Re: pam_tty_audit icanon log switch
On Thu, Apr 18, 2013 at 03:31:36PM -0400, Miloslav Trmač wrote:
Hello,
----- Original Message -----
> Full replacement patch:
I'm still convinced that icanon is not the correct condition, see
https://www.redhat.com/archives/linux-audit/2013-March/msg00052.html .
That's a seperate issue. :)
I'll come back to that...
> diff --git a/include/uapi/linux/audit.h
b/include/uapi/linux/audit.h
> index 9f096f1..a863669 100644
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@ -369,7 +369,8 @@ struct audit_status {
> };
>
> struct audit_tty_status {
> - __u32 enabled; /* 1 = enabled, 0 = disabled */
> + __u32 enabled; /* 1 = enabled, 0 = disabled */
> + __u32 log_icanon; /* 1 = enabled, 0 = disabled */
> };
Also, would it make sense for the user-space API to be more general
about expressing the intent ("log passwords")? I don't know, being
precise about the exact effect of the option is also beneficial.
Hmmm, I'll have to ponder that...
Mirek
- RGB
--
Richard Guy Briggs <rbriggs(a)redhat.com>
Senior Software Engineer
AMER ENG Base Operating Systems
Remote, Canada, Ottawa
Voice: 1.647.777.2635
Internal: (81) 32635