f5061fd022
The dictionary-based variables didn't work properly and this patch changes them to individual variables. If users followed the existing documentation, their environments will be unaffected by this change (they are still broken). The new variables follow the pattern `security_VARIABLENAME` which will soon become the standard for the role to avoid variable name collisions with other playbooks and roles. Release notes are included with this patch. Closes-bug: 1577944 Change-Id: I455f66a0b4f423e2cf0e753b129367427f29479f
445 B
445 B
Exception
The audit rules which monitor chmod,
fchmod, and fchmodat syscalls can cause high
CPU and I/O load during OpenStack-Ansible deployments and while updating
packages with apt. By default, these rules are disabled.
These audit rules can be enabled by setting any of the following variables:
security_audit_DAC_chmod: yes
security_audit_DAC_fchmod: yes
security_audit_DAC_fchmodat: yes