dpkg logging
Does anyone have any prior thought or designs for dpkg logging/audting support?
I'm talking about adding support to dpkg to make it log everything it does, on
a per-package (or maybe per-file too?) basis, so sysadmins can answer that
burning question: "What did we do 3 days ago that broke the system?"
Yes, I know about /var/backups/dpkg.status*. I don't think it's really
enough.
I'd like to work on adding this to dpkg, if I can come up with a design
that is acceptable.
My first thoughts are that when a package is up-or-downgraded, removed, purged,
configured, etc, a minimum of package name, previous version, new version
should be logged, in an easily-parsed format. It would be nice to have a field
that indicates what caused dpkg to do this.
Ideally, that could even indicate if the action were prompted by apt or
dselect, but there's really no good way for dpkg to figure that out. Maybe just
logging the dpkg command line would be useful. Maybe a --initialtor=apt|dselect
style command-line switch could be added usefully.
It would probably be a good thing if --set-selections modifications were logged
as well. Logging conffile handling would also probably be useful. I'm unsure if
it makes sense to log to syslog; that could maybe break if syslogd was being
upgraded, which would be bad.
--
see shy jo, who added optional syslog-logging to debconf long ago in about 10
lines of code..
Reply to: