diff options
author | Steve Grubb <sgrubb@redhat.com> | 2006-01-01 14:07:00 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-03-20 14:08:55 -0500 |
commit | a6c043a887a9db32a545539426ddfc8cc2c28f8f (patch) | |
tree | 61269890edbf13a5bb2ae41eb4aba9353a2382b8 | |
parent | 5d3301088f7e412992d9e61cc3604cbdff3090ff (diff) |
[PATCH] Add tty to syscall audit records
Hi,
>From the RBAC specs:
FAU_SAR.1.1 The TSF shall provide the set of authorized
RBAC administrators with the capability to read the following
audit information from the audit records:
<snip>
(e) The User Session Identifier or Terminal Type
A patch adding the tty for all syscalls is included in this email.
Please apply.
Signed-off-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | kernel/auditsc.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index ba0878854777..d3d499272d13 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -57,6 +57,7 @@ | |||
57 | #include <asm/unistd.h> | 57 | #include <asm/unistd.h> |
58 | #include <linux/security.h> | 58 | #include <linux/security.h> |
59 | #include <linux/list.h> | 59 | #include <linux/list.h> |
60 | #include <linux/tty.h> | ||
60 | 61 | ||
61 | #include "audit.h" | 62 | #include "audit.h" |
62 | 63 | ||
@@ -573,6 +574,7 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask) | |||
573 | int i; | 574 | int i; |
574 | struct audit_buffer *ab; | 575 | struct audit_buffer *ab; |
575 | struct audit_aux_data *aux; | 576 | struct audit_aux_data *aux; |
577 | const char *tty; | ||
576 | 578 | ||
577 | ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL); | 579 | ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL); |
578 | if (!ab) | 580 | if (!ab) |
@@ -585,11 +587,15 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask) | |||
585 | audit_log_format(ab, " success=%s exit=%ld", | 587 | audit_log_format(ab, " success=%s exit=%ld", |
586 | (context->return_valid==AUDITSC_SUCCESS)?"yes":"no", | 588 | (context->return_valid==AUDITSC_SUCCESS)?"yes":"no", |
587 | context->return_code); | 589 | context->return_code); |
590 | if (current->signal->tty && current->signal->tty->name) | ||
591 | tty = current->signal->tty->name; | ||
592 | else | ||
593 | tty = "(none)"; | ||
588 | audit_log_format(ab, | 594 | audit_log_format(ab, |
589 | " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" | 595 | " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" |
590 | " pid=%d auid=%u uid=%u gid=%u" | 596 | " pid=%d auid=%u uid=%u gid=%u" |
591 | " euid=%u suid=%u fsuid=%u" | 597 | " euid=%u suid=%u fsuid=%u" |
592 | " egid=%u sgid=%u fsgid=%u", | 598 | " egid=%u sgid=%u fsgid=%u tty=%s", |
593 | context->argv[0], | 599 | context->argv[0], |
594 | context->argv[1], | 600 | context->argv[1], |
595 | context->argv[2], | 601 | context->argv[2], |
@@ -600,7 +606,7 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask) | |||
600 | context->uid, | 606 | context->uid, |
601 | context->gid, | 607 | context->gid, |
602 | context->euid, context->suid, context->fsuid, | 608 | context->euid, context->suid, context->fsuid, |
603 | context->egid, context->sgid, context->fsgid); | 609 | context->egid, context->sgid, context->fsgid, tty); |
604 | audit_log_task_info(ab, gfp_mask); | 610 | audit_log_task_info(ab, gfp_mask); |
605 | audit_log_end(ab); | 611 | audit_log_end(ab); |
606 | 612 | ||