Right, so the function you suggested yesterday (audit_log_secctx) should be
added in audit.c in its entirety, and xt_AUDIT.c should just have something
like:
#ifdef CONFIG_NF_CONNTRACK_SECMARK
if (skb->secmark)
audit_log_secctx(ab,skb->secmark);
#endif
Thus, discarding the resu
On Thu, Jun 9, 2011 at 10:08 AM, Mr Dash Four
wrote:
>
>>> Just to make sure, so the conclusion is that the patch is fine as
>>> it is and anything related to unconvertible secids will be handled
>>> by SELinux internally?
>>>
>>>
>>
>> No. This patch does not get my ACK. Steve is right that sil
Just to make sure, so the conclusion is that the patch is fine as
it is and anything related to unconvertible secids will be handled
by SELinux internally?
No. This patch does not get my ACK. Steve is right that silently
dropping information is a big big no no for the audit system and
On Thu, Jun 9, 2011 at 8:28 AM, Patrick McHardy wrote:
> On 08.06.2011 21:39, Eric Paris wrote:
>> On Wed, Jun 8, 2011 at 3:28 PM, Steve Grubb wrote:
>>> On Wednesday, June 08, 2011 03:08:38 PM Eric Paris wrote:
On Wed, Jun 8, 2011 at 3:00 PM, Mr Dash Four
wrote:
>> int audit_
On 07/06/11 10:18, Mr Dash Four wrote:
>
>>> Is this a style-type requirement I wasn't aware of? Because from a
>>> syntax point of view the left/right braces aren't necessary.
>>>
>>
>> Aware of it, it's just coding style.
>>
> Thanks for pointing it out (now I know)! Would you like me to