diff options
| author | zhangxiliang <zhangxiliang@cn.fujitsu.com> | 2008-07-31 21:47:01 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-08-01 12:15:03 -0400 |
| commit | 036bbf76ad9f83781590623111b80ba0b82930ac (patch) | |
| tree | 077b5464efa36ff4588870498ba54ef3bca319a4 /kernel | |
| parent | 1d6c9649e236caa2e93e3647256216e57172b011 (diff) | |
Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages
> shouldn't these be using the "audit_get_loginuid(current)" and if we
> are going to output loginuid we also should be outputting sessionid
Thanks for your detailed explanation.
I have made a new patch for outputing "loginuid" and "sessionid" by audit_get_loginuid(current) and audit_get_sessionid(current).
If there are some deficiencies, please give me your indication.
Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditfilter.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 98c50cc671bb..b7d354e2b0ef 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c | |||
| @@ -1022,8 +1022,11 @@ static void audit_update_watch(struct audit_parent *parent, | |||
| 1022 | struct audit_buffer *ab; | 1022 | struct audit_buffer *ab; |
| 1023 | ab = audit_log_start(NULL, GFP_KERNEL, | 1023 | ab = audit_log_start(NULL, GFP_KERNEL, |
| 1024 | AUDIT_CONFIG_CHANGE); | 1024 | AUDIT_CONFIG_CHANGE); |
| 1025 | audit_log_format(ab, "auid=%u ses=%u", | ||
| 1026 | audit_get_loginuid(current), | ||
| 1027 | audit_get_sessionid(current)); | ||
| 1025 | audit_log_format(ab, | 1028 | audit_log_format(ab, |
| 1026 | "op=updated rules specifying path="); | 1029 | " op=updated rules specifying path="); |
| 1027 | audit_log_untrustedstring(ab, owatch->path); | 1030 | audit_log_untrustedstring(ab, owatch->path); |
| 1028 | audit_log_format(ab, " with dev=%u ino=%lu\n", | 1031 | audit_log_format(ab, " with dev=%u ino=%lu\n", |
| 1029 | dev, ino); | 1032 | dev, ino); |
| @@ -1058,7 +1061,10 @@ static void audit_remove_parent_watches(struct audit_parent *parent) | |||
| 1058 | struct audit_buffer *ab; | 1061 | struct audit_buffer *ab; |
| 1059 | ab = audit_log_start(NULL, GFP_KERNEL, | 1062 | ab = audit_log_start(NULL, GFP_KERNEL, |
| 1060 | AUDIT_CONFIG_CHANGE); | 1063 | AUDIT_CONFIG_CHANGE); |
| 1061 | audit_log_format(ab, "op=remove rule path="); | 1064 | audit_log_format(ab, "auid=%u ses=%u", |
| 1065 | audit_get_loginuid(current), | ||
| 1066 | audit_get_sessionid(current)); | ||
| 1067 | audit_log_format(ab, " op=remove rule path="); | ||
| 1062 | audit_log_untrustedstring(ab, w->path); | 1068 | audit_log_untrustedstring(ab, w->path); |
| 1063 | if (r->filterkey) { | 1069 | if (r->filterkey) { |
| 1064 | audit_log_format(ab, " key="); | 1070 | audit_log_format(ab, " key="); |