tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libsemanage: Include user name in ROLE_REMOVE audit events

Browse source 
Use "previous" user name when no new user is available in
semanage_seuser_audit. Otherwise "id=0" is logged instead of
"acct=user_name" ("id=0" is hard coded value).

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1622045
This commit is contained in:
Vit Mojzis 2018-08-24 13:15:16 +02:00 committed by Nicolas Iooss
parent 70b9658d8c
commit 343442e99b
No known key found for this signature in database
GPG key ID: C191415F340DAAA0
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
libsemanage/src/seusers_local.c
View file

@ -71,17 +71,18 @@ static int semanage_seuser_audit(semanage_handle_t * handle,
const char *sep = "-";
int rc = -1;
strcpy(msg, "login");
if (previous) {
name = semanage_seuser_get_name(seuser);
psename = semanage_seuser_get_sename(previous);
pmls = semanage_seuser_get_mlsrange(previous);
proles = semanage_user_roles(handle, psename);
}
if (seuser) {
name = semanage_seuser_get_name(seuser);
sename = semanage_seuser_get_sename(seuser);
mls = semanage_seuser_get_mlsrange(seuser);
roles = semanage_user_roles(handle, sename);
}
if (previous) {
psename = semanage_seuser_get_sename(previous);
pmls = semanage_seuser_get_mlsrange(previous);
proles = semanage_user_roles(handle, psename);
}
if (audit_type != AUDIT_ROLE_REMOVE) {
if (sename && (!psename || strcmp(psename, sename) != 0)) {
strcat(msg,sep);