Audit issue
Steve Grubb
sgrubb at redhat.com
Thu Nov 8 14:27:13 UTC 2007
On Thursday 08 November 2007 09:19:26 Alexander Viro wrote:
> Have fun...
Thanks for posting this patch. Is it impossible to "repair " processes by
simply adding a context if the pointer is NULL?
> diff --git a/kernel/audit.c b/kernel/audit.c
> index f93c271..83227f8 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -70,6 +70,7 @@ static int audit_initialized;
> * 1 - auditing enabled
> * 2 - auditing enabled and configuration is locked/unchangeable. */
> int audit_enabled;
> +int audit_ever_enabled;
>
> /* Default state when kernel boots without any parameters. */
> static int audit_default;
> @@ -965,6 +968,7 @@ static int __init audit_init(void)
> skb_queue_head_init(&audit_skb_queue);
> audit_initialized = 1;
> audit_enabled = audit_default;
> + audit_ever_enabled |= !!audit_default;
Should the declaration of audit_ever_enabled set a default value like 0 since
this is being or'ed in? Or should this just be an assignment?
-Steve
More information about the Linux-audit
mailing list