Add an audit_inode() hook to mq_open() so audit will log the object
label for an existing POSIX message queue. Without this patch, audit
only logs the object label when a new message queue is created.
Untested patch against lspp.63 kernel.
Signed-off-by: Amy Griffis <[EMAIL PROTECTED]>
---
diff -Nrup linux-2.6.18.x86_64/ipc/mqueue.c linux-2.6.18.x86_64-amg/ipc/mqueue.c
--- linux-2.6.18.x86_64/ipc/mqueue.c 2007-01-23 17:17:06.000000000 -0500
+++ linux-2.6.18.x86_64-amg/ipc/mqueue.c 2007-01-23 18:25:25.000000000
-0500
@@ -642,6 +642,7 @@ static int oflag2acc[O_ACCMODE] = { MAY_
return ERR_PTR(-EINVAL);
}
+ audit_inode(dentry->d_name.name, dentry->d_inode);
if (permission(dentry->d_inode, oflag2acc[oflag & O_ACCMODE], NULL)) {
dput(dentry);
mntput(mqueue_mnt);
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
