* [pve-devel] [PATCH pve-access-control 1/1] add logging for ACL and user status change
@ 2023-11-03 12:26 Andrew A. Vasilyev
0 siblings, 0 replies; 2+ messages in thread
From: Andrew A. Vasilyev @ 2023-11-03 12:26 UTC (permalink / raw)
To: pve-devel; +Cc: Andrew A. Vasilyev
Signed-off-by: "Andrew A. Vasilyev" <andy@altlinux.org>
---
src/PVE/API2/ACL.pm | 2 ++
src/PVE/API2/User.pm | 4 ++++
2 files changed, 6 insertions(+)
diff --git src/PVE/API2/ACL.pm src/PVE/API2/ACL.pm
index f0c9efb..6ec23d7 100644
--- src/PVE/API2/ACL.pm
+++ src/PVE/API2/ACL.pm
@@ -183,8 +183,10 @@ __PACKAGE__->register_method ({
if ($param->{delete}) {
delete ($node->{users}->{$username}->{$role});
+ PVE::Cluster::log_msg('info', 'root@pam', "delete $role from $path for user '$username'");
} else {
$node->{users}->{$username}->{$role} = $propagate;
+ PVE::Cluster::log_msg('info', 'root@pam', "add $role to $path for user '$username'");
}
}
diff --git src/PVE/API2/User.pm src/PVE/API2/User.pm
index ed4cb70..87a5d77 100644
--- src/PVE/API2/User.pm
+++ src/PVE/API2/User.pm
@@ -283,6 +283,7 @@ __PACKAGE__->register_method ({
$usercfg->{users}->{$username}->{keys} = $param->{keys} if $param->{keys};
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "create user '$username'");
}, "create user failed");
return undef;
@@ -402,6 +403,7 @@ __PACKAGE__->register_method ({
$usercfg->{users}->{$username}->{keys} = $param->{keys} if defined($param->{keys});
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "update user '$username'");
}, "update user failed");
return undef;
@@ -463,6 +465,7 @@ __PACKAGE__->register_method ({
$partial_deletion .= ', ACLs';
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "delete user '$userid'");
};
die "$@$partial_deletion\n" if $@;
}, "delete user failed");
@@ -795,6 +798,7 @@ __PACKAGE__->register_method ({
delete $usercfg->{users}->{$userid}->{tokens}->{$tokenid};
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "logout user '$userid'");
}, 'deleting token failed');
return;
--
2.33.8
^ permalink raw reply [flat|nested] 2+ messages in thread* [pve-devel] [PATCH pve-access-control 1/1] add logging for ACL and user status change
@ 2023-11-03 14:27 Andrew A. Vasilyev
0 siblings, 0 replies; 2+ messages in thread
From: Andrew A. Vasilyev @ 2023-11-03 14:27 UTC (permalink / raw)
To: pve-devel
Signed-off-by: "Andrew A. Vasilyev" <andy@altlinux.org>
---
src/PVE/API2/ACL.pm | 2 ++
src/PVE/API2/User.pm | 4 ++++
2 files changed, 6 insertions(+)
diff --git src/PVE/API2/ACL.pm src/PVE/API2/ACL.pm
index f0c9efb..6ec23d7 100644
--- src/PVE/API2/ACL.pm
+++ src/PVE/API2/ACL.pm
@@ -183,8 +183,10 @@ __PACKAGE__->register_method ({
if ($param->{delete}) {
delete ($node->{users}->{$username}->{$role});
+ PVE::Cluster::log_msg('info', 'root@pam', "delete $role from $path for user '$username'");
} else {
$node->{users}->{$username}->{$role} = $propagate;
+ PVE::Cluster::log_msg('info', 'root@pam', "add $role to $path for user '$username'");
}
}
diff --git src/PVE/API2/User.pm src/PVE/API2/User.pm
index ed4cb70..87a5d77 100644
--- src/PVE/API2/User.pm
+++ src/PVE/API2/User.pm
@@ -283,6 +283,7 @@ __PACKAGE__->register_method ({
$usercfg->{users}->{$username}->{keys} = $param->{keys} if $param->{keys};
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "create user '$username'");
}, "create user failed");
return undef;
@@ -402,6 +403,7 @@ __PACKAGE__->register_method ({
$usercfg->{users}->{$username}->{keys} = $param->{keys} if defined($param->{keys});
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "update user '$username'");
}, "update user failed");
return undef;
@@ -463,6 +465,7 @@ __PACKAGE__->register_method ({
$partial_deletion .= ', ACLs';
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "delete user '$userid'");
};
die "$@$partial_deletion\n" if $@;
}, "delete user failed");
@@ -795,6 +798,7 @@ __PACKAGE__->register_method ({
delete $usercfg->{users}->{$userid}->{tokens}->{$tokenid};
cfs_write_file("user.cfg", $usercfg);
+ PVE::Cluster::log_msg('info', 'root@pam', "logout user '$userid'");
}, 'deleting token failed');
return;
--
2.33.8
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-03 14:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-03 12:26 [pve-devel] [PATCH pve-access-control 1/1] add logging for ACL and user status change Andrew A. Vasilyev
2023-11-03 14:27 Andrew A. Vasilyev
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox