[PATCH v2] [AUDIT] Add uid, gid fields to ANOM_PROMISCUOUS message
Eric Paris
eparis at redhat.com
Thu Jan 10 20:05:53 UTC 2008
On Thu, 2008-01-10 at 17:44 -0200, Klaus Heinrich Kiwi wrote:
> Changes the ANOM_PROMISCUOUS message to include uid and gid fields,
> making it consistent with other AUDIT_ANOM_ messages and in the
> format the userspace is expecting.
I'll fix up the fact that audit_get_loginuid() and friends now take a
task rather than an audit context and push it along.
Thanks.
-Eric
>
> Signed-off-by: Klaus Heinrich Kiwi <klausk at br.ibm.com>
> ---
> net/core/dev.c | 16 +++++++++-------
> 1 files changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 0848da3..73476be 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -2757,13 +2757,15 @@ static void __dev_set_promiscuity(struct net_device *dev, int inc)
> printk(KERN_INFO "device %s %s promiscuous mode\n",
> dev->name, (dev->flags & IFF_PROMISC) ? "entered" :
> "left");
> - audit_log(current->audit_context, GFP_ATOMIC,
> - AUDIT_ANOM_PROMISCUOUS,
> - "dev=%s prom=%d old_prom=%d auid=%u ses=%u",
> - dev->name, (dev->flags & IFF_PROMISC),
> - (old_flags & IFF_PROMISC),
> - audit_get_loginuid(current->audit_context),
> - audit_get_sessionid(current->audit_context));
> + if (audit_enabled)
> + audit_log(current->audit_context, GFP_ATOMIC,
> + AUDIT_ANOM_PROMISCUOUS,
> + "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u",
> + dev->name, (dev->flags & IFF_PROMISC),
> + (old_flags & IFF_PROMISC),
> + audit_get_loginuid(current->audit_context),
> + current->uid, current->gid,
> + audit_get_sessionid(current->audit_context));
>
> if (dev->change_rx_flags)
> dev->change_rx_flags(dev, IFF_PROMISC);
> --
> 1.5.3.7
>
>
More information about the Linux-audit
mailing list