On 03/13/13 11:21, Daniel P. Berrange wrote:
On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote:This patch adds auditing of resources used by Virtio RNG devices. Only resources on the local filesystems are audited. The audit logs look like: For the 'random' backend: type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success' For local character device source: type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success' --- Notes: Version 3: - don't log non-local resources for EGD backend - change order of blocks of code to optimize Version 2: - log also EGD backends - add example of audit message to commit message src/conf/domain_audit.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+)ACK, but wait 1 more day to give Steve Grubb a chance to raise any issues before pushing.
As Steve didn't respond I'm pushing the patch now. Thanks. Peter -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list