summaryrefslogtreecommitdiffstats
path: root/security/selinux/ss
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-01-08 10:06:53 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2008-02-01 14:06:51 -0500
commit4746ec5b01ed07205a91e4f7ed9de9d70f371407 (patch)
tree7a3a836b6178ccab24801e90b69c1159b2c23099 /security/selinux/ss
parentc2a7780efe37d01bdb3facc85a94663e6d67d4a8 (diff)
[AUDIT] add session id to audit messages
In order to correlate audit records to an individual login add a session id. This is incremented every time a user logs in and is included in almost all messages which currently output the auid. The field is labeled ses= or oses= Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/ss')
-rw-r--r--security/selinux/ss/services.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 819a6f91e80..fced6bccee7 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1905,11 +1905,12 @@ int security_set_bools(int len, int *values)
if (!!values[i] != policydb.bool_val_to_struct[i]->state) {
audit_log(current->audit_context, GFP_ATOMIC,
AUDIT_MAC_CONFIG_CHANGE,
- "bool=%s val=%d old_val=%d auid=%u",
+ "bool=%s val=%d old_val=%d auid=%u ses=%u",
policydb.p_bool_val_to_name[i],
!!values[i],
policydb.bool_val_to_struct[i]->state,
- audit_get_loginuid(current));
+ audit_get_loginuid(current),
+ audit_get_sessionid(current));
}
if (values[i]) {
policydb.bool_val_to_struct[i]->state = 1;