And also I heard that there is support of a SElinux driver..
2018-05-07 12:41 GMT+03:00 Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@xxxxxxx>:
Hi, I wanted just to ask an additional question to that:how then here in the polkit documentation you distinguish users?:Consider a local userberrange
who has been granted permission to connect to libvirt in full read-write mode.2018-04-12 11:01 GMT+03:00 Erik Skultety <eskultet@xxxxxxxxxx>:Hi,On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote:
> Hello everyone,
> I have a question about logging. I need to find out whether it is possible
> to see user id/session id inside logs or somewhere else. It is not passed
> in structured across the network, so where should I look to find out, which
> user (which session) is currently performing the actions?
sorry for a late answer. As per logging (debug logs to be more precise), libvirt
doesn't log the user/client id which performed the action. Sadly, there's
currently no way to find out which client is responsible for which actions.
The only thing you can gather from libvirtd is the info about the connected
clients not the actions they perform, you can get this info using virt-admin
(needs to be run as root)
# virt-admin client-list libvirtd
Id Transport Connected since
--------------------------------------------------
1 unix 2018-04-12 09:53:46+0200
# virt-admin client-info --server libvirtd --client 1
id : 1
connection_time: 2018-04-12 09:53:46+0200
transport : unix
readonly : no
unix_user_id : 1000
unix_user_name : eskultet
unix_group_id : 1001
unix_group_name: eskultet
unix_process_id: 19053
selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Regards,
Erik
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users