
On 03/30/2012 06:23 PM, Eric Blake wrote:
Subject: [PATCH] qemu: add audit logs when switching bridges
This adds in a standard audit log for detaching and attaching a network device when the bridge being used is changed.
All *attempts* to detach or attach a tap to a bridge are logged, along with whether or not they are successful.
The discussion about this led to the idea that the audit logs being generated are insufficient, since they don't say anything about which tap device is used, nor about which bridge it is attached to, but that should be fixed by a separate patch, and this gets the current patch properly wired into the infrastructure. --- src/qemu/qemu_hotplug.c | 36 ++++++++++++++++++++++++------------ 1 files changed, 24 insertions(+), 12 deletions(-) ACK. This looks like you have correctly called into the audit
On 03/30/2012 12:22 PM, Laine Stump wrote: framework, and I agree that a later patch to improve the audit framework to output additional useful information is now possible.
I recommend that get this in before rc2.
Thanks to Hendrik Schwartke for writing the original patch, and to Eric and Dan for the reviews and suggestions! I squashed the Auditing code into my earlier modification of Hendrik's bridge-change patch, and pushed (I also added references to the two open BZes that are related to this functionality, one upstream and one for RHEL).