kernel-ark

History

Amy Griffis 9c937dcc71 [PATCH] log more info for directory entry change events When an audit event involves changes to a directory entry, include a PATH record for the directory itself. A few other notable changes: - fixed audit_inode_child() hooks in fsnotify_move() - removed unused flags arg from audit_inode() - added audit log routines for logging a portion of a string Here's some sample output. before patch: type=SYSCALL msg=audit(1149821605.320:26): arch=40000003 syscall=39 success=yes exit=0 a0=bf8d3c7c a1=1ff a2=804e1b8 a3=bf8d3c7c items=1 ppid=739 pid=800 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255 type=CWD msg=audit(1149821605.320:26): cwd="/root" type=PATH msg=audit(1149821605.320:26): item=0 name="foo" parent=164068 inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0 after patch: type=SYSCALL msg=audit(1149822032.332:24): arch=40000003 syscall=39 success=yes exit=0 a0=bfdd9c7c a1=1ff a2=804e1b8 a3=bfdd9c7c items=2 ppid=714 pid=777 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255 type=CWD msg=audit(1149822032.332:24): cwd="/root" type=PATH msg=audit(1149822032.332:24): item=0 name="/root" inode=164068 dev=03:00 mode=040750 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t:s0 type=PATH msg=audit(1149822032.332:24): item=1 name="foo" inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0 Signed-off-by: Amy Griffis <amy.griffis@hp.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>		2006-06-20 05:25:28 -04:00
..
irq
power
.gitignore
acct.c
audit.c	[PATCH] log more info for directory entry change events	2006-06-20 05:25:28 -04:00
audit.h	[PATCH] log more info for directory entry change events	2006-06-20 05:25:28 -04:00
auditfilter.c	[PATCH] log more info for directory entry change events	2006-06-20 05:25:28 -04:00
auditsc.c	[PATCH] log more info for directory entry change events	2006-06-20 05:25:28 -04:00
capability.c
compat.c
configs.c
cpu.c
cpuset.c	[PATCH] cpuset: might_sleep_if check in cpuset_zones_allowed	2006-05-21 12:59:18 -07:00
dma.c
exec_domain.c
exit.c	[PATCH] run_posix_cpu_timers: remove a bogus BUG_ON()	2006-06-17 10:52:13 -07:00
extable.c	[PATCH] symbol_put_addr() locks kernel	2006-05-15 11:20:55 -07:00
fork.c
futex_compat.c
futex.c
hrtimer.c	[PATCH] hrtimer: export symbols	2006-05-31 16:27:11 -07:00
intermodule.c
itimer.c
kallsyms.c
Kconfig.hz
Kconfig.preempt
kexec.c
kfifo.c
kmod.c
kprobes.c
ksysfs.c
kthread.c
Makefile
module.c	[PATCH] symbol_put_addr() locks kernel	2006-05-15 11:20:55 -07:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
panic.c
params.c
pid.c
posix-cpu-timers.c	[PATCH] arm_timer: remove a racy and obsolete PF_EXITING check	2006-06-17 10:52:13 -07:00
posix-timers.c
printk.c
profile.c
ptrace.c
rcupdate.c	[PATCH] RCU: introduce rcu_needs_cpu() interface	2006-05-15 11:20:55 -07:00
rcutorture.c
relay.c
resource.c
sched.c	Revert "[PATCH] sched: fix interactive task starvation"	2006-05-21 18:54:09 -07:00
seccomp.c
signal.c	[PATCH] collect sid of those who send signals to auditd	2006-06-20 05:25:21 -04:00
softirq.c
softlockup.c
spinlock.c
stop_machine.c
sys_ni.c
sys.c
sysctl.c	[PATCH] inotify (1/5): split kernel API from userspace support	2006-06-20 05:25:17 -04:00
time.c
timer.c	[PATCH] Fix a NO_IDLE_HZ timer bug	2006-05-21 12:59:21 -07:00
uid16.c
user.c	[PATCH] inotify (1/5): split kernel API from userspace support	2006-06-20 05:25:17 -04:00
wait.c
workqueue.c