Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-18 Thread Steve Grubb
On Fri, 18 May 2018 11:21:06 -0400 Richard Guy Briggs wrote: > On 2018-05-18 09:56, Steve Grubb wrote: > > On Thu, 17 May 2018 17:56:00 -0400 > > Richard Guy Briggs wrote: > > > > > > During syscall events, the path info is returned in a a record > > > >

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-18 Thread Richard Guy Briggs
On 2018-05-18 09:56, Steve Grubb wrote: > On Thu, 17 May 2018 17:56:00 -0400 > Richard Guy Briggs wrote: > > > > During syscall events, the path info is returned in a a record > > > simply called AUDIT_PATH, cwd info is returned in AUDIT_CWD. So, > > > rather than calling the

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-18 Thread Steve Grubb
On Thu, 17 May 2018 17:56:00 -0400 Richard Guy Briggs wrote: > > During syscall events, the path info is returned in a a record > > simply called AUDIT_PATH, cwd info is returned in AUDIT_CWD. So, > > rather than calling the record that gets attached to everything > >

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-17 Thread Richard Guy Briggs
On 2018-05-17 17:00, Steve Grubb wrote: > On Fri, 16 Mar 2018 05:00:28 -0400 > Richard Guy Briggs wrote: > > > Implement the proc fs write to set the audit container ID of a > > process, emitting an AUDIT_CONTAINER record to document the event. > > > > This is a write from the

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-17 Thread Steve Grubb
On Fri, 16 Mar 2018 05:00:28 -0400 Richard Guy Briggs wrote: > Implement the proc fs write to set the audit container ID of a > process, emitting an AUDIT_CONTAINER record to document the event. > > This is a write from the container orchestrator task to a proc entry > of the

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-05-06 Thread Richard Guy Briggs
On 2018-04-18 19:47, Paul Moore wrote: > On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: > > Implement the proc fs write to set the audit container ID of a process, > > emitting an AUDIT_CONTAINER record to document the event. > > > > This is a write from the container

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-26 Thread Paul Moore
On Tue, Apr 24, 2018 at 8:40 PM, Richard Guy Briggs wrote: > On 2018-04-24 15:01, Paul Moore wrote: >> On Mon, Apr 23, 2018 at 10:02 PM, Richard Guy Briggs wrote: >> > On 2018-04-23 19:15, Paul Moore wrote: >> >> On Sat, Apr 21, 2018 at 10:34 AM, Richard Guy

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-24 Thread Richard Guy Briggs
On 2018-04-24 15:01, Paul Moore wrote: > On Mon, Apr 23, 2018 at 10:02 PM, Richard Guy Briggs wrote: > > On 2018-04-23 19:15, Paul Moore wrote: > >> On Sat, Apr 21, 2018 at 10:34 AM, Richard Guy Briggs > >> wrote: > >> > On 2018-04-18 19:47, Paul Moore wrote: >

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-24 Thread Paul Moore
On Mon, Apr 23, 2018 at 10:02 PM, Richard Guy Briggs wrote: > On 2018-04-23 19:15, Paul Moore wrote: >> On Sat, Apr 21, 2018 at 10:34 AM, Richard Guy Briggs wrote: >> > On 2018-04-18 19:47, Paul Moore wrote: >> >> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-23 Thread Richard Guy Briggs
On 2018-04-23 19:15, Paul Moore wrote: > On Sat, Apr 21, 2018 at 10:34 AM, Richard Guy Briggs wrote: > > On 2018-04-18 19:47, Paul Moore wrote: > >> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs > >> wrote: > >> > Implement the proc fs write to set the

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-23 Thread Paul Moore
On Sat, Apr 21, 2018 at 10:34 AM, Richard Guy Briggs wrote: > On 2018-04-18 19:47, Paul Moore wrote: >> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: >> > Implement the proc fs write to set the audit container ID of a process, >> > emitting an

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-21 Thread Richard Guy Briggs
On 2018-04-18 19:47, Paul Moore wrote: > On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: > > Implement the proc fs write to set the audit container ID of a process, > > emitting an AUDIT_CONTAINER record to document the event. > > > > This is a write from the container

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-18 Thread Casey Schaufler
On 4/18/2018 5:46 PM, Paul Moore wrote: > On Wed, Apr 18, 2018 at 8:41 PM, Casey Schaufler > wrote: >> On 4/18/2018 4:47 PM, Paul Moore wrote: >>> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: Implement the proc fs write to set the

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-18 Thread Paul Moore
On Wed, Apr 18, 2018 at 8:41 PM, Casey Schaufler wrote: > On 4/18/2018 4:47 PM, Paul Moore wrote: >> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: >>> Implement the proc fs write to set the audit container ID of a process, >>> emitting an

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-18 Thread Casey Schaufler
On 4/18/2018 4:47 PM, Paul Moore wrote: > On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: >> Implement the proc fs write to set the audit container ID of a process, >> emitting an AUDIT_CONTAINER record to document the event. >> ... >> >> diff --git

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-04-18 Thread Paul Moore
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: > Implement the proc fs write to set the audit container ID of a process, > emitting an AUDIT_CONTAINER record to document the event. > > This is a write from the container orchestrator task to a proc entry of > the form

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-03-29 Thread Richard Guy Briggs
On 2018-03-29 07:03, Jonathan Corbet wrote: > On Thu, 29 Mar 2018 05:01:32 -0400 > Richard Guy Briggs wrote: > > > > A little detail, but still... > > > > I am understanding that you would prefer more context (as opposed to > > operational detail) in the description, laying

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-03-29 Thread Jonathan Corbet
On Thu, 29 Mar 2018 05:01:32 -0400 Richard Guy Briggs wrote: > > A little detail, but still... > > I am understanding that you would prefer more context (as opposed to > operational detail) in the description, laying out the use case for this > patch(set)? No, sorry, "a

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-03-29 Thread Richard Guy Briggs
On 2018-03-28 12:39, Jonathan Corbet wrote: > On Fri, 16 Mar 2018 05:00:28 -0400 > Richard Guy Briggs wrote: > > Implement the proc fs write to set the audit container ID of a process, > > emitting an AUDIT_CONTAINER record to document the event. > > A little detail, but

Re: [RFC PATCH ghak32 V2 01/13] audit: add container id

2018-03-28 Thread Jonathan Corbet
On Fri, 16 Mar 2018 05:00:28 -0400 Richard Guy Briggs wrote: > Implement the proc fs write to set the audit container ID of a process, > emitting an AUDIT_CONTAINER record to document the event. A little detail, but still... > +static int audit_set_containerid_perm(struct

[RFC PATCH ghak32 V2 01/13] audit: add container id

2018-03-16 Thread Richard Guy Briggs
Implement the proc fs write to set the audit container ID of a process, emitting an AUDIT_CONTAINER record to document the event. This is a write from the container orchestrator task to a proc entry of the form /proc/PID/containerid where PID is the process ID of the newly created task that is to