-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Backport release-1.26] When specifying a profile, audit-log-path is not longer passed as an argument. #4441
Milestone
Comments
##Environment Details Infrastructure
Node(s) CPU architecture, OS, and version: ami-097a2df4ac947655f Linux 5.15.0-1019-aws x86_64 GNU/Linux PRETTY_NAME="Ubuntu 22.04.1 LTS" Cluster Configuration:
Config.yaml:
Reproduction
Results:
$ sudo ps -ef
Validation
Results: $ sudo ps -ef | grep -i audit
Additional context / logs: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a backport issue for #4415, automatically created via rancherbot by @brandond
Original issue description:
Environmental Info:
RKE2 Version:
v1.25.10+rke2r1, v1.26.5+rke2r1, v1.27.2+rke2r1
Node(s) CPU architecture, OS, and Version:
RHEL 7,8,9
Cluster Configuration:
1 node
Describe the bug:
If the profile is set in the config.yaml, the audit-log-path is not longer set.
Steps To Reproduce:
~]# echo "profile: cis-1.23" > /etc/rancher/rke2/config.yaml
Expected behavior:
The audit-log-path is set per the profile flag.
root 24317 6.0 4.8 1255964 391944 ? Ssl 14:13 2:55 \_ kube-apiserver --admission-control-config-file=/etc/rancher/rke2/rke2-pss.yaml --audit-log-path=/var/lib/rancher/rke2/server/logs/audit.log --audit-policy-file=/etc/rancher/rke2/audi -policy.yaml --audit-log-maxage=30 --audit-log-maxbackup=10 --audit-log-maxsize=100
Actual behavior:
The audit-log-path is no longer set
root 181256 20.9 5.8 1255624 464056 ? Ssl 17:18 0:34 \_ kube-apiserver --admission-control-config-file=/etc/rancher/rke2/rke2-pss.yaml --audit-policy-file=/etc/rancher/rke2/audit-policy.yaml --audit-log-maxage=30 --audit-log-maxbackup=10 --audit-log-maxsize=100
Additional context / logs:
The other audit arguments are passed. It is just the path that is no longer there.
The text was updated successfully, but these errors were encountered: