Re: PolicyKit and syslog | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Tue, 2009-11-24 at 11:26 -0500, Matthew Miller wrote: > One of the important features of sudo is its ability to log elevated-access > actions to syslog. > > Userhelper similarly logs actions, like so: "userhelper[26491]: running > '/usr/share/system-config-users/system-config-users ' with root privileges > on behalf of 'mattdm'". > > PolicyKit serves a similar function, but doesn't seem to log anything. > > In fact, the only use of syslog appears to be in polkit-agent-helper-1, > which logs in two possible situations -- when called with the wrong number > of arguments and when stdin is a tty. (Most other things it fprintfs to > stderr.) > > I'm not bringing this up to complain -- I just want to make sure that I'm > not missing something (which happens more often than it should; *sigh*). If > I'm not missing something, is this something anyone is working on already or > has existing plans for? > PolicyKit itself is not running anything. It is just answering the question of a mechanism: 'is X allowed to do foo ?'. It would make more sense for the mechanisms that use PolicyKit to log privileged actions that they do or deny to do. -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Coolkey] [Fedora Tools]
