aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteve Grubb <sgrubb@redhat.com>2006-01-01 14:07:00 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2006-03-20 14:08:55 -0500
commita6c043a887a9db32a545539426ddfc8cc2c28f8f (patch)
tree61269890edbf13a5bb2ae41eb4aba9353a2382b8
parent5d3301088f7e412992d9e61cc3604cbdff3090ff (diff)
[PATCH] Add tty to syscall audit records
Hi, >From the RBAC specs: FAU_SAR.1.1 The TSF shall provide the set of authorized RBAC administrators with the capability to read the following audit information from the audit records: <snip> (e) The User Session Identifier or Terminal Type A patch adding the tty for all syscalls is included in this email. Please apply. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--kernel/auditsc.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index ba0878854777..d3d499272d13 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -57,6 +57,7 @@
57#include <asm/unistd.h> 57#include <asm/unistd.h>
58#include <linux/security.h> 58#include <linux/security.h>
59#include <linux/list.h> 59#include <linux/list.h>
60#include <linux/tty.h>
60 61
61#include "audit.h" 62#include "audit.h"
62 63
@@ -573,6 +574,7 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask)
573 int i; 574 int i;
574 struct audit_buffer *ab; 575 struct audit_buffer *ab;
575 struct audit_aux_data *aux; 576 struct audit_aux_data *aux;
577 const char *tty;
576 578
577 ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL); 579 ab = audit_log_start(context, gfp_mask, AUDIT_SYSCALL);
578 if (!ab) 580 if (!ab)
@@ -585,11 +587,15 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask)
585 audit_log_format(ab, " success=%s exit=%ld", 587 audit_log_format(ab, " success=%s exit=%ld",
586 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no", 588 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no",
587 context->return_code); 589 context->return_code);
590 if (current->signal->tty && current->signal->tty->name)
591 tty = current->signal->tty->name;
592 else
593 tty = "(none)";
588 audit_log_format(ab, 594 audit_log_format(ab,
589 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" 595 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d"
590 " pid=%d auid=%u uid=%u gid=%u" 596 " pid=%d auid=%u uid=%u gid=%u"
591 " euid=%u suid=%u fsuid=%u" 597 " euid=%u suid=%u fsuid=%u"
592 " egid=%u sgid=%u fsgid=%u", 598 " egid=%u sgid=%u fsgid=%u tty=%s",
593 context->argv[0], 599 context->argv[0],
594 context->argv[1], 600 context->argv[1],
595 context->argv[2], 601 context->argv[2],
@@ -600,7 +606,7 @@ static void audit_log_exit(struct audit_context *context, gfp_t gfp_mask)
600 context->uid, 606 context->uid,
601 context->gid, 607 context->gid,
602 context->euid, context->suid, context->fsuid, 608 context->euid, context->suid, context->fsuid,
603 context->egid, context->sgid, context->fsgid); 609 context->egid, context->sgid, context->fsgid, tty);
604 audit_log_task_info(ab, gfp_mask); 610 audit_log_task_info(ab, gfp_mask);
605 audit_log_end(ab); 611 audit_log_end(ab);
606 612