On Monday, October 17, 2016 12:51:53 PM EDT Richard Guy Briggs wrote:
> On 2016-10-17 12:04, Steve Grubb wrote:
> > On Monday, October 17, 2016 11:40:17 AM EDT Richard Guy Briggs wrote:
> > > Since sessionid is a new field for filter specification (but not
> > > reporting and searching), I blocked sessionid==-1 in the api for setting
> > > filters. This unfortunately makes it a different way to specify it than
> > > loginuid when it is not set.
> > Can we unblock that?
> Sure, then we would have two ways to express the same thing and ends up
> using in-band signalling which is what Eric was trying to avoid in the
> first place.
The plan would be to not use sessionid_set at all. Then we have one way to do
things. I doubt anyone is using either of the set functions. Just mark them
deprecated in the comments.
Linux-audit mailing list