* src/lxc/lxc_driver.c: Add auditing hooks
---
src/lxc/lxc_driver.c | 13 ++++++++++++-
1 files changed, 12 insertions(+), 1 deletions(-)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 7220a9b..3ee2f25 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -51,6 +51,7 @@
#include "hooks.h"
#include "files.h"
#include "fdstream.h"
+#include "domain_audit.h"
#include "domain_nwfilter.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -1269,6 +1270,7 @@ static void lxcMonitorEvent(int watch,
event = virDomainEventNewFromObj(vm,
VIR_DOMAIN_EVENT_STOPPED,
VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN);
+ virDomainAuditStop(vm, "shutdown");
}
if (!vm->persistent) {
virDomainRemoveInactive(&driver->domains, vm);
@@ -1700,10 +1702,14 @@ static int lxcDomainStartWithFlags(virDomainPtr dom, unsigned int flags)
ret = lxcVmStart(dom->conn, driver, vm, VIR_DOMAIN_RUNNING_BOOTED);
- if (ret == 0)
+ if (ret == 0) {
event = virDomainEventNewFromObj(vm,
VIR_DOMAIN_EVENT_STARTED,
VIR_DOMAIN_EVENT_STARTED_BOOTED);
+ virDomainAuditStart(vm, "booted", true);
+ } else {
+ virDomainAuditStart(vm, "booted", false);
+ }
cleanup:
if (vm)
@@ -1770,6 +1776,7 @@ lxcDomainCreateAndStart(virConnectPtr conn,
def = NULL;
if (lxcVmStart(conn, driver, vm, VIR_DOMAIN_RUNNING_BOOTED) < 0) {
+ virDomainAuditStart(vm, "booted", false);
virDomainRemoveInactive(&driver->domains, vm);
vm = NULL;
goto cleanup;
@@ -1778,6 +1785,7 @@ lxcDomainCreateAndStart(virConnectPtr conn,
event = virDomainEventNewFromObj(vm,
VIR_DOMAIN_EVENT_STARTED,
VIR_DOMAIN_EVENT_STARTED_BOOTED);
+ virDomainAuditStart(vm, "booted", true);
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
@@ -1938,6 +1946,7 @@ static int lxcDomainDestroy(virDomainPtr dom)
event = virDomainEventNewFromObj(vm,
VIR_DOMAIN_EVENT_STOPPED,
VIR_DOMAIN_EVENT_STOPPED_DESTROYED);
+ virDomainAuditStop(vm, "destroyed");
if (!vm->persistent) {
virDomainRemoveInactive(&driver->domains, vm);
vm = NULL;
@@ -1984,6 +1993,7 @@ lxcAutostartDomain(void *payload, const void *name ATTRIBUTE_UNUSED, void *opaqu
!virDomainObjIsActive(vm)) {
int ret = lxcVmStart(data->conn, data->driver, vm,
VIR_DOMAIN_RUNNING_BOOTED);
+ virDomainAuditStart(vm, "booted", ret >= 0);
if (ret < 0) {
virErrorPtr err = virGetLastError();
VIR_ERROR(_("Failed to autostart VM '%s': %s"),
@@ -2052,6 +2062,7 @@ lxcReconnectVM(void *payload, const void *name ATTRIBUTE_UNUSED, void *opaque)
lxcMonitorEvent,
vm, NULL)) < 0) {
lxcVmTerminate(driver, vm, VIR_DOMAIN_SHUTOFF_FAILED);
+ virDomainAuditStop(vm, "failed");
goto cleanup;
}
} else {
--
1.7.4.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list