[PATCH 1/7] audit: implement generic feature setting and retrieving
Steve Grubb
sgrubb at redhat.com
Tue Jul 9 22:08:08 UTC 2013
On Friday, May 24, 2013 12:11:44 PM Eric Paris wrote:
> +static void audit_log_feature_change(int which, u32 old_feature, u32
> new_feature, + u32 old_lock, u32 new_lock, int res)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_FEATURE_CHANGE);
> + audit_log_format(ab, "feature=%s new=%d old=%d old_lock=%d new_lock=%d
> res=%d", + audit_feature_names[which], !!old_feature,
!!new_feature,
> + !!old_lock, !!new_lock, res);
> + audit_log_end(ab);
> +}
Shouldn't we be recording all the subjecting information? The above would be
the object and results. But we need the "who" part.
-Steve
More information about the Linux-audit
mailing list