diff options
author | Eric Paris <eparis@redhat.com> | 2013-05-23 14:26:00 -0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2013-11-05 11:08:17 -0500 |
commit | 21b85c31d23f2047d47e1f74bfa5caa8b75c1c77 (patch) | |
tree | 08ac436415d71faeb2d4d89d7d549bf70ad1261c /include/uapi/linux | |
parent | d040e5af380554c23ffe0a034ae5f3e53da93a1d (diff) |
audit: audit feature to set loginuid immutable
This adds a new 'audit_feature' bit which allows userspace to set it
such that the loginuid is absolutely immutable, even if you have
CAP_AUDIT_CONTROL.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'include/uapi/linux')
-rw-r--r-- | include/uapi/linux/audit.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index 05e5e8fc2ac..e2f0d997713 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@ -387,7 +387,8 @@ struct audit_features { }; #define AUDIT_FEATURE_ONLY_UNSET_LOGINUID 0 -#define AUDIT_LAST_FEATURE AUDIT_FEATURE_ONLY_UNSET_LOGINUID +#define AUDIT_FEATURE_LOGINUID_IMMUTABLE 1 +#define AUDIT_LAST_FEATURE AUDIT_FEATURE_LOGINUID_IMMUTABLE #define audit_feature_valid(x) ((x) >= 0 && (x) <= AUDIT_LAST_FEATURE) #define AUDIT_FEATURE_TO_MASK(x) (1 << ((x) & 31)) /* mask for __u32 */ |