[RFC][PATCH 2/2] file system auditing
Timothy R. Chavez
tinytim at us.ibm.com
Tue Apr 5 22:45:17 UTC 2005
On Tuesday 05 April 2005 05:37 pm, you wrote:
> On Tue, 2005-04-05 at 17:20 -0500, Timothy R. Chavez wrote:
> > --- linux-2.6.12-rc2-mm1/security/selinux/nlmsgtab.c 2005-03-02
> > 01:38:19.000000000 -0600 +++
> > linux-2.6.12-rc2-mm1~audit/security/selinux/nlmsgtab.c 2005-04-05
> > 13:16:26.000000000 -0500 @@ -98,6 +98,8 @@ static struct nlmsg_perm
> > nlmsg_audit_per
> > { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> > { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> > { AUDIT_LOGIN, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> > + { AUDIT_WATCH_INS, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> > + { AUDIT_WATCH_REM, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> > };
>
> Do you not need to add AUDIT_WATCH_LIST to this?
Oh yes, that's right. I'm not sure its pertinent ATM. The feature isn't
supported in the downloadable version of the user space tools yet. But
regardless, it should be added. Thanks David.
-tim
More information about the Linux-audit
mailing list