Commit 036bbf76 authored by zhangxiliang's avatar zhangxiliang Committed by Al Viro
Browse files

Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages



> shouldn't these be using the "audit_get_loginuid(current)"  and if we
> are going to output loginuid we also should be outputting sessionid

Thanks for your detailed explanation.
I have made a new patch for outputing "loginuid" and "sessionid" by audit_get_loginuid(current) and audit_get_sessionid(current).
If there are some deficiencies, please give me your indication.
Signed-off-by: default avatarZhang Xiliang <zhangxiliang@cn.fujitsu.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 1d6c9649
......@@ -1022,8 +1022,11 @@ static void audit_update_watch(struct audit_parent *parent,
struct audit_buffer *ab;
ab = audit_log_start(NULL, GFP_KERNEL,
AUDIT_CONFIG_CHANGE);
audit_log_format(ab, "auid=%u ses=%u",
audit_get_loginuid(current),
audit_get_sessionid(current));
audit_log_format(ab,
"op=updated rules specifying path=");
" op=updated rules specifying path=");
audit_log_untrustedstring(ab, owatch->path);
audit_log_format(ab, " with dev=%u ino=%lu\n",
dev, ino);
......@@ -1058,7 +1061,10 @@ static void audit_remove_parent_watches(struct audit_parent *parent)
struct audit_buffer *ab;
ab = audit_log_start(NULL, GFP_KERNEL,
AUDIT_CONFIG_CHANGE);
audit_log_format(ab, "op=remove rule path=");
audit_log_format(ab, "auid=%u ses=%u",
audit_get_loginuid(current),
audit_get_sessionid(current));
audit_log_format(ab, " op=remove rule path=");
audit_log_untrustedstring(ab, w->path);
if (r->filterkey) {
audit_log_format(ab, " key=");
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment