Re: [PATCH v2 1/3] audit: Audit information about watchdog devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Sep 27, 2017 at 09:33:15 +0200, Michal Privoznik wrote:
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
>  src/conf/domain_audit.c  | 46 ++++++++++++++++++++++++++++++++++++++++++++++
>  src/conf/domain_audit.h  |  5 +++++
>  src/libvirt_private.syms |  1 +
>  3 files changed, 52 insertions(+)
> 
> diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
> index 4afc22019..026fafe0c 100644
> --- a/src/conf/domain_audit.c
> +++ b/src/conf/domain_audit.c

[...]

> @@ -983,3 +986,46 @@ virDomainAuditShmem(virDomainObjPtr vm,
>      VIR_FREE(shmpath);
>      return;
>  }
> +
> +
> +void
> +virDomainAuditWatchdog(virDomainObjPtr vm,
> +                       virDomainWatchdogDefPtr def,
> +                       const char *reason, bool success)
> +{
> +    char uuidstr[VIR_UUID_STRING_BUFLEN];
> +    char *vmname;
> +    char *alias = NULL;
> +    char *device = NULL;
> +    const char *virt;
> +
> +    virUUIDFormat(vm->def->uuid, uuidstr);
> +    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
> +        VIR_WARN("OOM while encoding audit message");
> +        return;
> +    }
> +
> +    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
> +        VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
> +        virt = "?";
> +    }
> +
> +    if (VIR_STRDUP_QUIET(alias, def->info.alias) < 0) {
> +        VIR_WARN("OOM while encoding audit message");
> +        goto cleanup;
> +    }
> +
> +    if (!(device = virAuditEncode("device", VIR_AUDIT_STR(alias)))) {
> +        VIR_WARN("OOM while encoding audit message");
> +        goto cleanup;
> +    }
> +
> +    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> +              "virt=%s resrc=dev reason=%s %s uuid=%s %s",
> +              virt, reason, vmname, uuidstr, device);

The audit message should identify the host resource which is used by the
VM. I doubt that the alias is a good reference to the host device in use.


Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux