Red Hat Bugzilla – Bug 1260936
[RFE] enable logging of commands run via "oc exec" for auditing purposes
Last modified: 2016-10-04 09:41:42 EDT
3. What is the nature and description of the request?
Be able to log executed commands for auditing purpose
4. Why does the customer need this? (List the business requirements here)
To be able to host application with PCI compliance requirement, OSE platform should provide audit logs for executed commands, or oc exec commands needs to disabled.
5. How would the customer like to achieve this? (List the functional requirements here)
The customer can try to execute some commands and that needs to be logged if he is allowed or logged also when the access has been denied.
6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
Just be able to see the executed command in some logs outside the container or inside a persistent storage on the OpenShift project, or sent to a syslog server over ssl.
7. Is there already an existing RFE upstream or in Red Hat Bugzilla?
8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?
End of this year, November 2015
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see firstname.lastname@example.org with any questions
Logging of all interactions with the master was added in 3.2.1.
According to comment https://bugzilla.redhat.com/show_bug.cgi?id=1260936#c3 and https://bugzilla.redhat.com/show_bug.cgi?id=1260936#c6 move to verified.
Is this fix available in 3.3 ?
Miheer, please see comment 6