On 14 June 2014 03:02, Richard Guy Briggs r...@redhat.com wrote:
On 14/04/02, Richard Guy Briggs wrote:
On 14/04/02, Mimi Zohar wrote:
On Wed, 2014-04-02 at 14:18 -0400, Eric Paris wrote:
On Wed, 2014-04-02 at 14:12 -0400, Mimi Zohar wrote:
On Wed, 2014-04-02 at 14:00 -0400, Steve Grubb
Replace spaces in op keyword labels in log output since userspace audit tools
can't parse orphaned keywords.
Reported-by: Steve Grubb sgr...@redhat.com
Signed-off-by: Richard Guy Briggs r...@redhat.com
---
security/integrity/ima/ima_appraise.c |2 +-
security/integrity/ima/ima_policy.c |
audit_net_id isn't used outside kernel/audit.c. Reduce its scope.
Signed-off-by: Richard Guy Briggs r...@redhat.com
---
kernel/audit.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 59c0bbe..bdd0172 100644
--- a/kernel/audit.c
+++
audit_log_fcaps() isn't used outside kernel/audit.c. Reduce its scope.
Signed-off-by: Richard Guy Briggs r...@redhat.com
---
kernel/audit.c |2 +-
kernel/audit.h |1 -
2 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index bdd0172..3225a5d
Since only one of val, uid and gid are used at any given time, combine them to
reduce the size of the struct audit_field.
Signed-off-by: Richard Guy Briggs r...@redhat.com
---
include/linux/audit.h |8 +---
kernel/auditfilter.c |2 --
2 files changed, 5 insertions(+), 5 deletions(-)
On Sat, 2014-06-14 at 13:53 +0200, Laurent Bigonville wrote:
Le Thu, 5 Jun 2014 19:34:04 +0200,
Laurent Bigonville bi...@debian.org a écrit :
Le Wed, 04 Jun 2014 19:04:52 -0400,
Steve Grubb sgr...@redhat.com a écrit :
[...]
You are missing a type=LOGIN event right here. If you do a cat
On Mon, 2014-06-16 at 17:20 -0400, Eric Paris wrote:
I'd call this a pretty clear userspace bug where it just completely
drops records, even if it can't parse them...
Definitely a userspace bug...
[root@localhost eparis]# ausearch -m login
no matches
[root@localhost eparis]# cat
