The attached patch adds a new function audit_log_user_avc_message_fmt
that behaves just like audit_log_user_avc_message, but takes a format
string and argument list instead of a fixed message string.
This change will make it easier to use libaudit from SElinux userspace
object managers, since the libselinux logging callback takes a
format-string and variable length list.
If desired, I can send a patch to introduce this alternative for the
other calls as well.
Signed-off-by: Eamon Walsh <[EMAIL PROTECTED]>
docs/audit_log_user_avc_message.3 | 12 +++++++++++-
lib/audit_logging.c | 25 +++++++++++++++++++++++++
lib/libaudit.h | 3 +++
3 files changed, 39 insertions(+), 1 deletion(-)
--
Eamon Walsh <[EMAIL PROTECTED]>
National Security Agency
diff -Naur audit-old/docs/audit_log_user_avc_message.3 audit-new/docs/audit_log_user_avc_message.3
--- audit-old/docs/audit_log_user_avc_message.3 2006-09-08 21:36:27.000000000 -0400
+++ audit-new/docs/audit_log_user_avc_message.3 2006-09-08 21:22:34.000000000 -0400
@@ -6,6 +6,9 @@
.sp
.B int audit_log_user_avc_message(int audit_fd, int type, const char *message,
const char *hostname, const char *addr, const char *tty, uid_t uid)
+.sp
+.B int audit_log_user_avc_message_fmt(int audit_fd, int type, const char *fmt,
+va_list ap, const char *hostname, const char *addr, const char *tty, uid_t uid)
.SH DESCRIPTION
@@ -19,7 +22,14 @@
addr - The network address of the user
tty - The tty of the user, if NULL will attempt to figure out
uid - The auid of the person related to the avc message
-.if
+.fi
+
+The audit_log_user_avc_message_fmt function provides for a format string and variable-length argument list in place of the message parameter:
+
+.nf
+fmt - message format string, suitable for passing to vsprintf(3)
+ap - argument list corresponding to format string
+.fi
.SH "RETURN VALUE"
diff -Naur audit-old/lib/audit_logging.c audit-new/lib/audit_logging.c
--- audit-old/lib/audit_logging.c 2006-09-08 21:36:27.000000000 -0400
+++ audit-new/lib/audit_logging.c 2006-09-08 21:07:42.000000000 -0400
@@ -437,6 +437,31 @@
}
/*
+ * This function behaves identically to audit_log_user_avc_message, except
+ * allows for a message format-string and variable-length list of arguments.
+ *
+ * audit_fd - The fd returned by audit_open
+ * type - type of message, ex: AUDIT_USER, AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN
+ * fmt - format string for the message being sent
+ * ap - list of arguments corresponding to the format string
+ * hostname - the hostname if known
+ * addr - The network address of the user
+ * tty - The tty of the user
+ * uid - The auid of the person related to the avc message
+ *
+ * It returns the sequence number which is > 0 on success or <= 0 on error.
+ */
+int audit_log_user_avc_message_fmt(int audit_fd, int type, const char *fmt,
+ va_list ap, const char *hostname, const char *addr, const char *tty,
+ uid_t uid)
+{
+ char buf[MAX_AUDIT_MESSAGE_LENGTH];
+ vsnprintf(buf, sizeof(buf), fmt, ap);
+ return audit_log_user_avc_message(audit_fd, type, buf, hostname,
+ addr, tty, uid);
+}
+
+/*
* This function will log a message to the audit system using a predefined
* message format. It should be used for all SE linux user and role
* manipulation operations.
diff -Naur audit-old/lib/libaudit.h audit-new/lib/libaudit.h
--- audit-old/lib/libaudit.h 2006-08-26 13:37:45.000000000 -0400
+++ audit-new/lib/libaudit.h 2006-09-08 21:06:21.000000000 -0400
@@ -434,6 +434,9 @@
extern int audit_log_user_avc_message(int audit_fd, int type,
const char *message, const char *hostname, const char *addr,
const char *tty, uid_t uid);
+extern int audit_log_user_avc_message_fmt(int audit_fd, int type,
+ const char *fmt, va_list ap, const char *hostname, const char *addr,
+ const char *tty, uid_t uid);
extern int audit_log_semanage_message(int audit_fd, int type,
const char *pgname, const char *op, const char *name, unsigned int id,
const char *new_seuser, const char *new_role, const char *new_range,
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
