On Wed, Oct 27, 2010 at 03:39:02PM +0100, Daniel P. Berrange wrote: > On Wed, Oct 27, 2010 at 04:33:03PM +0200, Daniel Veillard wrote: > > On Wed, Oct 27, 2010 at 12:36:15PM +0100, Daniel P. Berrange wrote: > > > Add audit hooks to report all start and stop events on QEMU > > > guest domains. > > > > > > * src/qemu/qemu_driver.c: Audit start/stop events > > > --- > > > src/qemu/qemu_driver.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++- > > > 1 files changed, 57 insertions(+), 2 deletions(-) > > > > patch 1-4 trivial ACKs > > > > One of the differences if we lock down in the driver (beside the > > redundancy that will be needed) is that we end up writing to the > > audit system deep in the driver with all the locks needed for operation. > > Is there a risk of being blocked while writing to the audit system ? > > This could potentially be a problem because all operations on the > > domain would be stopped during that time. > > Quite possibly, but I believe audit people would describe this scenario > as a feature, rather than a bug :-) Grumpf ... :-( I'm fine with allowing code which can monitor/affect normal operation behaviour but it must be off by default then. There is no default set in daemon/libvirtd.conf for audit_level, I would like to see an assumed value of 0 then, is that the case ? Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list