openstack team mailing list archive

Thread
Date

Re: secure logging in OpenStack

To: openstack@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry@xxxxxxxxxxxxx>
Date: Thu, 07 Jun 2012 10:08:19 +0200
In-reply-to: <4FCFA3FB.5070702@polito.it>
Organization: OpenStack
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1

Paolo Smiraglia wrote:
> I wrote a library that implement some security features for logging. In
> a few words, the library generates a log files where all log entries are
> linked through an hash chain. In this way it's possible to verify the
> integrity of the log files. Now, I would to integrate functionalities
> provided by my library in the OpenStack logging system.
> 
> From a rapid view of python logging module, I saw that its possible to
> define custom logging handlers. My idea is to define a new handler as follow
> 
>    class SecureLogHandler(logging.Handler)
> 
> and to include it in the log module of OpenStack.
> 
> Is this a good approach?

Making it optional (keeping the ability to run the old one) could be a plus.

> There are some directives that I must follow (code styling, method
> definition, ...)?

Code style is defined in http://wiki.openstack.org/CodingStandards and
in the HACKING.rst file in project repositories.

Generally speaking, you should read
http://wiki.openstack.org/HowToContribute as a starting point, and get
familiar with our development cycle at
http://wiki.openstack.org/ReleaseCycle. You should probably create a
blueprint (see http://wiki.openstack.org/Blueprints) so that we can
properly track this feature.

Cheers!

-- 
Thierry Carrez (ttx)
Release Manager, OpenStack

Follow ups

Re: secure logging in OpenStack
From: Paolo Smiraglia, 2012-06-07

References

secure logging in OpenStack
From: Paolo Smiraglia, 2012-06-06