[libvirt] [PATCH] audit: add audit information about panic devices
Martin Kletzander
mkletzan at redhat.com
Mon Oct 10 13:23:21 UTC 2016
On Mon, Oct 10, 2016 at 08:18:04PM +0800, Chen Hanxiao wrote:
>
>At 2016-10-10 19:24:02, "Daniel P. Berrange" <berrange at redhat.com> wrote:
>>On Mon, Oct 10, 2016 at 07:19:57PM +0800, Chen Hanxiao wrote:
>>> From: Chen Hanxiao <chenhanxiao at gmail.com>
>>>
>>> This patch add audit info for panic notifier devices.
>>
>>The audit code only emits audit information for cases where QEMU is
>>using some resource on the host. The panic device does not have any
>>host backend, so there's no reason to audit it.
>
>Thanks for the clarification.
>But should we doc it in auditlog.html.in?
>
Audit is, by definition, meant for auditing what do we allow qemu to
do. So that later you can see what domains had access to what resources
on the system. Doesn't make much sense stating that explicitly there,
but it's easy to get someone confused, so I wouldn't be totally against
adding one sentence to the Introduction, I guess.
>Regards,
>- Chen
>
>--
>libvir-list mailing list
>libvir-list at redhat.com
>https://www.redhat.com/mailman/listinfo/libvir-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20161010/c86e9226/attachment-0001.sig>
More information about the libvir-list
mailing list