-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/07/2013 08:22 AM, Kay Sievers wrote: > On Tue, May 7, 2013 at 2:04 PM, Daniel J Walsh <dwa...@redhat.com> wrote: > >> Really would like to be able to track an alert back to the causing pid. > > You mean the: * introduce generic AUGMENT_PID=, AUGMENT_DEVICE= fields item > in the TODO list, right? > > A facility that one process can submit information really belonging to > another one, to the journal. In your case the setroubleshoot PID logs > something about the apache service, and if we query the status of apache we > get that setroubleshoot logs along with the logs that originated from > apache, right? > > How do we handle the trust here? Allow that "augmentation" only for > privileged processes? > > Kay > Yes I would only allow priv processes to do this, I guess eventually we could add an SELinux check to this and maybe a capability check like, CAP_SYSLOG?
But for now, just check that the UID==0 of the process doing an AUGMENT_PID. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGI9PwACgkQrlYvE4MpobMqVwCeIf5WDUy/HX1Ft2o8GFlZYaza t/wAmgPTn+EX6h8PYGcR9tYuZjRjVeI2 =WW6I -----END PGP SIGNATURE----- _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
