On Fri, 13 Jan 2006, Stephen Smalley wrote:
On Wed, 2006-01-11 at 14:02 -0500, Amy Griffis wrote:
> Modify audit's kernel-userspace interface to allow the specification
> of string fields in audit rules.
>
> Signed-off-by: Amy Griffis <amy.griffis(a)hp.com>
> diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
> index d7c0e91..7315824 100644
> --- a/security/selinux/nlmsgtab.c
> +++ b/security/selinux/nlmsgtab.c
> @@ -99,6 +99,9 @@ static struct nlmsg_perm nlmsg_audit_per
> { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
> { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> + { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
> + { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> + { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
> { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
> { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
> };
The SELinux part looks fine, thanks.
Acked-by: Stephen Smalley <sds(a)tycho.nsa.gov>
Acked-by: James Morris <jmorris(a)redhat.com>
--
James Morris
<jmorris(a)redhat.com>