On Wed, Oct 27, 2010 at 03:39:02PM +0100, Daniel P. Berrange wrote:
On Wed, Oct 27, 2010 at 04:33:03PM +0200, Daniel Veillard wrote:
On Wed, Oct 27, 2010 at 12:36:15PM +0100, Daniel P. Berrange wrote:
Add audit hooks to report all start and stop events on QEMU guest domains.
* src/qemu/qemu_driver.c: Audit start/stop events --- src/qemu/qemu_driver.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++- 1 files changed, 57 insertions(+), 2 deletions(-)
patch 1-4 trivial ACKs
One of the differences if we lock down in the driver (beside the redundancy that will be needed) is that we end up writing to the audit system deep in the driver with all the locks needed for operation. Is there a risk of being blocked while writing to the audit system ? This could potentially be a problem because all operations on the domain would be stopped during that time.
Quite possibly, but I believe audit people would describe this scenario as a feature, rather than a bug :-)
Grumpf ... :-( I'm fine with allowing code which can monitor/affect normal operation behaviour but it must be off by default then. There is no default set in daemon/libvirtd.conf for audit_level, I would like to see an assumed value of 0 then, is that the case ? Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/