DBUS setting up audit is wrong
Daniel J Walsh
dwalsh at redhat.com
Sat Sep 15 05:22:10 PDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You should set the CAP_AUDIT_WRITE and other capabilities if you were roolt.
This will fix the fact that capabilities were not going to the audit
system, but errors were going to syslog.
Also moved audit_init to this section so it will only be called when the
capabilities are present. It will call syslog if audit is not run.
This will cause dbus on the session bus to log messages like SELinux
policy reload into the syslog without reporting an error message.
Finally there is a bug that the init functions do not return anything if
HAVE_SELINUX is not set.
(For any license discussions, this is contributed under 'whatever the
license of upstream dbus is, and can be relicensed along with it.')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFG685xrlYvE4MpobMRAq3FAKDJftFumTQEFdq1VzFcWC6eraFiHACcDnlw
CuaUUQWTf2clGwHb//3hQnQ=
=vXOL
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus-1.1.2-audit-user.patch
Type: text/x-patch
Size: 1544 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20070915/0bf590c8/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus-1.1.2-audit-user.patch.sig
Type: application/octet-stream
Size: 65 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20070915/0bf590c8/attachment.obj
More information about the dbus
mailing list