diff options
author | Richard Guy Briggs <rgb@redhat.com> | 2013-11-15 11:29:02 -0500 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2014-01-13 22:31:15 -0500 |
commit | a06e56b2a11b5f7d5354b05988f97118c90580d2 (patch) | |
tree | 59b4f9bf0b0ea1764a97b39b0afcbb1a8ffd04b4 | |
parent | 04ee1a3b8f0584099370f8501ac785fd5d2ed6ff (diff) | |
download | blackbird-op-linux-a06e56b2a11b5f7d5354b05988f97118c90580d2.tar.gz blackbird-op-linux-a06e56b2a11b5f7d5354b05988f97118c90580d2.zip |
audit: log AUDIT_TTY_SET config changes
Log transition of config changes when AUDIT_TTY_SET is called, including both
enabled and log_passwd values now in the struct.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r-- | kernel/audit.c | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/kernel/audit.c b/kernel/audit.c index 2dc757354693..fdb8528ceca3 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -989,20 +989,38 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) break; } case AUDIT_TTY_SET: { - struct audit_tty_status s; + struct audit_tty_status s, old; struct task_struct *tsk = current; + struct audit_buffer *ab; + int res = 0; + + spin_lock(&tsk->sighand->siglock); + old.enabled = tsk->signal->audit_tty; + old.log_passwd = tsk->signal->audit_tty_log_passwd; + spin_unlock(&tsk->sighand->siglock); memset(&s, 0, sizeof(s)); /* guard against past and future API changes */ memcpy(&s, data, min_t(size_t, sizeof(s), nlmsg_len(nlh))); - if ((s.enabled != 0 && s.enabled != 1) || - (s.log_passwd != 0 && s.log_passwd != 1)) + if ((s.enabled == 0 || s.enabled == 1) && + (s.log_passwd == 0 || s.log_passwd == 1)) + res = 1; + audit_log_common_recv_msg(&ab, AUDIT_CONFIG_CHANGE); + audit_log_format(ab, " op=tty_set" + " old-enabled=%d old-log_passwd=%d" + " new-enabled=%d new-log_passwd=%d" + " res=%d", + old.enabled, old.log_passwd, + s.enabled, s.log_passwd, + res); + audit_log_end(ab); + if (res) { + spin_lock(&tsk->sighand->siglock); + tsk->signal->audit_tty = s.enabled; + tsk->signal->audit_tty_log_passwd = s.log_passwd; + spin_unlock(&tsk->sighand->siglock); + } else return -EINVAL; - - spin_lock(&tsk->sighand->siglock); - tsk->signal->audit_tty = s.enabled; - tsk->signal->audit_tty_log_passwd = s.log_passwd; - spin_unlock(&tsk->sighand->siglock); break; } default: |