Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ddfad8af authored by Eric Paris's avatar Eric Paris
Browse files

audit: include subject in login records 



The login uid change record does not include the selinux context of the
task logging in.  Add that information.

(Updated from 2011-01: RHBZ:670328 -- RGB)

Reported-by: default avatarSteve Grubb <sgrubb@redhat.com>
Acked-by: default avatarJames Morris <jmorris@redhat.com>
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarAristeu Rozanski <arozansk@redhat.com>
Signed-off-by: default avatarRichard Guy Briggs <rgb@redhat.com>
parent aa589a13

kernel/auditsc.c

+4 −6
Original line number Diff line number Diff line
@@ -2050,12 +2050,10 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid, 
	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);

	if (!ab)

		return;

	audit_log_format(ab, "pid=%d uid=%u"

			 " old-auid=%u auid=%u old-ses=%u ses=%u"

			 " res=%d",

			 task_pid_nr(current), uid,

			 oldloginuid, loginuid, oldsessionid, sessionid,

			 !rc);

	audit_log_format(ab, "pid=%d uid=%u", task_pid_nr(current), uid);

	audit_log_task_context(ab);

	audit_log_format(ab, " old-auid=%u auid=%u old-ses=%u ses=%u res=%d",

			 oldloginuid, loginuid, oldsessionid, sessionid, !rc);

	audit_log_end(ab);

}