summaryrefslogtreecommitdiffstats
path: root/security/selinux/selinuxfs.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-01-08 10:06:53 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2008-02-01 14:06:51 -0500
commit4746ec5b01ed07205a91e4f7ed9de9d70f371407 (patch)
tree7a3a836b6178ccab24801e90b69c1159b2c23099 /security/selinux/selinuxfs.c
parentc2a7780efe37d01bdb3facc85a94663e6d67d4a8 (diff)
downloadblackbird-op-linux-4746ec5b01ed07205a91e4f7ed9de9d70f371407.tar.gz
blackbird-op-linux-4746ec5b01ed07205a91e4f7ed9de9d70f371407.zip
[AUDIT] add session id to audit messages
In order to correlate audit records to an individual login add a session id. This is incremented every time a user logs in and is included in almost all messages which currently output the auid. The field is labeled ses= or oses= Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/selinuxfs.c')
-rw-r--r--security/selinux/selinuxfs.c17
1 files changed, 10 insertions, 7 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index bee969432979..0341567665b3 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -172,9 +172,10 @@ static ssize_t sel_write_enforce(struct file * file, const char __user * buf,
if (length)
goto out;
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
- "enforcing=%d old_enforcing=%d auid=%u", new_value,
- selinux_enforcing,
- audit_get_loginuid(current));
+ "enforcing=%d old_enforcing=%d auid=%u ses=%u",
+ new_value, selinux_enforcing,
+ audit_get_loginuid(current),
+ audit_get_sessionid(current));
selinux_enforcing = new_value;
if (selinux_enforcing)
avc_ss_reset(0);
@@ -243,8 +244,9 @@ static ssize_t sel_write_disable(struct file * file, const char __user * buf,
if (length < 0)
goto out;
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
- "selinux=0 auid=%u",
- audit_get_loginuid(current));
+ "selinux=0 auid=%u ses=%u",
+ audit_get_loginuid(current),
+ audit_get_sessionid(current));
}
length = count;
@@ -356,8 +358,9 @@ out1:
(security_get_allow_unknown() ? "allow" : "deny")));
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
- "policy loaded auid=%u",
- audit_get_loginuid(current));
+ "policy loaded auid=%u ses=%u",
+ audit_get_loginuid(current),
+ audit_get_sessionid(current));
out:
mutex_unlock(&sel_mutex);
vfree(data);
OpenPOWER on IntegriCloud