On Thu, 2006-09-28 at 16:50 -0500, Michael C Thompson wrote: > This patch introduces two new point in the code where audit records are > generated for newrole. Both points are when the attempt to newrole fails. > > The first point is when the default type could not be determine for the > specified role - this is audited because, as sgrubb pointed out, it is > currently non-tracked path to probe the policy. > > The second point is when the desired context to change to is invalid. > > There record format remains unchanged. Failing to validate the desired > context will result in the old and new contexts being recorded intact to > the log. For the default type, the old and new contexts have not yet > been obtained, so they are recorded in the log as XXX_context=? > > Changes since version 2 of the patch: > * Added __attribute__((unused)) to "no-op" inline > > Changes since version 1 of the patch: > * removed wrapping #ifdefs around send_audit_message() > * provided a "no-op" style function > * removed -D_GNU_SOURCE from the Makefile (as its defined in the code) > * fixed the error path of the send_audit_message function > > The solution that I have for the "no-op" function is not that pretty, > but the Makefile is configured with -Werror and a function which doesn't > use its parameters causes warnings. Is there a better solution to this > problem? > > Signed-off-by: Michael Thompson <[EMAIL PROTECTED]>
Acked-by: Stephen Smalley <[EMAIL PROTECTED]> -- Stephen Smalley National Security Agency -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
