[libvirt] [PATCHv3] audit: Audit resources used by VirtIO RNG
Steve Grubb
sgrubb at redhat.com
Fri Mar 15 14:38:31 UTC 2013
On Wednesday, March 13, 2013 10:21:00 AM Daniel P. Berrange wrote:
> On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote:
> > This patch adds auditing of resources used by Virtio RNG devices. Only
> > resources on the local filesystems are audited.
> >
> > The audit logs look like:
> >
> > For the 'random' backend:
> > type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0
> > auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start
> > vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?"
> > new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd"
> > hostname=? addr=? terminal=pts/0 res=success'
> >
> > For local character device source:
> > type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0
> > auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start
> > vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?"
> > new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd"
> > hostname=? addr=? terminal=pts/0 res=success' ---
> >
> > Notes:
> > Version 3:
> > - don't log non-local resources for EGD backend
> > - change order of blocks of code to optimize
> >
> > Version 2:
> > - log also EGD backends
> > - add example of audit message to commit message
> >
> > src/conf/domain_audit.c | 120
> > ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 120
> > insertions(+)
>
> ACK, but wait 1 more day to give Steve Grubb a chance to
> raise any issues before pushing.
Sorry...looks fine. Thanks for letting me know!
-Steve
More information about the libvir-list
mailing list