Re: pam_tty_audit icanon log switch
Hello,
----- Original Message -----
Full replacement patch:
I'm still convinced that icanon is not the correct condition, see
https://www.redhat.com/archives/linux-audit/2013-March/msg00052.html .
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 9f096f1..a863669 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -369,7 +369,8 @@ struct audit_status {
};
struct audit_tty_status {
- __u32 enabled; /* 1 = enabled, 0 = disabled */
+ __u32 enabled; /* 1 = enabled, 0 = disabled */
+ __u32 log_icanon; /* 1 = enabled, 0 = disabled */
};
Also, would it make sense for the user-space API to be more general about expressing the
intent ("log passwords")? I don't know, being precise about the exact
effect of the option is also beneficial.
Mirek