URL: https://github.com/freeipa/freeipa/pull/174
Title: #174: add log module

mbasti-rh commented:
> Yes. As you see, our use case is I'm admin and want to audit what commads 
> were used.

In this case, if it is only for admins I endorse you to use centralized logging:
- http://www.freeipa.org/page/Centralized_Logging

> Because I use freeipa 4.3.1 version, adaptation through on this version, I 
> saw the master branch source code structure is different from the ipa-4-3 
> branch, I am not sure if there is a problem after adding log module, so 
> created pull request on the ipa-4-3 branch.

Yes, master differs from 4.3, and as I said, new features are merged only to 
master, 4.3.x is only for bugfixes

> We can set up the log file permissions. Currently only the admin can view the 
> log information in web interface.

Where is this enforced in code? AFAIK you are accessing log as httpd user

> The log module adapted by freeipa 4.3.1 version, not sure if there is a 
> problem in other versions. As for the replicated topology, I need to familiar 
> with its function.

FreeIPA supports multimaster topology, your current implementation shows only 
history of commands from the server where a user is actually connected. It will 
not provide history from all servers.
> Parsing the log is to show more friendly in the web interface.

IMO Kibana and centralized logging shows log information in nice way too

> BTW, there is still no respond about joining Chinese translation organization 
> in zanata https://fedora.zanata.org/language/view/zh-CN?dswid=2727

Have you tried others way how to get into? Maybe ask teamlead on IRC

See the full comment at 
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to