Skip to content

Commit

Permalink
audit: include subject in login records
Browse files Browse the repository at this point in the history 
The login uid change record does not include the selinux context of the
task logging in.  Add that information.

(Updated from 2011-01: RHBZ:670328 -- RGB)

Reported-by: Steve Grubb <[email protected]>
Acked-by: James Morris <[email protected]>
Signed-off-by: Eric Paris <[email protected]>
Signed-off-by: Aristeu Rozanski <[email protected]>
Signed-off-by: Richard Guy Briggs <[email protected]>
  • Loading branch information
@eparis
eparis committed Mar 20, 2014
1 parent aa589a1 commit ddfad8a
Showing 1 changed file with 4 additions and 6 deletions.
10 changes: 4 additions & 6 deletions kernel/auditsc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2050,12 +2050,10 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);
if (!ab)
return;
audit_log_format(ab, "pid=%d uid=%u"
" old-auid=%u auid=%u old-ses=%u ses=%u"
" res=%d",
task_pid_nr(current), uid,
oldloginuid, loginuid, oldsessionid, sessionid,
!rc);
audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid);
audit_log_task_context(ab);
audit_log_format(ab, " old-auid=%u auid=%u old-ses=%u ses=%u res=%d",
oldloginuid, loginuid, oldsessionid, sessionid, !rc);
audit_log_end(ab);
}

Expand Down

0 comments on commit ddfad8a

Please sign in to comment.