Nathan,

The "robust port that Google has" was done by me, so we can always use that :-P The newest features that i back-ported from the upstream kernel were for a separate feature need that came about when I was at Samsung, which was the need to send the kernel messages to both kmsg and a userspace auditd. Eric created a patch for a more generic feature setting and retrieval implementation on the kernel side, that I rebased my kernel patch for the "always send to kmsg feature" onto. They were tested on the desktop, seemed to be fine. I just haven't had the time to get back to the Android port to test it; likely it will be fine. I just wanted to keep Eric/community abreast of my porting activity.

FYI I saw your port early on, the reason I wrote one from scratch was due to the license issues.

Bill


On Tue, Jun 18, 2013 at 1:19 PM, Nathaniel Husted <nhusted@gmail.com> wrote:
If you'd like to test your patch out I have a userland fork of audit you can use (https://github.com/nwhusted/AuditdAndroid). For various reasons we gutted the networking implementation in userland and shoved audisp's AF_Unix plugin where auditd's networking should be (don't ask). Only auditd and auditctl will compile (the other programs have certain GNU/libc stuff that I didn't write bridge-code for), but that should be more then enough to run through some logging on Android.

At some point I'll have time to go back and make a robust port of audit as Google has started (hopefully) getting there stuff together and turning bionic from a piece of junk into something usable.

Cheers,
Nathaniel

On Mon, Jun 17, 2013 at 10:08 AM, William Roberts <bill.c.roberts@gmail.com> wrote:
So I ported the initial "audit: implement generic feature setting and retrieving" to Android as well as rebased my patch ontop. Since I didn't author the original patch, I just wanted to keep you abreast of where it was going.

https://android-review.googlesource.com/#/c/60880/

--
Respectfully,

William C Roberts


--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit




--
Respectfully,

William C Roberts