[libvirt] [PATCH] audit: properly encode device path in cgroup audit
https://bugzilla.redhat.com/show_bug.cgi?id=922186 Commit d04916fa introduced a regression in audit quality - even though the code was computing the proper escaped name for a path, it wasn't feeding that escaped name on to the audit message. As a result, /var/log/audit/audit.log would mention a field path=/dev/hpet instead of the intended path="/dev/hpet", which in turn caused ausearch to format the audit log as path=(null). * src/conf/domain_audit.c (virDomainAuditCgroupPath): Use constructed encoding. Signed-off-by: Eric Blake <eblake@redhat.com> --- A rather embarrassing bug of mine, especially since it took two years to find that such a trivial fix was needed. src/conf/domain_audit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 85d97b4..6d0ae48 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -1,7 +1,7 @@ /* * domain_audit.c: Domain audit management * - * Copyright (C) 2006-2012 Red Hat, Inc. + * Copyright (C) 2006-2013 Red Hat, Inc. * Copyright (C) 2006 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -682,8 +682,8 @@ virDomainAuditCgroupPath(virDomainObjPtr vm, virCgroupPtr cgroup, rdev = virDomainAuditGetRdev(path); if (!(detail = virAuditEncode("path", path)) || - virAsprintf(&extra, "path path=%s rdev=%s acl=%s", - path, VIR_AUDIT_STR(rdev), perms) < 0) { + virAsprintf(&extra, "path %s rdev=%s acl=%s", + detail, VIR_AUDIT_STR(rdev), perms) < 0) { VIR_WARN("OOM while encoding audit message"); goto cleanup; } -- 1.8.1.4
On 04/19/2013 01:36 PM, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=922186
Commit d04916fa introduced a regression in audit quality - even though the code was computing the proper escaped name for a path, it wasn't feeding that escaped name on to the audit message. As a result, /var/log/audit/audit.log would mention a field path=/dev/hpet instead of the intended path="/dev/hpet", which in turn caused ausearch to format the audit log as path=(null).
* src/conf/domain_audit.c (virDomainAuditCgroupPath): Use constructed encoding.
Signed-off-by: Eric Blake <eblake@redhat.com> ---
A rather embarrassing bug of mine, especially since it took two years to find that such a trivial fix was needed.
src/conf/domain_audit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 85d97b4..6d0ae48 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -1,7 +1,7 @@ /* * domain_audit.c: Domain audit management * - * Copyright (C) 2006-2012 Red Hat, Inc. + * Copyright (C) 2006-2013 Red Hat, Inc. * Copyright (C) 2006 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -682,8 +682,8 @@ virDomainAuditCgroupPath(virDomainObjPtr vm, virCgroupPtr cgroup, rdev = virDomainAuditGetRdev(path);
if (!(detail = virAuditEncode("path", path)) || - virAsprintf(&extra, "path path=%s rdev=%s acl=%s", - path, VIR_AUDIT_STR(rdev), perms) < 0) { + virAsprintf(&extra, "path %s rdev=%s acl=%s", + detail, VIR_AUDIT_STR(rdev), perms) < 0) { VIR_WARN("OOM while encoding audit message"); goto cleanup; }
ACK.
On 04/19/2013 12:02 PM, Laine Stump wrote:
On 04/19/2013 01:36 PM, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=922186
Commit d04916fa introduced a regression in audit quality - even though the code was computing the proper escaped name for a path, it wasn't feeding that escaped name on to the audit message. As a result, /var/log/audit/audit.log would mention a field path=/dev/hpet instead of the intended path="/dev/hpet", which in turn caused ausearch to format the audit log as path=(null).
After some IRC discussion asking about the "path path" in the message, I amended my commit message; this string is a substring fed into a larger class=path path=... of the audit message.
ACK.
Pushed now. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (2)
-
Eric Blake -
Laine Stump