[RFC PATCH 5/5] audit: use audit_set_enabled() in audit_enable()
Richard Guy Briggs
rgb at redhat.com
Sun Sep 3 04:52:53 UTC 2017
On 2017-09-01 09:45, Paul Moore wrote:
> From: Paul Moore <paul at paul-moore.com>
>
> Use audit_set_enabled() to enable auditing during early boot. This
> obviously won't emit an audit change record, but it will work anyway
> and should help prevent in future problems by consolidating the
> enable/disable code in one function.
>
> Signed-off-by: Paul Moore <paul at paul-moore.com>
Reviewed-by: Richard Guy Briggs <rgb at redhat.com>
> ---
> kernel/audit.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 01bf1e479a8c..842237f5182b 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -1574,8 +1574,8 @@ static int __init audit_enable(char *str)
>
> if (audit_default == AUDIT_OFF)
> audit_initialized = AUDIT_DISABLED;
> - audit_enabled = audit_default;
> - audit_ever_enabled = !!audit_enabled;
> + if (audit_set_enabled(audit_default))
> + panic("audit: error setting audit state (%d)\n", audit_default);
>
> pr_info("%s\n", audit_default ?
> "enabled (after initialization)" : "disabled (until reboot)");
>
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
- RGB
--
Richard Guy Briggs <rgb at redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
More information about the Linux-audit
mailing list