On Thu, Mar 11, 2021 at 11:41 AM Richard Guy Briggs <rgb(a)redhat.com> wrote:
Describe the /proc/PID/loginuid interface in Documentation/ABI/stable that
was added 2008-03-13 in commit 1e0bd7550ea9 ("[PATCH] export sessionid
alongside the loginuid in procfs")
Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com>
---
Documentation/ABI/stable/procfs-audit_loginuid | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/Documentation/ABI/stable/procfs-audit_loginuid
b/Documentation/ABI/stable/procfs-audit_loginuid
index fae63bef2970..175ee6ec3695 100644
--- a/Documentation/ABI/stable/procfs-audit_loginuid
+++ b/Documentation/ABI/stable/procfs-audit_loginuid
@@ -13,3 +13,15 @@ Description:
AUDIT_FEATURE_LOGINUID_IMMUTABLE is enabled. It cannot be
unset if AUDIT_FEATURE_ONLY_UNSET_LOGINUID is enabled.
+
+What: Audit Login Session ID
+Date: 2008-03-13
+KernelVersion: 2.6.25-rc7 1e0bd7550ea9 ("[PATCH] export sessionid alongside the
loginuid in procfs")
+Contact: linux-audit(a)redhat.com
+Format: u32
+Users: auditd, libaudit, audit-testsuite, login
This should be obvious, but just to be safe - my comment from patch
1/2 also applies here.
+Description:
+ The /proc/$pid/sessionid pseudofile is read to get the
+ audit login session ID of process $pid. It is set
+ automatically, serially assigned with each new login.
--
paul moore
www.paul-moore.com