pam_tty_audit icanon log switch
Miloslav Trmač
mitr at redhat.com
Thu Apr 18 19:31:36 UTC 2013
Hello,
----- Original Message -----
> Full replacement patch:
I'm still convinced that icanon is not the correct condition, see https://www.redhat.com/archives/linux-audit/2013-March/msg00052.html .
> diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
> index 9f096f1..a863669 100644
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@ -369,7 +369,8 @@ struct audit_status {
> };
>
> struct audit_tty_status {
> - __u32 enabled; /* 1 = enabled, 0 = disabled */
> + __u32 enabled; /* 1 = enabled, 0 = disabled */
> + __u32 log_icanon; /* 1 = enabled, 0 = disabled */
> };
Also, would it make sense for the user-space API to be more general about expressing the intent ("log passwords")? I don't know, being precise about the exact effect of the option is also beneficial.
Mirek
More information about the Linux-audit
mailing list