Basic framework for auditing integration

Integrate with libaudit.so for auditing of important operations. libvirtd gains a couple of config entries for auditing. By default it will enable auditing, if its enabled on the host. It can be configured to force exit if auditing is disabled on the host. It will can also send audit messages via libvirt internal logging API Places requiring audit reporting can use the VIR_AUDIT macro to report data. This is a no-op unless auditing is enabled * autobuild.sh, mingw32-libvirt.spec.in: Disable audit on mingw * configure.ac: Add check for libaudit * daemon/libvirtd.aug, daemon/libvirtd.conf, daemon/test_libvirtd.aug, daemon/libvirtd.c: Add config options to enable auditing * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUDIT source * libvirt.spec.in: Enable audit * src/util/virtaudit.h, src/util/virtaudit.c: Simple internal API for auditing messages
2025-02-25 18:55:26 -06:00 · 2010-09-15 14:44:11 +01:00
parent ba5c9afffa
commit 8f680ad3b8
14 changed files with 327 additions and 6 deletions
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -66,6 +66,7 @@
 %define with_libpcap       0%{!?_without_libpcap:0}
 %define with_macvtap       0%{!?_without_macvtap:0}
 %define with_libnl         0%{!?_without_libnl:0}
+%define with_audit         0%{!?_without_audit:0}

 # Non-server/HV driver defaults which are always enabled
 %define with_python        0%{!?_without_python:1}
@@ -165,6 +166,10 @@
 %define with_libnl 1
 %endif

+%if 0%{?fedora} >= 11 || 0%{?rhel} >= 5
+%define with_audit    0%{!?_without_audit:1}
+%endif
+
 # Force QEMU to run as non-root
 %if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
 %define qemu_user  qemu
@@ -370,6 +375,9 @@ BuildRequires: netcf-devel >= 0.1.4
 %if %{with_esx}
 BuildRequires: libcurl-devel
 %endif
+%if %{with_audit}
+BuildRequires: audit-libs-devel
+%endif

 # Fedora build root suckage
 BuildRequires: gawk
@@ -552,6 +560,10 @@ of recent versions of Linux (and other OSes).
 %define _without_macvtap --without-macvtap
 %endif

+%if ! %{with_audit}
+%define _without_audit --without-audit
+%endif
+
 %configure %{?_without_xen} \
           %{?_without_qemu} \
           %{?_without_openvz} \
@@ -583,6 +595,7 @@ of recent versions of Linux (and other OSes).
           %{?_without_yajl} \
           %{?_without_libpcap} \
           %{?_without_macvtap} \
+           %{?_without_audit} \
           --with-qemu-user=%{qemu_user} \
           --with-qemu-group=%{qemu_group} \
           --with-init-script=redhat \