On Tuesday, February 15, 2011 09:59:59 pm Eric Blake wrote:
I'm following up on danpb's patches to add initial audit support to
qemu actions (see around commit 8dc136b in Oct 2010). Another useful
thing to audit is all changes to the device ACL whitelist via the
cgroup device controller -
I'm following up on danpb's patches to add initial audit support to
qemu actions (see around commit 8dc136b in Oct 2010). Another useful
thing to audit is all changes to the device ACL whitelist via the
cgroup device controller - namely, any time that the qemu cgroup is
altered to allow or deny
