[libvirt-users] User name / session idin logs

Hello everyone, I have a question about logging. I need to find out whether it is possible to see user id/session id inside logs or somewhere else. It is not passed in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?

On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote:
Hello everyone, I have a question about logging. I need to find out whether it is possible to see user id/session id inside logs or somewhere else. It is not passed in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?
Hi, sorry for a late answer. As per logging (debug logs to be more precise), libvirt doesn't log the user/client id which performed the action. Sadly, there's currently no way to find out which client is responsible for which actions. The only thing you can gather from libvirtd is the info about the connected clients not the actions they perform, you can get this info using virt-admin (needs to be run as root) # virt-admin client-list libvirtd Id Transport Connected since -------------------------------------------------- 1 unix 2018-04-12 09:53:46+0200 # virt-admin client-info --server libvirtd --client 1 id : 1 connection_time: 2018-04-12 09:53:46+0200 transport : unix readonly : no unix_user_id : 1000 unix_user_name : eskultet unix_group_id : 1001 unix_group_name: eskultet unix_process_id: 19053 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 Regards, Erik

Hi, I wanted just to ask an additional question to that: how then here in the polkit documentation you distinguish users?: Consider a local user berrange who has been granted permission to connect
to libvirt in full read-write mode.
2018-04-12 11:01 GMT+03:00 Erik Skultety <eskultet@redhat.com>:
Hello everyone, I have a question about logging. I need to find out whether it is
On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote: possible
to see user id/session id inside logs or somewhere else. It is not passed in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?
Hi, sorry for a late answer. As per logging (debug logs to be more precise), libvirt doesn't log the user/client id which performed the action. Sadly, there's currently no way to find out which client is responsible for which actions. The only thing you can gather from libvirtd is the info about the connected clients not the actions they perform, you can get this info using virt-admin (needs to be run as root)
# virt-admin client-list libvirtd Id Transport Connected since -------------------------------------------------- 1 unix 2018-04-12 09:53:46+0200
# virt-admin client-info --server libvirtd --client 1 id : 1 connection_time: 2018-04-12 09:53:46+0200 transport : unix readonly : no unix_user_id : 1000 unix_user_name : eskultet unix_group_id : 1001 unix_group_name: eskultet unix_process_id: 19053 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Regards, Erik

And also I heard that there is support of a SElinux driver.. 2018-05-07 12:41 GMT+03:00 Anastasiya Ruzhanskaya < anastasiya.ruzhanskaya@frtk.ru>:
Hi, I wanted just to ask an additional question to that: how then here in the polkit documentation you distinguish users?:
Consider a local user berrange who has been granted permission to connect
to libvirt in full read-write mode.
2018-04-12 11:01 GMT+03:00 Erik Skultety <eskultet@redhat.com>:
Hello everyone, I have a question about logging. I need to find out whether it is
to see user id/session id inside logs or somewhere else. It is not
On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote: possible passed
in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?
Hi, sorry for a late answer. As per logging (debug logs to be more precise), libvirt doesn't log the user/client id which performed the action. Sadly, there's currently no way to find out which client is responsible for which actions. The only thing you can gather from libvirtd is the info about the connected clients not the actions they perform, you can get this info using virt-admin (needs to be run as root)
# virt-admin client-list libvirtd Id Transport Connected since -------------------------------------------------- 1 unix 2018-04-12 09:53:46+0200
# virt-admin client-info --server libvirtd --client 1 id : 1 connection_time: 2018-04-12 09:53:46+0200 transport : unix readonly : no unix_user_id : 1000 unix_user_name : eskultet unix_group_id : 1001 unix_group_name: eskultet unix_process_id: 19053 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Regards, Erik
participants (2)
-
Anastasiya Ruzhanskaya
-
Erik Skultety