On Wednesday, March 13, 2013 10:21:00 AM Daniel P. Berrange wrote: > On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote: > > This patch adds auditing of resources used by Virtio RNG devices. Only > > resources on the local filesystems are audited. > > > > The audit logs look like: > > > > For the 'random' backend: > > type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 > > auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start > > vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" > > new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" > > hostname=? addr=? terminal=pts/0 res=success' > > > > For local character device source: > > type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 > > auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start > > vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" > > new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" > > hostname=? addr=? terminal=pts/0 res=success' --- > > > > Notes: > > Version 3: > > - don't log non-local resources for EGD backend > > - change order of blocks of code to optimize > > > > Version 2: > > - log also EGD backends > > - add example of audit message to commit message > > > > src/conf/domain_audit.c | 120 > > ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 120 > > insertions(+) > > ACK, but wait 1 more day to give Steve Grubb a chance to > raise any issues before pushing. Sorry...looks fine. Thanks for letting me know! -Steve -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list