[redhat-lspp] auditing labeled ipsec
Joy Latten
latten at austin.ibm.com
Wed Oct 11 21:43:16 UTC 2006
On Wed, 2006-10-11 at 16:58 -0400, Paul Moore wrote:
> Joy Latten wrote:
> > Linux provides two apis to add/delete/manage SAs and spd.
> > One is netlink which was extended to do key management. The
> > other is pfkeyv2, which our setkey and racoon uses.
> >
> > With all that said, I am not able to figure out how to get "auid" from
> > pfkeyv2? I can use NETLINK_CB(skb).loginuid to get it when netlink is
> > used, but I don't think I can use this for pfkeyv2 since I am not using
> > netlink headers. I am using pfkey message headers, such as sadb_msg,
> > which don't include this.
> >
> > Any ideas or suggestions?
>
> While it's been a looong time since I looked at PFKEY I believe you can get away
> with plucking the loginuid from the current task, yes? no?
>
I was also wondering if that would be ok?
Joy
More information about the redhat-lspp
mailing list