mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-09-24 08:25:45 +00:00
a615833664
Currently the LXC driver logs audit messages when a container is started or stopped. These audit messages, however, contain the PID of the libvirt_lxc supervisor process. To enable sysadmins to correlate with audit messages generated by processes /inside/ the container, we need to include the container init process PID. We can't do this in the main 'start' audit message, since the init PID is not available at that point. Instead we output a completely new audit record, that lists both PIDs. type=VIRT_CONTROL msg=audit(1353433750.071:363): pid=20180 uid=0 auid=501 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=lxc op=init vm="busy" uuid=dda7b947-0846-1759-2873-0f375df7d7eb vm-pid=20371 init-pid=20372 exe="/home/berrange/src/virt/libvirt/daemon/.libs/lt-libvirtd" hostname=? addr=? terminal=pts/6 res=success' Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
64 lines
2.3 KiB
C
64 lines
2.3 KiB
C
/*
|
|
* Copyright (C) 2010-2012 Red Hat, Inc.
|
|
*
|
|
* lxc_monitor.h: client for LXC controller monitor
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library. If not, see
|
|
* <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef __LXC_MONITOR_H__
|
|
# define __LXC_MONITOR_H__
|
|
|
|
# include "virobject.h"
|
|
# include "domain_conf.h"
|
|
# include "lxc_protocol.h"
|
|
|
|
typedef struct _virLXCMonitor virLXCMonitor;
|
|
typedef virLXCMonitor *virLXCMonitorPtr;
|
|
|
|
typedef struct _virLXCMonitorCallbacks virLXCMonitorCallbacks;
|
|
typedef virLXCMonitorCallbacks *virLXCMonitorCallbacksPtr;
|
|
|
|
typedef void (*virLXCMonitorCallbackDestroy)(virLXCMonitorPtr mon,
|
|
virDomainObjPtr vm);
|
|
typedef void (*virLXCMonitorCallbackEOFNotify)(virLXCMonitorPtr mon,
|
|
virDomainObjPtr vm);
|
|
|
|
typedef void (*virLXCMonitorCallbackExitNotify)(virLXCMonitorPtr mon,
|
|
virLXCProtocolExitStatus status,
|
|
virDomainObjPtr vm);
|
|
|
|
typedef void (*virLXCMonitorCallbackInitNotify)(virLXCMonitorPtr mon,
|
|
pid_t pid,
|
|
virDomainObjPtr vm);
|
|
|
|
struct _virLXCMonitorCallbacks {
|
|
virLXCMonitorCallbackDestroy destroy;
|
|
virLXCMonitorCallbackEOFNotify eofNotify;
|
|
virLXCMonitorCallbackExitNotify exitNotify;
|
|
virLXCMonitorCallbackInitNotify initNotify;
|
|
};
|
|
|
|
virLXCMonitorPtr virLXCMonitorNew(virDomainObjPtr vm,
|
|
const char *socketdir,
|
|
virLXCMonitorCallbacksPtr cb);
|
|
|
|
void virLXCMonitorClose(virLXCMonitorPtr mon);
|
|
|
|
void virLXCMonitorLock(virLXCMonitorPtr mon);
|
|
void virLXCMonitorUnlock(virLXCMonitorPtr mon);
|
|
|
|
#endif /* __LXC_MONITOR_H__ */
|