On 03/30/2012 06:23 PM, Eric Blake wrote: > On 03/30/2012 12:22 PM, Laine Stump wrote: >> Subject: [PATCH] qemu: add audit logs when switching bridges >> >> This adds in a standard audit log for detaching and attaching a >> network device when the bridge being used is changed. >> >> All *attempts* to detach or attach a tap to a bridge are logged, along >> with whether or not they are successful. >> >> The discussion about this led to the idea that the audit logs being >> generated are insufficient, since they don't say anything about which >> tap device is used, nor about which bridge it is attached to, but that >> should be fixed by a separate patch, and this gets the current patch >> properly wired into the infrastructure. >> --- >> src/qemu/qemu_hotplug.c | 36 ++++++++++++++++++++++++------------ >> 1 files changed, 24 insertions(+), 12 deletions(-) > ACK. This looks like you have correctly called into the audit > framework, and I agree that a later patch to improve the audit framework > to output additional useful information is now possible. > > I recommend that get this in before rc2. Thanks to Hendrik Schwartke for writing the original patch, and to Eric and Dan for the reviews and suggestions! I squashed the Auditing code into my earlier modification of Hendrik's bridge-change patch, and pushed (I also added references to the two open BZes that are related to this functionality, one upstream and one for RHEL). -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list