Add UID to filesystem modification events

[dansondergaard]

Is your feature request related to a problem? Please describe.

We would like to use filesystem modification events for audit logging on our BeeGFS storage, but without a UID in the events, this is not possible.

Describe the solution you'd like

Add the UID of the user carrying out the operation to the filesystem modification events. Since this is just adding a field to the JSON, it's backwards-compatible. The UID seems to be included in all NetMessage messages to the metadata server, so the information is readily available with getMsgHeaderUserID().

It seems that there's only 10 locations in the code where an operation is logged, for example:

beegfs/meta/source/net/message/session/opening/OpenFileMsgEx.cpp

Line 81 in 2bb9244

app->getFileEventLogger()->log(

Describe alternatives you've considered

Running auditd on each compute node and collecting logs. However, it's not as reliable or flexible as an approach based on filesystem modification events.

Additional context

None.

[iamjoemccormick]

@dansondergaard,

File system modification events are actually being overhauled as part of the upcoming BeeGFS 8 release. In addition to the existing details they will now carry the user ID that triggered the event and the timestamp the event was triggered, both of which should be useful for audit logging.