[PATCH 1/2] audit string fields interface + consumer
Stephen Smalley
sds at tycho.nsa.gov
Fri Jan 13 14:58:07 UTC 2006
On Wed, 2006-01-11 at 14:02 -0500, Amy Griffis wrote:
> Modify audit's kernel-userspace interface to allow the specification
> of string fields in audit rules.
>
> Signed-off-by: Amy Griffis <amy.griffis at hp.com>
> diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
> index d7c0e91..7315824 100644
> --- a/security/selinux/nlmsgtab.c
> +++ b/security/selinux/nlmsgtab.c
> @@ -99,6 +99,9 @@ static struct nlmsg_perm nlmsg_audit_per
> { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
> { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> + { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
> + { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> + { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
> { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
> };
The SELinux part looks fine, thanks.
Acked-by: Stephen Smalley <sds at tycho.nsa.gov>
--
Stephen Smalley
National Security Agency
More information about the Linux-audit
mailing list