New log events for vvsg2 (#5291)

* add new log event details

* vvsg2 logging updates

libs/logging/VotingWorksLoggingDocumentation.md

@@ -22,6 +22,10 @@ IDs are logged with each log to identify the log being written.
 **Type:** [user-action](#user-action)  
 **Description:** The user has unconfigured current machine to remove the current election definition, and all other data.  
 **Machines:** All
+### dmverity-boot
+**Type:** [system-status](#system-status)  
+**Description:** The system booted with dm-verity enabled.  
+**Machines:** All
 ### machine-boot-init
 **Type:** [system-action](#system-action)  
 **Description:** The machine is beginning the boot process.  
@@ -58,6 +62,14 @@ IDs are logged with each log to identify the log being written.
 **Type:** [system-action](#system-action)  
 **Description:** A VotingWorks-authored process (eg. hardware daemon) has been terminated.  
 **Machines:** vx-mark-scan-controller-daemon, vx-mark-scan-pat-daemon
+### sudo-action
+**Type:** [user-action](#user-action)  
+**Description:** A command was executed with sudo privileges.  
+**Machines:** All
+### password-change
+**Type:** [user-action](#user-action)  
+**Description:** A password change was executed.  
+**Machines:** All
 ### auth-pin-entry
 **Type:** [user-action](#user-action)  
 **Description:** A user entered a PIN to log in.  

libs/logging/log_event_details.toml

@@ -14,6 +14,11 @@ defaultMessage = "Application has been unconfigured from the previous election."
 documentationMessage = "The user has unconfigured current machine to remove the current election definition, and all other data."
 
 # System level logs
+[DmVerityBoot]
+eventId = "dmverity-boot"
+eventType = "system-status"
+documentationMessage = "The system booted with dm-verity enabled."
+
 [MachineBootInit]
 eventId = "machine-boot-init"
 eventType = "system-action"
@@ -76,6 +81,16 @@ restrictInDocumentationToApps = [
 ]
 
 # Auth logs
+[SudoAction]
+eventId = "sudo-action"
+eventType = "user-action"
+documentationMessage = "A command was executed with sudo privileges."
+
+[PasswdChange]
+eventId = "password-change"
+eventType = "user-action"
+documentationMessage = "A password change was executed."
+
 [AuthPinEntry]
 eventId = "auth-pin-entry"
 eventType = "user-action"

libs/logging/src/log_event_ids.ts

@@ -14,6 +14,7 @@ export interface LogDetails extends Omit<BaseLogEventDetails, 'eventId'> {
 export enum LogEventId {
   ElectionConfigured = 'election-configured',
   ElectionUnconfigured = 'election-unconfigured',
+  DmVerityBoot = 'dmverity-boot',
   MachineBootInit = 'machine-boot-init',
   MachineBootComplete = 'machine-boot-complete',
   MachineShutdownInit = 'machine-shutdown-init',
@@ -23,6 +24,8 @@ export enum LogEventId {
   Heartbeat = 'heartbeat',
   ProcessStarted = 'process-started',
   ProcessTerminated = 'process-terminated',
+  SudoAction = 'sudo-action',
+  PasswdChange = 'password-change',
   AuthPinEntry = 'auth-pin-entry',
   AuthLogin = 'auth-login',
   AuthVoterSessionUpdated = 'auth-voter-session-updated',
@@ -158,6 +161,12 @@ const ElectionUnconfigured: LogDetails = {
     'Application has been unconfigured from the previous election.',
 };
 
+const DmVerityBoot: LogDetails = {
+  eventId: LogEventId.DmVerityBoot,
+  eventType: LogEventType.SystemStatus,
+  documentationMessage: 'The system booted with dm-verity enabled.',
+};
+
 const MachineBootInit: LogDetails = {
   eventId: LogEventId.MachineBootInit,
   eventType: LogEventType.SystemAction,
@@ -233,6 +242,18 @@ const ProcessTerminated: LogDetails = {
   ],
 };
 
+const SudoAction: LogDetails = {
+  eventId: LogEventId.SudoAction,
+  eventType: LogEventType.UserAction,
+  documentationMessage: 'A command was executed with sudo privileges.',
+};
+
+const PasswdChange: LogDetails = {
+  eventId: LogEventId.PasswdChange,
+  eventType: LogEventType.UserAction,
+  documentationMessage: 'A password change was executed.',
+};
+
 const AuthPinEntry: LogDetails = {
   eventId: LogEventId.AuthPinEntry,
   eventType: LogEventType.UserAction,
@@ -1176,6 +1197,8 @@ export function getDetailsForEventId(eventId: LogEventId): LogDetails {
       return ElectionConfigured;
     case LogEventId.ElectionUnconfigured:
       return ElectionUnconfigured;
+    case LogEventId.DmVerityBoot:
+      return DmVerityBoot;
     case LogEventId.MachineBootInit:
       return MachineBootInit;
     case LogEventId.MachineBootComplete:
@@ -1194,6 +1217,10 @@ export function getDetailsForEventId(eventId: LogEventId): LogDetails {
       return ProcessStarted;
     case LogEventId.ProcessTerminated:
       return ProcessTerminated;
+    case LogEventId.SudoAction:
+      return SudoAction;
+    case LogEventId.PasswdChange:
+      return PasswdChange;
     case LogEventId.AuthPinEntry:
       return AuthPinEntry;
     case LogEventId.AuthLogin:

libs/logging/types-rust/src/log_event_enums.rs

@@ -13,6 +13,8 @@ pub enum EventId {
     ElectionConfigured,
     #[serde(rename = "election-unconfigured")]
     ElectionUnconfigured,
+    #[serde(rename = "dmverity-boot")]
+    DmVerityBoot,
     #[serde(rename = "machine-boot-init")]
     MachineBootInit,
     #[serde(rename = "machine-boot-complete")]
@@ -31,6 +33,10 @@ pub enum EventId {
     ProcessStarted,
     #[serde(rename = "process-terminated")]
     ProcessTerminated,
+    #[serde(rename = "sudo-action")]
+    SudoAction,
+    #[serde(rename = "password-change")]
+    PasswdChange,
     #[serde(rename = "auth-pin-entry")]
     AuthPinEntry,
     #[serde(rename = "auth-login")]