[libvirt] [PATCH 4/6] Add auditing to the LXC driver

Monday, 4 July 2011

* src/lxc/lxc_driver.c: Add auditing hooks
---
 src/lxc/lxc_driver.c |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 7220a9b..3ee2f25 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -51,6 +51,7 @@
 #include "hooks.h"
 #include "files.h"
 #include "fdstream.h"
+#include "domain_audit.h"
 #include "domain_nwfilter.h"
 
 #define VIR_FROM_THIS VIR_FROM_LXC
@@ -1269,6 +1270,7 @@ static void lxcMonitorEvent(int watch,
         event = virDomainEventNewFromObj(vm,
                                          VIR_DOMAIN_EVENT_STOPPED,
                                          VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN);
+        virDomainAuditStop(vm, "shutdown");
     }
     if (!vm->persistent) {
         virDomainRemoveInactive(&driver->domains, vm);
@@ -1700,10 +1702,14 @@ static int lxcDomainStartWithFlags(virDomainPtr dom, unsigned int
flags)
 
     ret = lxcVmStart(dom->conn, driver, vm, VIR_DOMAIN_RUNNING_BOOTED);
 
-    if (ret == 0)
+    if (ret == 0) {
         event = virDomainEventNewFromObj(vm,
                                          VIR_DOMAIN_EVENT_STARTED,
                                          VIR_DOMAIN_EVENT_STARTED_BOOTED);
+        virDomainAuditStart(vm, "booted", true);
+    } else {
+        virDomainAuditStart(vm, "booted", false);
+    }
 
 cleanup:
     if (vm)
@@ -1770,6 +1776,7 @@ lxcDomainCreateAndStart(virConnectPtr conn,
     def = NULL;
 
     if (lxcVmStart(conn, driver, vm, VIR_DOMAIN_RUNNING_BOOTED) < 0) {
+        virDomainAuditStart(vm, "booted", false);
         virDomainRemoveInactive(&driver->domains, vm);
         vm = NULL;
         goto cleanup;
@@ -1778,6 +1785,7 @@ lxcDomainCreateAndStart(virConnectPtr conn,
     event = virDomainEventNewFromObj(vm,
                                      VIR_DOMAIN_EVENT_STARTED,
                                      VIR_DOMAIN_EVENT_STARTED_BOOTED);
+    virDomainAuditStart(vm, "booted", true);
 
     dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
     if (dom)
@@ -1938,6 +1946,7 @@ static int lxcDomainDestroy(virDomainPtr dom)
     event = virDomainEventNewFromObj(vm,
                                      VIR_DOMAIN_EVENT_STOPPED,
                                      VIR_DOMAIN_EVENT_STOPPED_DESTROYED);
+    virDomainAuditStop(vm, "destroyed");
     if (!vm->persistent) {
         virDomainRemoveInactive(&driver->domains, vm);
         vm = NULL;
@@ -1984,6 +1993,7 @@ lxcAutostartDomain(void *payload, const void *name ATTRIBUTE_UNUSED,
void *opaqu
         !virDomainObjIsActive(vm)) {
         int ret = lxcVmStart(data->conn, data->driver, vm,
                              VIR_DOMAIN_RUNNING_BOOTED);
+        virDomainAuditStart(vm, "booted", ret >= 0);
         if (ret < 0) {
             virErrorPtr err = virGetLastError();
             VIR_ERROR(_("Failed to autostart VM '%s': %s"),
@@ -2052,6 +2062,7 @@ lxcReconnectVM(void *payload, const void *name ATTRIBUTE_UNUSED,
void *opaque)
                  lxcMonitorEvent,
                  vm, NULL)) < 0) {
             lxcVmTerminate(driver, vm, VIR_DOMAIN_SHUTOFF_FAILED);
+            virDomainAuditStop(vm, "failed");
             goto cleanup;
         }
     } else {
-- 
1.7.4.4


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 4/6] Add auditing to the LXC driver