diff options
| author | Eric Paris <eparis@redhat.com> | 2009-06-11 14:31:37 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2009-06-24 00:00:52 -0400 |
| commit | 9d9609851003ebed15957f0f2ce18492739ee124 (patch) | |
| tree | 2c116865d2f239b5596b22a3a79eecc82f5e1299 /kernel/audit_tree.c | |
| parent | 35fe4d0b1b12286a81938e9c5fdfaf639ac0ce5b (diff) | |
Audit: clean up all op= output to include string quoting
A number of places in the audit system we send an op= followed by a string
that includes spaces. Somehow this works but it's just wrong. This patch
moves all of those that I could find to be quoted.
Example:
Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule
key="number2" list=4 res=0
Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule"
key="number2" list=4 res=0
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/audit_tree.c')
| -rw-r--r-- | kernel/audit_tree.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c index 1f6396d76687..3ff0731284a1 100644 --- a/kernel/audit_tree.c +++ b/kernel/audit_tree.c | |||
| @@ -441,13 +441,11 @@ static void kill_rules(struct audit_tree *tree) | |||
| 441 | if (rule->tree) { | 441 | if (rule->tree) { |
| 442 | /* not a half-baked one */ | 442 | /* not a half-baked one */ |
| 443 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); | 443 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); |
| 444 | audit_log_format(ab, "op=remove rule dir="); | 444 | audit_log_format(ab, "op="); |
| 445 | audit_log_string(ab, "remove rule"); | ||
| 446 | audit_log_format(ab, " dir="); | ||
| 445 | audit_log_untrustedstring(ab, rule->tree->pathname); | 447 | audit_log_untrustedstring(ab, rule->tree->pathname); |
| 446 | if (rule->filterkey) { | 448 | audit_log_key(ab, rule->filterkey); |
| 447 | audit_log_format(ab, " key="); | ||
| 448 | audit_log_untrustedstring(ab, rule->filterkey); | ||
| 449 | } else | ||
| 450 | audit_log_format(ab, " key=(null)"); | ||
| 451 | audit_log_format(ab, " list=%d res=1", rule->listnr); | 449 | audit_log_format(ab, " list=%d res=1", rule->listnr); |
| 452 | audit_log_end(ab); | 450 | audit_log_end(ab); |
| 453 | rule->tree = NULL; | 451 | rule->tree = NULL; |