Remove some of the excessive rabbitmq bundle logging
By removing the pam-systemd optinal session line we get rid of the
following line:
pam_systemd(su:session): Failed to connect to system bus: No such file or directory
It is useless inside a container anyway since the pam_systemd module
registers user sessions.
By adding a sufficient pam_succeed_if call fo when the user belongs to the
rabbitmq group we get rid of the following spurious log:
Oct 23 13:52:52 overcloud-controller-0 su: pam_unix(su:session): session opened for user rabbitmq by (uid=0)
Oct 23 13:52:54 overcloud-controller-0 su: pam_unix(su:session): session closed for user rabbitmq
We do not need this inside a container anyway. In the future (w/
pam_unix 1.2.0 and onwards we will be able to use the quiet option
instead).
NB: cherry-pick not %100 clean due to slightly changed diff context
Depends-On: Ic0789da4645a4ee186d82ad7d943de78d4d5c443
Change-Id: Icd199ca4ce4848c971488d8ab69e668add86b150
Related-Bug: #1806451
(cherry picked from commit 44985bd42d
)
This commit is contained in:
parent
01201c3b13
commit
608096fb3c
|
@ -118,6 +118,20 @@ class tripleo::profile::pacemaker::rabbitmq_bundle (
|
|||
replace => true,
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
file_line { 'rabbitmq-pamd-systemd':
|
||||
ensure => absent,
|
||||
path => '/etc/pam.d/system-auth',
|
||||
match => '^-session\s+optional\s+pam_systemd.so',
|
||||
match_for_absence => true,
|
||||
}
|
||||
# Note that once we move to RHEL8 where pam_unix.so supports the quiet option
|
||||
# we can just add quiet to the pam_unix option for the session module and remove this one
|
||||
file_line { 'rabbitmq-pamd-succeed':
|
||||
ensure => present,
|
||||
path => '/etc/pam.d/system-auth',
|
||||
line => 'session sufficient pam_succeed_if.so quiet_success user ingroup rabbitmq',
|
||||
after => '^session.*pam_limits.so'
|
||||
}
|
||||
|
||||
if $step >= 1 and $pacemaker_master and hiera('stack_action') == 'UPDATE' {
|
||||
tripleo::pacemaker::resource_restart_flag { 'rabbitmq-clone':
|
||||
|
|
Loading…
Reference in New Issue