Re: PolicyKit and syslog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2009-11-24 at 11:26 -0500, Matthew Miller wrote:
> One of the important features of sudo is its ability to log elevated-access
> actions to syslog.
> 
> Userhelper similarly logs actions, like so: "userhelper[26491]: running
> '/usr/share/system-config-users/system-config-users ' with root privileges
> on behalf of 'mattdm'".
> 
> PolicyKit serves a similar function, but doesn't seem to log anything.
> 
> In fact, the only use of syslog appears to be in polkit-agent-helper-1,
> which logs in two possible situations -- when called with the wrong number
> of arguments and when stdin is a tty. (Most other things it fprintfs to
> stderr.)
> 
> I'm not bringing this up to complain -- I just want to make sure that I'm
> not missing something (which happens more often than it should; *sigh*). If
> I'm not missing something, is this something anyone is working on already or
> has existing plans for?
> 

PolicyKit itself is not running anything. It is just answering the
question of a mechanism: 'is X allowed to do foo ?'. It would make more
sense for the mechanisms that use PolicyKit to log privileged actions
that they do or deny to do. 

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux