditd ---
The audit rules which monitor chmod,
fchmod, and fchmodat syscalls can cause high
CPU and I/O load during OpenStack-Ansible deployments and while updating
packages with apt. By default, these rules are disabled.
These audit rules can be enabled by setting any of the following variables:
security_audit_DAC_chmod: yes
security_audit_DAC_fchmod: yes
security_audit_DAC_fchmodat: yes