PolicyKit and syslog
Matthew Miller
mattdm at mattdm.org
Tue Nov 24 16:26:06 UTC 2009
One of the important features of sudo is its ability to log elevated-access
actions to syslog.
Userhelper similarly logs actions, like so: "userhelper[26491]: running
'/usr/share/system-config-users/system-config-users ' with root privileges
on behalf of 'mattdm'".
PolicyKit serves a similar function, but doesn't seem to log anything.
In fact, the only use of syslog appears to be in polkit-agent-helper-1,
which logs in two possible situations -- when called with the wrong number
of arguments and when stdin is a tty. (Most other things it fprintfs to
stderr.)
I'm not bringing this up to complain -- I just want to make sure that I'm
not missing something (which happens more often than it should; *sigh*). If
I'm not missing something, is this something anyone is working on already or
has existing plans for?
--
Matthew Miller <mattdm at mattdm.org>
Senior Systems Architect
Cyberinfrastructure Labs / Instructional & Research Computing
Computing & Information Technology
Harvard School of Engineering & Applied Sciences
More information about the Fedora-security-list
mailing list