[Users] Re: Logging of logins via "vzctl enter"
Scott Dowdle
dowdle at montanalinux.org
Wed May 13 14:38:21 EDT 2009
FabioBD,
----- "fdb" <fabiodib at email.it> wrote:
> Ralf ha scritto:
> > Is it possible for the VPS admin to see whether and when the HN admin
> > has entered the VPS
> > (ie. via the 'vzctl enter' command).
> > Is that logged somewhere in the logs of the VPS ?
>
> I think than should be implemented in the relative portion of ovz
> kernel thought klogd.
>
> I hope that it will be implemented ASAP by openvz dev team.
Hmm, so far as I know klogd inside of a container doesn't get anything from the host node kernel. Perhaps klogd on the host node might... but how is that going to be communicated to the container root user?
What else should be logged?
vzctl exec
cd /vz/private/{CTID}
cd /vz/root/{CTID}
All of those seem just as appropriate... as do any other file operations done by a zillion other commands into the container's file space.
I just don't see how that is going to be done.
If you don't trust the root user of your host node, I think you are in trouble.
TYL,
--
Scott Dowdle
704 Church Street
Belgrade, MT 59714
(406)388-0827 [home]
(406)994-3931 [work]
More information about the Users
mailing list