[libvirt] [PATCHv2 3/8] audit: also audit cgroup controller path
Eric Blake
eblake at redhat.com
Wed Mar 9 16:59:12 UTC 2011
On 03/09/2011 08:10 AM, Daniel P. Berrange wrote:
>> + virCgroupPathOfController(cgroup, VIR_CGROUP_CONTROLLER_DEVICES,
>> + NULL, &controller);
>> +
>> + if (!(detail = virAuditEncode("cgroup", VIR_AUDIT_STR(controller)))) {
>> + VIR_WARN0("OOM while encoding audit message");
>> + goto cleanup;
>> + }
>> +
>> VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
>> - "resrc=cgroup reason=%s %s uuid=%s class=%s",
>> - reason, vmname, uuidstr, extra);
>> + "resrc=cgroup reason=%s %s uuid=%s %s class=%s",
>> + reason, vmname, uuidstr, detail, extra);
>
> I think perhaps we should make a better effort to output the
> audit event if creating 'detail' fails. eg remove the goto cleanup
> and do 'detail ? detail : "cgroup=?"' here
Sure. The VIR_AUDIT call is then likely to fail for the same OOM
reason, but we might as well try it rather than giving up right away,
since the cgroup mount point is not the central detail of the audit message.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110309/5c6e9d33/attachment-0001.sig>
More information about the libvir-list
mailing list