Quoting Gao feng (gaofeng(a)cn.fujitsu.com):
Hi
On 10/24/2013 03:31 PM, Gao feng wrote:
> Here is the v1 patchset:
http://lwn.net/Articles/549546/
>
> The main target of this patchset is allowing user in audit
> namespace to generate the USER_MSG type of audit message,
> some userspace tools need to generate audit message, or
> these tools will broken.
>
I really need this feature, right now,some process such as
logind are broken in container becase we leak of this feature.
Your set doesn't address loginuid though right? How exactly do you
expect to do that? If user violates MAC policy and audit msg is
sent to init user ns by mac subsys, you need the loginuid from
init_audit_ns. where will that be stored if you allow updates
of loginuid in auditns?