[PATCH] Add SELinux context and TTY name to AUDIT_TTY records
Miloslav Trmac
mitr at redhat.com
Thu Mar 19 17:18:00 UTC 2009
From: Miloslav Trmač <mitr at redhat.com>
Add SELinux context information and TTY name (consistent with the
AUDIT_SYSCALL record) to AUDIT_TTY. An example record after applying
this patch:
type=TTY msg=audit(1237480806.220:22): tty pid=2601 uid=0 auid=500 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0 major=136 minor=1 tty=pts1
comm="bash" data=6361740D
(line wrapped, new fields are "subj" and "tty".)
Signed-off-by: Miloslav Trmač <mitr at redhat.com>
---
drivers/char/tty_audit.c | 57 ++++++++++++++++++++++++-------------
1 file changed, 38 insertions(+), 19 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: audit-tty-more-fields.patch
Type: application/octet-stream
Size: 4652 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20090319/20d4a831/attachment.obj>
More information about the Linux-audit
mailing list