diff options
author | Eric Paris <eparis@redhat.com> | 2008-01-08 10:06:53 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-02-01 14:06:51 -0500 |
commit | 4746ec5b01ed07205a91e4f7ed9de9d70f371407 (patch) | |
tree | 7a3a836b6178ccab24801e90b69c1159b2c23099 /security/selinux/selinuxfs.c | |
parent | c2a7780efe37d01bdb3facc85a94663e6d67d4a8 (diff) | |
download | blackbird-op-linux-4746ec5b01ed07205a91e4f7ed9de9d70f371407.tar.gz blackbird-op-linux-4746ec5b01ed07205a91e4f7ed9de9d70f371407.zip |
[AUDIT] add session id to audit messages
In order to correlate audit records to an individual login add a session
id. This is incremented every time a user logs in and is included in
almost all messages which currently output the auid. The field is
labeled ses= or oses=
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/selinuxfs.c')
-rw-r--r-- | security/selinux/selinuxfs.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index bee969432979..0341567665b3 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -172,9 +172,10 @@ static ssize_t sel_write_enforce(struct file * file, const char __user * buf, if (length) goto out; audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, - "enforcing=%d old_enforcing=%d auid=%u", new_value, - selinux_enforcing, - audit_get_loginuid(current)); + "enforcing=%d old_enforcing=%d auid=%u ses=%u", + new_value, selinux_enforcing, + audit_get_loginuid(current), + audit_get_sessionid(current)); selinux_enforcing = new_value; if (selinux_enforcing) avc_ss_reset(0); @@ -243,8 +244,9 @@ static ssize_t sel_write_disable(struct file * file, const char __user * buf, if (length < 0) goto out; audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, - "selinux=0 auid=%u", - audit_get_loginuid(current)); + "selinux=0 auid=%u ses=%u", + audit_get_loginuid(current), + audit_get_sessionid(current)); } length = count; @@ -356,8 +358,9 @@ out1: (security_get_allow_unknown() ? "allow" : "deny"))); audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, - "policy loaded auid=%u", - audit_get_loginuid(current)); + "policy loaded auid=%u ses=%u", + audit_get_loginuid(current), + audit_get_sessionid(current)); out: mutex_unlock(&sel_mutex); vfree(data); |