User activity loggings for DN-based logins and launches
|Category:||Core & System|
We have modified 7 Ruby files and 3 C++ files to implement a new local feature in FermiCloud.
We are logging the user's DN and its signer's DN in oned.log for the following 4 types of events:
1. When a user logs in via CLI
2. When a user logs in via SSI
3. When a user launches a VM via CLI
4. When a user launches a VM via SSI
( CLI=CommandLineInterface, SSI=SunStoneInterface )
We hope that these can be part of OpenNebula standard distribution.
I will describe which files had to be modified for each case.
Below, the paths all assume the source tar ball.
1. Login via CLI
src/cli/oneuser : invokes fcuserlog.
src/cli/one_helper.rb : a new class method fcuserlog is defined here which instantiates a new ClientFC.
src/oca/ruby/opennebula/client.rb : a new class ClientFC is defined here which invokes an XMLRPC connection.
2. Launch via CLI
src/cli/onetemplate : invokes fcuserlog.
3. Login via SSI
src/sunstone/sunstone-server.rb : simply makes an XMLRPC call in def build_session
4. Launch via SSI
src/sunstone/sunstone-server.rb : creates @SunstoneServer in "before do" with clientfc method
src/cloud/common/CloudAuth.rb : defines a new method clientfc
src/sunstone/models/OpenNebulaJSON/TemplateJSON.rb : makes an XMLRPC call here.
5. Server side
include/RequestManagerVMTemplate.h : declares a new class FcuserLogging : public RequestManagerVMTemplate.
src/rm/RequestManagerVMTemplate.cc : defines FcuserLogging::request_execute.
src/rm/RequestManager.cc : registers a new handle that invokes FcuserLogging.
I am attaching a tar ball that includes these 7 Ruby files and 3 C++ files.
Our modifications in each file are enclosed between two comments that start with "FC"
If you have any questions or further requests to improve the codes, please let me know.
#2 Updated by Ruben S. Montero almost 7 years ago
- Tracker changed from Feature to Backlog
- Category set to Core & System
- Priority changed from Normal to Low
Thanks for the feedback. This is related to #1615, audit trails. We need to come out with a general mechanism, to audit each action.
Thanks for your feedback and contribution!