[libvirt] How to intercept the VM start event and run the identity check
Исаев Виталий Анатольевич
isaev at fintech.ru
Tue Sep 24 09:04:00 UTC 2013
Dear developers!
We are working on the project based on Red Hat Enterprise Virtualisation and Red Hat Identity Management. RHEV environment will be deployed in protected internal enterprise network. Now we are developing special admin tools in order to extend functionality of RHEL IdM and we faced with a rather difficult problem... The system should meet the increased demands of informational security, so what we are trying to implement is:
1. Intercept the event of user's VM start on the RHEL Hypervisor;
2. Suspend the VM;
3. Mount VM's disk to Hypervisor (or some other VM, for instance, admin's VM);
4. Check the integrity of the VM's system files (count md5sum etc.)
5. Unmount disk;
6. If verification is passed, start the VM, else - power off and disable VM till the decision of administrator.
Is there any opportunity to implement this within the libvirt API?
Thank you,
Vitaly Isaev,
"Fintech" JSC, Moscow, Russia
www.fintech.ru<http://www.fintech.ru>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130924/4f0c81e1/attachment-0001.htm>
More information about the libvir-list
mailing list