Issue #10084 has been updated by Jo Rhett.
Michael Stahnke wrote: > I am of the opinion this is valid debug output. When you don't have selinux > enabled, you don't see those lines. When you do, you should see those lines, > as they *could* help with debugging. Debug logs are supposed to contain the > maximum amount of information to assist with finding a problem. The problem is that it turns 120 lines of debugging into 1200 lines of debug on a small manifest, and 500 lines of output into 1500 lines of output on a large manifest. You can't find anything you care about because it's completely surrounded with debug output that isn't useful. I don't mind selinux debugging that tells us changes in selinux attributes or state. This is useful and necessary. I don't find the debug output that simply says "this file is this state" when that state is neither being evaluated nor changed in a manifest. For example, the selinux output above which tells us the selinux state of each configuration file that puppet loads. ---------------------------------------- Bug #10084: Debug output includes way too much selinux details. https://projects.puppetlabs.com/issues/10084 Author: Jo Rhett Status: Needs Decision Priority: Normal Assignee: Sean Millichamp Category: Target version: 2.7.x Affected Puppet version: 2.6.11 Keywords: Branch: When I run "puppet agent --debug" I get about 1400 lines of selinux details, and about 120 lines of actual debug. These aren't actually changes to selinux attributes, just noting the selinux attribute of every file opened. debug: /File[/etc/puppet/auth.conf]/seluser: Found seluser default 'system_u' for /etc/puppet/auth.conf debug: /File[/etc/puppet/auth.conf]/selrole: Found selrole default 'object_r' for /etc/puppet/auth.conf debug: /File[/etc/puppet/auth.conf]/seltype: Found seltype default 'etc_t' for /etc/puppet/auth.conf debug: /File[/etc/snmp/snmpd.conf]/seluser: Found seluser default 'system_u' for /etc/snmp/snmpd.conf debug: /File[/etc/snmp/snmpd.conf]/selrole: Found selrole default 'object_r' for /etc/snmp/snmpd.conf debug: /File[/etc/snmp/snmpd.conf]/seltype: Found seltype default 'etc_t' for /etc/snmp/snmpd.conf debug: /File[/etc/nsswitch.conf]/seluser: Found seluser default 'system_u' for /etc/nsswitch.conf debug: /File[/etc/nsswitch.conf]/selrole: Found selrole default 'object_r' for /etc/nsswitch.conf debug: /File[/etc/nsswitch.conf]/seltype: Found seltype default 'etc_t' for /etc/nsswitch.conf I believe that this is unnecessary debug and makes it very difficult to track down other problems. Would Puppetlabs accept a feature request to move this selinux attribute echoing to higher or different debug level? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
