From 4746ec5b01ed07205a91e4f7ed9de9d70f371407 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 8 Jan 2008 10:06:53 -0500 Subject: [AUDIT] add session id to audit messages In order to correlate audit records to an individual login add a session id. This is incremented every time a user logs in and is included in almost all messages which currently output the auid. The field is labeled ses= or oses= Signed-off-by: Eric Paris --- security/selinux/ss/services.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'security/selinux/ss') diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 819a6f91e80..fced6bccee7 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1905,11 +1905,12 @@ int security_set_bools(int len, int *values) if (!!values[i] != policydb.bool_val_to_struct[i]->state) { audit_log(current->audit_context, GFP_ATOMIC, AUDIT_MAC_CONFIG_CHANGE, - "bool=%s val=%d old_val=%d auid=%u", + "bool=%s val=%d old_val=%d auid=%u ses=%u", policydb.p_bool_val_to_name[i], !!values[i], policydb.bool_val_to_struct[i]->state, - audit_get_loginuid(current)); + audit_get_loginuid(current), + audit_get_sessionid(current)); } if (values[i]) { policydb.bool_val_to_struct[i]->state = 1; -- cgit v1.2.3