Re: [PATCH] cleanups + fixes against audit.56
On Wed, 2005-06-15 at 14:56 -0500, Timothy R. Chavez wrote:
This patch introduces fixes for:
1. sys_rename() return code debacle
->
as a side effect of removing the error handling from fs/namei.c this bug was
also removed
2. leaky memory in auditfs_attach_wdata in failure path
3. NULL dereference on audit_inode_free()
->
race could occur between the child inode being deleted and the watch being
removed from parent
This patch adds:
1. Implicit watc removal message with -1 loginuid
2. New type, AUDIT_FS_INODE (1308)
->
now that we have watches per inode per record, we collect common inode
information for the watch on AUDIT_FS_INODE and use AUDIT_FS_WATCH to list
the watch information
3. Minor code cleanups (eliminating pointless goto's)
OK, it's built in audit.58 which is in the yum repository now.
What's left:
1. Hooking chmod/chown/chgrp and the appropriate ACL calls (Me)
2. Watch scalability problem (Me)
3. AUID filtering on USER messages and watches (David)
That's building in audit.59 which will be up there later.
4. PATH record woes... add a new token stating "I'm the
parent of the file or
I'm the file"
I'll do that next, along with going through the rest of Steve's bugzilla
items.
--
dwmw2