Stephen Smalley wrote:
On 09/09/2013 09:15 PM, Joshua Brindle wrote:
Add libaudit support for adding directory watch rules.
Add rule parsing support to auditd.
Rule format matches auditctl. Currently only supports -w and -e.
Change-Id: I8bdaea1b5e2a216eec79cd8c9dae583de8295d26
Signed-off-by: Joshua Brindle<[email protected]>
You didn't include my two changes. Was that because you didn't agree
with them or you just wanted to keep them separate?
I don't normally pull peoples patches into my own :) I can do that if
you want.
Part of my change (the libaudit EAGAIN fix) could be folded directly
into Bill's existing change. The other part (the auditd
audit_set_enabled() call) could be folded into yours or kept separate.
Or you think audit.rules should explicitly perform an -e 1, then we
don't strictly need that change but that isn't the way upstream auditd
works.
I'd rather it work the same way upstream auditd works.
Have you set up a CLA with AOSP yet?
Yes, but it looks like the auditd gerrit review has been rejected.
Should I submit anyway?
I also originally had audit.rules in /data/security but one of my phones
has that set to 0700 owned by system so auditd couldn't read it. I'd
rather it be there (and possibly included in the bundles we are talking
about elsewhere).
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
