On Thu, 15 Aug 2019, Aaron Goidel wrote: > In SELinux this new information is leveraged here to perform an > additional inode based check for capabilities relevant to inodes. Since > the inode provided to capable_wrt_inode_uidgid() is a const argument, > this also required propagating const down to dump_common_audit_data() and > dropping the use of d_find_alias() to find an alias for the inode. This > was sketchy to begin with and should be obsoleted by a separate change > that will allow LSMs to trigger audit collection for all file-related > information.
Will the audit logs look the same once the 2nd patch is applied? We need to be careful about breaking existing userland. -- James Morris <jmor...@namei.org> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit