Re: [ovirt-users] engine randomly updated 1 package on all my hosts overnight

I received an alert from OSSEC HIDS that a package was installed at 00:59. Nobody uses this infrastructure but me Upon investigation I find this Sep 14 00:59:18 ovirthost1 sshd[93263]: Accepted publickey for root from 10.0.16.50 port 50197 ssh2: RSA 1c:fc:0d:b8:40:2c:bf:87:f7:8f: b2:52:0b:c4:f6:4d Sep 14 00:59:18 ovirthost1 sshd[93263]: pam_unix(sshd:session): session opened for user root by (uid=0) Sep 14 00:59:46 ovirthost1 sshd[93263]: pam_unix(sshd:session): session closed for user root 10.0.16.50 is my ovirt engine And the yum log Sep 14 00:59:28 Updated: iproute-3.10.0-87.el7.x86_64 However, what is baffling to me is that this is a cluster I setup about 9 months ago and have not updated at all (its a testing env for VM systems) Why would ovirt seemingly randomly update and install a package? I know the engine checks for updates on hosts but this is the first time in my time using ovirt that ovirt instructed a host to install a package. This occurred on all of my ovirt nodes in this infrastructure (3) ovirt Version 4.0.1.1-1.el7.centos