[PATCH] make it match explicitly when use option '-a', '-A' and '-d' to specify "list,action"
Yu Zhiguo
yuzg at cn.fujitsu.com
Wed Jul 30 06:32:19 UTC 2008
Hello Steve,
What your opinion about this patch?
Perhaps you think we'd better be compatible with the manpage now.
So I made another patch according to the introduction of manpage.
Whether there is a comma should be check because it is said in
the manpage:
Please note the comma separating the two values. Omitting it
will cause errors.
Then 'list' and 'action' will be obtained separately.
Do you agree with me? This is the new patch for latest code in
audit SVN project.
Signed-off-by: Yu Zhiguo<yuzg at cn.fujitsu.com>
---
src/auditctl.c | 28 +++++++++++++++++++---------
1 files changed, 19 insertions(+), 9 deletions(-)
diff --git a/src/auditctl.c b/src/auditctl.c
index d740509..dbd086e 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -172,31 +172,41 @@ static void usage(void)
static int audit_rule_setup(const char *opt, int *flags, int *act)
{
static int multiple = 0;
+ char *p;
if (++multiple != 1)
return 3;
- if (strstr(opt, "task"))
+ /* comma separating */
+ p = strchr(opt, ',');
+ if (!p || strchr(p + 1, ','))
+ return 2;
+
+ /* obtain list */
+ if (!strncmp(opt, "task", p - opt))
*flags = AUDIT_FILTER_TASK;
- else if (strstr(opt, "entry"))
+ else if (!strncmp(opt, "entry", p - opt))
*flags = AUDIT_FILTER_ENTRY;
- else if (strstr(opt, "exit"))
+ else if (!strncmp(opt, "exit", p - opt))
*flags = AUDIT_FILTER_EXIT;
- else if (strstr(opt, "user"))
+ else if (!strncmp(opt, "user", p - opt))
*flags = AUDIT_FILTER_USER;
- else if (strstr(opt, "exclude")) {
+ else if (!strncmp(opt, "exclude", p - opt)) {
*flags = AUDIT_FILTER_EXCLUDE;
exclude = 1;
} else
return 2;
- if (strstr(opt, "never"))
+
+ /* obtain action */
+ if (!strcmp(p + 1, "always"))
+ *act = AUDIT_ALWAYS;
+ else if (!strcmp(p + 1, "never"))
*act = AUDIT_NEVER;
- else if (strstr(opt, "possible"))
+ else if (!strcmp(p + 1, "possible"))
return 1;
- else if (strstr(opt, "always"))
- *act = AUDIT_ALWAYS;
else
return 2;
+
return 0;
}
More information about the Linux-audit
mailing list