On Mon, Oct 10, 2016 at 08:18:04PM +0800, Chen Hanxiao wrote:
At 2016-10-10 19:24:02, "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote:On Mon, Oct 10, 2016 at 07:19:57PM +0800, Chen Hanxiao wrote:From: Chen Hanxiao <chenhanxiao@xxxxxxxxx> This patch add audit info for panic notifier devices.The audit code only emits audit information for cases where QEMU is using some resource on the host. The panic device does not have any host backend, so there's no reason to audit it.Thanks for the clarification. But should we doc it in auditlog.html.in?
Audit is, by definition, meant for auditing what do we allow qemu to do. So that later you can see what domains had access to what resources on the system. Doesn't make much sense stating that explicitly there, but it's easy to get someone confused, so I wouldn't be totally against adding one sentence to the Introduction, I guess.
Regards, - Chen -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
Attachment:
signature.asc
Description: Digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list