Re: [PATCH 3/6] Add virtualization type in audit messages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 07/04/2011 05:33 AM, Daniel P. Berrange wrote:
> Since a host can run several different virtualization types at
> the same time, audit messages should allow domains to be identified.
> Add a 'virt={qemu,kvm,uml,lxc,...}' key to domain audit messages
> 
> * src/conf/domain_audit.c: Identify virt type of guest
> ---
>  src/conf/domain_audit.c |   89 ++++++++++++++++++++++++++++++++++++++---------
>  1 files changed, 72 insertions(+), 17 deletions(-)
> 
> diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
> index 20f6ddc..9b7ced7 100644
> --- a/src/conf/domain_audit.c
> +++ b/src/conf/domain_audit.c
> @@ -67,6 +67,7 @@ virDomainAuditDisk(virDomainObjPtr vm,
>      char *vmname;
>      char *oldsrc = NULL;
>      char *newsrc = NULL;
> +    const char *virt;
>  
>      virUUIDFormat(vm->def->uuid, uuidstr);
>      if (!(vmname = virAuditEncode("vm", vm->def->name))) {
> @@ -74,6 +75,11 @@ virDomainAuditDisk(virDomainObjPtr vm,
>          return;
>      }
>  
> +    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
> +        VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
> +        virt = "?";
> +    }

Hmm.  Since we have a lot of audit messages that all want to format both
uuid and virt type, should we factor that into a helper method?

> @@ -88,8 +94,8 @@ virDomainAuditDisk(virDomainObjPtr vm,
>      }
>  
>      VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> -              "resrc=disk reason=%s %s uuid=%s %s %s",
> -              reason, vmname, uuidstr,
> +              "virt=%s resrc=disk reason=%s %s uuid=%s %s %s",

But for factoring it to be useful, you'd want to replace:

"virt=%s uuid=%s", virt, uuid

with

"%s", virDomainAuditID(vm)

where virDomainAuditID generates "virt=... uuid=..." for the given vm?

That would also mean listing the virt=%s next to the uuid=%s, rather
than splitting them with resrc= and reason= in the middle.

Up to you if you want to rewrite this patch to rearrange the key-value
pairs in the audit output and use a helper method rather than doing lots
of code duplication.  But what you have does the job, so I'm comfortable
with:

ACK.

-- 
Eric Blake   eblake@xxxxxxxxxx    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]