mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 03:36:19 +00:00
Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages
> shouldn't these be using the "audit_get_loginuid(current)" and if we > are going to output loginuid we also should be outputting sessionid Thanks for your detailed explanation. I have made a new patch for outputing "loginuid" and "sessionid" by audit_get_loginuid(current) and audit_get_sessionid(current). If there are some deficiencies, please give me your indication. Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
1d6c9649e2
commit
036bbf76ad
1 changed files with 8 additions and 2 deletions
|
@ -1022,8 +1022,11 @@ static void audit_update_watch(struct audit_parent *parent,
|
|||
struct audit_buffer *ab;
|
||||
ab = audit_log_start(NULL, GFP_KERNEL,
|
||||
AUDIT_CONFIG_CHANGE);
|
||||
audit_log_format(ab, "auid=%u ses=%u",
|
||||
audit_get_loginuid(current),
|
||||
audit_get_sessionid(current));
|
||||
audit_log_format(ab,
|
||||
"op=updated rules specifying path=");
|
||||
" op=updated rules specifying path=");
|
||||
audit_log_untrustedstring(ab, owatch->path);
|
||||
audit_log_format(ab, " with dev=%u ino=%lu\n",
|
||||
dev, ino);
|
||||
|
@ -1058,7 +1061,10 @@ static void audit_remove_parent_watches(struct audit_parent *parent)
|
|||
struct audit_buffer *ab;
|
||||
ab = audit_log_start(NULL, GFP_KERNEL,
|
||||
AUDIT_CONFIG_CHANGE);
|
||||
audit_log_format(ab, "op=remove rule path=");
|
||||
audit_log_format(ab, "auid=%u ses=%u",
|
||||
audit_get_loginuid(current),
|
||||
audit_get_sessionid(current));
|
||||
audit_log_format(ab, " op=remove rule path=");
|
||||
audit_log_untrustedstring(ab, w->path);
|
||||
if (r->filterkey) {
|
||||
audit_log_format(ab, " key=");
|
||||
|
|
Loading…
Reference in a new issue