[Bug 1533724] Update Released

Brian Murray brian at ubuntu.com
Tue Aug 9 19:09:23 UTC 2016 

The verification of the Stable Release Update for python-
keystonemiddleware has completed successfully and the package has now
been released to -updates.  Subsequently, the Ubuntu Stable Release
Updates Team is being unsubscribed and will not receive messages about
this bug report.  In the event that you encounter a regression using the
package from -updates please report a new bug using ubuntu-bug and tag
the bug report regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1533724

Title:
  [SRU] keystone-signing folders fill /tmp and seriously slow down
  reboots

Status in Ubuntu Cloud Archive:
  Triaged
Status in Ubuntu Cloud Archive mitaka series:
  Fix Committed
Status in keystonemiddleware:
  Fix Released
Status in python-keystonemiddleware package in Ubuntu:
  Fix Released
Status in python-keystonemiddleware source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  During a night maintenance and reboot of a control (non-keystone node)
  that had been up for around 300 days, we found that we have over 144k
  keystone-signing- folders in /tmp. This caused the maintenance window
  to be missed because it took so long to clean /tmp on reboot. It is my
  understanding that these folders are for PKI. We don't use PKI and
  would like to the option to disable the creation of these folders.

  [PROD] root at control-002:/tmp# ls -al | grep keystone-sign | wc -l
  144200

  more info, the folders are owned by non-keystone services, mainly
  glance for us:

  drwx------  2 glance        glance              4096 Jul  9  2015 keystone-signing-zZocUc
  drwx------  2 glance        glance              4096 Jul 20 07:55 keystone-signing-ZZOibD
  drwx------  2 designate     designate           4096 May 26  2015 keystone-signing-ZZoKgT
  drwx------  2 glance        glance              4096 Jul 14  2015 keystone-signing-zzOmtb
  drwx------  2 glance        glance              4096 Jul 12  2015 keystone-signing-zzOubp
  drwx------  2 glance        glance              4096 Jul 15 17:22 keystone-signing-zzpD6x
  drwx------  2 designate     designate           4096 Jun  9  2015 keystone-signing-ZzPeNQ
  drwx------  2 glance        glance              4096 Jul  2  2015 keystone-signing-ZZPJ4H
  drwx------  2 glance        glance              4096 Jul  9  2015 keystone-signing-zZPnd0
  drwx------  2 designate     designate           4096 May 20  2015 keystone-signing-ZZQK3i
  drwx------  2 glance        glance              4096 Jun 30  2015 keystone-signing-ZZQmEI

  [Test Case]

  See above.

  [Regression Potential]

  The fix is contained in an upstream stable point release which we're
  releasing to ubuntu xenial. The regression potential is fairly minimal
  since upstream is very careful with what gets into stable point
  releases.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1533724/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list