Modify the "audit" boot parameter to also accept "on" or
"off" as valid
parameter values. Update the documentation accordingly.
Signed-off-by: Greg Edwards <gedwards(a)ddn.com>
---
Documentation/admin-guide/kernel-parameters.txt | 14 +++++++-------
kernel/audit.c | 9 +++++----
2 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt
b/Documentation/admin-guide/kernel-parameters.txt
index 1d1d53f85ddd..0b926779315c 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -389,15 +389,15 @@
Use software keyboard repeat
audit= [KNL] Enable the audit sub-system
- Format: { "0" | "1" } (0 = disabled, 1 = enabled)
- 0 - kernel audit is disabled and can not be enabled
- until the next reboot
+ Format: { "0" | "1" | "off" | "on" }
+ 0 | off - kernel audit is disabled and can not be
+ enabled until the next reboot
unset - kernel audit is initialized but disabled and
will be fully enabled by the userspace auditd.
- 1 - kernel audit is initialized and partially enabled,
- storing at most audit_backlog_limit messages in
- RAM until it is fully enabled by the userspace
- auditd.
+ 1 | on - kernel audit is initialized and partially
+ enabled, storing at most audit_backlog_limit
+ messages in RAM until it is fully enabled by the
+ userspace auditd.
Default: unset
audit_backlog_limit= [KNL] Set the audit queue size limit.
diff --git a/kernel/audit.c b/kernel/audit.c
index 3fb11bcb4408..8c8304a3ea8f 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1534,15 +1534,16 @@ static struct pernet_operations audit_net_ops __net_initdata = {
/* Process kernel command-line parameter at boot time. audit=0 or audit=1. */
static void __init audit_enable(void)
{
- long val;
-
if (!audit_boot)
return;
- if (kstrtol(audit_boot, 0, &val))
+ if (!strcmp(audit_boot, "1") || !strcmp(audit_boot, "on"))
+ audit_default = AUDIT_ON;
+ else if (!strcmp(audit_boot, "0") || !strcmp(audit_boot, "off"))
+ audit_default = AUDIT_OFF;
+ else
panic("audit: invalid 'audit' parameter value (%s)\n",
audit_boot);
- audit_default = (val ? AUDIT_ON : AUDIT_OFF);
if (audit_default == AUDIT_OFF)
audit_initialized = AUDIT_DISABLED;
--
2.14.3