diff options
author | Amy Griffis <amy.griffis@hp.com> | 2006-06-08 23:19:31 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-06-20 05:25:28 -0400 |
commit | 9c937dcc71021f2dbf78f904f03d962dd9bcc130 (patch) | |
tree | 6ab53c1cf1235515307d521cecc4f76afa34e137 /fs | |
parent | 6a2bceec0ea7fdc47aef9a3f2f771c201eaabe5d (diff) |
[PATCH] log more info for directory entry change events
When an audit event involves changes to a directory entry, include
a PATH record for the directory itself. A few other notable changes:
- fixed audit_inode_child() hooks in fsnotify_move()
- removed unused flags arg from audit_inode()
- added audit log routines for logging a portion of a string
Here's some sample output.
before patch:
type=SYSCALL msg=audit(1149821605.320:26): arch=40000003 syscall=39 success=yes exit=0 a0=bf8d3c7c a1=1ff a2=804e1b8 a3=bf8d3c7c items=1 ppid=739 pid=800 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
type=CWD msg=audit(1149821605.320:26): cwd="/root"
type=PATH msg=audit(1149821605.320:26): item=0 name="foo" parent=164068 inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0
after patch:
type=SYSCALL msg=audit(1149822032.332:24): arch=40000003 syscall=39 success=yes exit=0 a0=bfdd9c7c a1=1ff a2=804e1b8 a3=bfdd9c7c items=2 ppid=714 pid=777 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
type=CWD msg=audit(1149822032.332:24): cwd="/root"
type=PATH msg=audit(1149822032.332:24): item=0 name="/root" inode=164068 dev=03:00 mode=040750 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t:s0
type=PATH msg=audit(1149822032.332:24): item=1 name="foo" inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0
Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/namei.c | 2 | ||||
-rw-r--r-- | fs/open.c | 4 | ||||
-rw-r--r-- | fs/xattr.c | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/fs/namei.c b/fs/namei.c index d6e2ee25173..184fe4acf82 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
@@ -1127,7 +1127,7 @@ out: | |||
1127 | if (likely(retval == 0)) { | 1127 | if (likely(retval == 0)) { |
1128 | if (unlikely(current->audit_context && nd && nd->dentry && | 1128 | if (unlikely(current->audit_context && nd && nd->dentry && |
1129 | nd->dentry->d_inode)) | 1129 | nd->dentry->d_inode)) |
1130 | audit_inode(name, nd->dentry->d_inode, flags); | 1130 | audit_inode(name, nd->dentry->d_inode); |
1131 | } | 1131 | } |
1132 | out_fail: | 1132 | out_fail: |
1133 | return retval; | 1133 | return retval; |
@@ -633,7 +633,7 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode) | |||
633 | dentry = file->f_dentry; | 633 | dentry = file->f_dentry; |
634 | inode = dentry->d_inode; | 634 | inode = dentry->d_inode; |
635 | 635 | ||
636 | audit_inode(NULL, inode, 0); | 636 | audit_inode(NULL, inode); |
637 | 637 | ||
638 | err = -EROFS; | 638 | err = -EROFS; |
639 | if (IS_RDONLY(inode)) | 639 | if (IS_RDONLY(inode)) |
@@ -786,7 +786,7 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group) | |||
786 | if (file) { | 786 | if (file) { |
787 | struct dentry * dentry; | 787 | struct dentry * dentry; |
788 | dentry = file->f_dentry; | 788 | dentry = file->f_dentry; |
789 | audit_inode(NULL, dentry->d_inode, 0); | 789 | audit_inode(NULL, dentry->d_inode); |
790 | error = chown_common(dentry, user, group); | 790 | error = chown_common(dentry, user, group); |
791 | fput(file); | 791 | fput(file); |
792 | } | 792 | } |
diff --git a/fs/xattr.c b/fs/xattr.c index e416190f5e9..c32f15b5f60 100644 --- a/fs/xattr.c +++ b/fs/xattr.c | |||
@@ -242,7 +242,7 @@ sys_fsetxattr(int fd, char __user *name, void __user *value, | |||
242 | if (!f) | 242 | if (!f) |
243 | return error; | 243 | return error; |
244 | dentry = f->f_dentry; | 244 | dentry = f->f_dentry; |
245 | audit_inode(NULL, dentry->d_inode, 0); | 245 | audit_inode(NULL, dentry->d_inode); |
246 | error = setxattr(dentry, name, value, size, flags); | 246 | error = setxattr(dentry, name, value, size, flags); |
247 | fput(f); | 247 | fput(f); |
248 | return error; | 248 | return error; |
@@ -469,7 +469,7 @@ sys_fremovexattr(int fd, char __user *name) | |||
469 | if (!f) | 469 | if (!f) |
470 | return error; | 470 | return error; |
471 | dentry = f->f_dentry; | 471 | dentry = f->f_dentry; |
472 | audit_inode(NULL, dentry->d_inode, 0); | 472 | audit_inode(NULL, dentry->d_inode); |
473 | error = removexattr(dentry, name); | 473 | error = removexattr(dentry, name); |
474 | fput(f); | 474 | fput(f); |
475 | return error; | 475 | return error; |