Anastasiya Ruzhanskaya
2018-Mar-22 17:17 UTC
[libvirt-users] User name / session idin logs
Hello everyone, I have a question about logging. I need to find out whether it is possible to see user id/session id inside logs or somewhere else. It is not passed in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?
On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote:> Hello everyone, > I have a question about logging. I need to find out whether it is possible > to see user id/session id inside logs or somewhere else. It is not passed > in structured across the network, so where should I look to find out, which > user (which session) is currently performing the actions?Hi, sorry for a late answer. As per logging (debug logs to be more precise), libvirt doesn't log the user/client id which performed the action. Sadly, there's currently no way to find out which client is responsible for which actions. The only thing you can gather from libvirtd is the info about the connected clients not the actions they perform, you can get this info using virt-admin (needs to be run as root) # virt-admin client-list libvirtd Id Transport Connected since -------------------------------------------------- 1 unix 2018-04-12 09:53:46+0200 # virt-admin client-info --server libvirtd --client 1 id : 1 connection_time: 2018-04-12 09:53:46+0200 transport : unix readonly : no unix_user_id : 1000 unix_user_name : eskultet unix_group_id : 1001 unix_group_name: eskultet unix_process_id: 19053 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 Regards, Erik
Anastasiya Ruzhanskaya
2018-May-07 09:41 UTC
Re: [libvirt-users] User name / session idin logs
Hi, I wanted just to ask an additional question to that: how then here in the polkit documentation you distinguish users?: Consider a local user berrange who has been granted permission to connect> to libvirt in full read-write mode. >2018-04-12 11:01 GMT+03:00 Erik Skultety <eskultet@redhat.com>:> On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote: > > Hello everyone, > > I have a question about logging. I need to find out whether it is > possible > > to see user id/session id inside logs or somewhere else. It is not passed > > in structured across the network, so where should I look to find out, > which > > user (which session) is currently performing the actions? > > Hi, > sorry for a late answer. As per logging (debug logs to be more precise), > libvirt > doesn't log the user/client id which performed the action. Sadly, there's > currently no way to find out which client is responsible for which actions. > The only thing you can gather from libvirtd is the info about the connected > clients not the actions they perform, you can get this info using > virt-admin > (needs to be run as root) > > # virt-admin client-list libvirtd > Id Transport Connected since > -------------------------------------------------- > 1 unix 2018-04-12 09:53:46+0200 > > # virt-admin client-info --server libvirtd --client 1 > id : 1 > connection_time: 2018-04-12 09:53:46+0200 > transport : unix > readonly : no > unix_user_id : 1000 > unix_user_name : eskultet > unix_group_id : 1001 > unix_group_name: eskultet > unix_process_id: 19053 > selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 > > Regards, > Erik >