On Monday, October 17, 2016 12:51:53 PM EDT Richard Guy Briggs wrote: > On 2016-10-17 12:04, Steve Grubb wrote: > > On Monday, October 17, 2016 11:40:17 AM EDT Richard Guy Briggs wrote: > > > Since sessionid is a new field for filter specification (but not > > > reporting and searching), I blocked sessionid==-1 in the api for setting > > > filters. This unfortunately makes it a different way to specify it than > > > loginuid when it is not set. > > > > Can we unblock that? > > Sure, then we would have two ways to express the same thing and ends up > using in-band signalling which is what Eric was trying to avoid in the > first place.
The plan would be to not use sessionid_set at all. Then we have one way to do things. I doubt anyone is using either of the set functions. Just mark them deprecated in the comments. -Steve -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
