[PATCH 2/2] audit: add "on"/"off" as valid boot parameter values

Greg Edwards gedwards at ddn.com
Fri Feb 23 00:22:07 UTC 2018 

Modify the "audit" boot parameter to also accept "on" or "off" as valid
parameter values.  Update the documentation accordingly.

Signed-off-by: Greg Edwards <gedwards at ddn.com>
---
 Documentation/admin-guide/kernel-parameters.txt | 14 +++++++-------
 kernel/audit.c                                  |  9 +++++----
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 1d1d53f85ddd..0b926779315c 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -389,15 +389,15 @@
 			Use software keyboard repeat
 
 	audit=		[KNL] Enable the audit sub-system
-			Format: { "0" | "1" } (0 = disabled, 1 = enabled)
-			0 - kernel audit is disabled and can not be enabled
-			    until the next reboot
+			Format: { "0" | "1" | "off" | "on" }
+			0 | off - kernel audit is disabled and can not be
+			    enabled until the next reboot
 			unset - kernel audit is initialized but disabled and
 			    will be fully enabled by the userspace auditd.
-			1 - kernel audit is initialized and partially enabled,
-			    storing at most audit_backlog_limit messages in
-			    RAM until it is fully enabled by the userspace
-			    auditd.
+			1 | on - kernel audit is initialized and partially
+			    enabled, storing at most audit_backlog_limit
+			    messages in RAM until it is fully enabled by the
+			    userspace auditd.
 			Default: unset
 
 	audit_backlog_limit= [KNL] Set the audit queue size limit.
diff --git a/kernel/audit.c b/kernel/audit.c
index 3fb11bcb4408..8c8304a3ea8f 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1534,15 +1534,16 @@ static struct pernet_operations audit_net_ops __net_initdata = {
 /* Process kernel command-line parameter at boot time.  audit=0 or audit=1. */
 static void __init audit_enable(void)
 {
-	long val;
-
 	if (!audit_boot)
 		return;
 
-	if (kstrtol(audit_boot, 0, &val))
+	if (!strcmp(audit_boot, "1") || !strcmp(audit_boot, "on"))
+		audit_default = AUDIT_ON;
+	else if (!strcmp(audit_boot, "0") || !strcmp(audit_boot, "off"))
+		audit_default = AUDIT_OFF;
+	else
 		panic("audit: invalid 'audit' parameter value (%s)\n",
 		      audit_boot);
-	audit_default = (val ? AUDIT_ON : AUDIT_OFF);
 
 	if (audit_default == AUDIT_OFF)
 		audit_initialized = AUDIT_DISABLED;
-- 
2.14.3

More information about the Linux-audit mailing list