Re: [PATCH 1/2] audit string fields interface + consumer
On Wed, 2006-01-11 at 14:02 -0500, Amy Griffis wrote:
Modify audit's kernel-userspace interface to allow the
specification
of string fields in audit rules.
Signed-off-by: Amy Griffis <amy.griffis(a)hp.com>
diff --git a/security/selinux/nlmsgtab.c
b/security/selinux/nlmsgtab.c
index d7c0e91..7315824 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -99,6 +99,9 @@ static struct nlmsg_perm nlmsg_audit_per
{ AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
{ AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
{ AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
+ { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
+ { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
+ { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
{ AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
{ AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
};
The SELinux part looks fine, thanks.
Acked-by: Stephen Smalley <sds(a)tycho.nsa.gov>
--
Stephen Smalley
National Security Agency