From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Antill Subject: [patch] Full relabel audit event Date: Thu, 25 May 2006 17:01:41 -0400 Message-ID: <1148590901.8828.22.camel@code.and.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1411382853==" Return-path: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: redhat-lspp-bounces@redhat.com Errors-To: redhat-lspp-bounces@redhat.com To: redhat-lspp Cc: linux-audit@redhat.com, selinux@tycho.nsa.gov List-Id: linux-audit@redhat.com --===============1411382853== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-ZzB/7csJAE5vFVY8iK3u" --=-ZzB/7csJAE5vFVY8iK3u Content-Type: multipart/mixed; boundary="=-3nKvTQQkOznrJHr9KKL1" --=-3nKvTQQkOznrJHr9KKL1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable The attached patch implements the full relabel audit event (Ie. an audit event occurs when a full relabel occurs, ie. when /.autorelabel exists at boot). Note that although the code is correct, this patch doesn't actually work due to kernel bugs[1]. It'll be in Fedora development as part of policycoreutils-1.30.10-3 onwards. [1] see the thread on linux-audit if you want the details. --=20 James Antill --=-3nKvTQQkOznrJHr9KKL1 Content-Disposition: inline; filename=policycoreutils-1.30.10-audit-mass-relabel.patch Content-Type: text/x-patch; name=policycoreutils-1.30.10-audit-mass-relabel.patch; charset=UTF-8 Content-Transfer-Encoding: base64 ZGlmZiAtcnUgcG9saWN5Y29yZXV0aWxzLTEuMzAuMTAtb3JpZy9zZXRmaWxlcy9zZXRmaWxlcy5j IHBvbGljeWNvcmV1dGlscy0xLjMwLjEwL3NldGZpbGVzL3NldGZpbGVzLmMNCi0tLSBwb2xpY3lj b3JldXRpbHMtMS4zMC4xMC1vcmlnL3NldGZpbGVzL3NldGZpbGVzLmMJMjAwNi0wNS0yMyAwNjoy MDowMy4wMDAwMDAwMDAgLTA0MDANCisrKyBwb2xpY3ljb3JldXRpbHMtMS4zMC4xMC9zZXRmaWxl cy9zZXRmaWxlcy5jCTIwMDYtMDUtMjQgMTY6NDk6MDMuMDAwMDAwMDAwIC0wNDAwDQpAQCAtNzUs NiArNzUsMTEgQEANCiAjaW5jbHVkZSA8c2VsaW51eC9zZWxpbnV4Lmg+DQogI2luY2x1ZGUgPHN5 c2xvZy5oPiANCiAjaW5jbHVkZSA8bGliZ2VuLmg+DQorI2luY2x1ZGUgPGxpYmF1ZGl0Lmg+DQor DQorI2lmbmRlZiBBVURJVF9GU19SRUxBQkVMDQorI2RlZmluZSBBVURJVF9GU19SRUxBQkVMIDIz MDkNCisjZW5kaWYNCiANCiBzdGF0aWMgaW50IGFkZF9hc3NvYyA9IDE7DQogc3RhdGljIEZJTEUg Km91dGZpbGU9TlVMTDsNCkBAIC0zOTUsNyArNDAwLDcgQEANCiANCiAJLyogdHJpbSB0cmFpbGlu ZyAvLCBpZiBwcmVzZW50ICovDQogCWxlbiA9IHN0cmxlbihyb290cGF0aCk7DQotCXdoaWxlICgn LycgPT0gcm9vdHBhdGhbbGVuIC0gMV0pDQorCXdoaWxlIChsZW4gJiYgKCcvJyA9PSByb290cGF0 aFtsZW4gLSAxXSkpDQogCQlyb290cGF0aFstLWxlbl0gPSAwOw0KIAlyb290cGF0aGxlbiA9IGxl bjsNCiB9DQpAQCAtNDQzLDExICs0NDgsMzUgQEANCiAgIHJldHVybiAwOw0KIH0NCiANCitzdGF0 aWMgdm9pZCBtYXliZV9hdWRpdF9tYXNzX3JlbGFiZWwoaW50IGRvbmVfcm9vdCwgaW50IGVycnMp DQorew0KKyAgaW50IGF1ZGl0X2ZkID0gLTE7DQorICBpbnQgcmMgPSAwOw0KKyAgDQorICBpZiAo IWRvbmVfcm9vdCkgLyogb25seSBhdWRpdCBhIGZvcmNlZCBmdWxsIHJlbGFiZWwgKi8NCisgICAg cmV0dXJuOw0KKyAgDQorICBhdWRpdF9mZCA9IGF1ZGl0X29wZW4oKTsNCisNCisgIGlmIChhdWRp dF9mZCA8IDApIHsNCisgICAgZnByaW50ZihzdGRlcnIsICJFcnJvciBjb25uZWN0aW5nIHRvIGF1 ZGl0IHN5c3RlbS5cbiIpOw0KKyAgICByZXR1cm47DQorICB9DQorDQorICByYyA9IGF1ZGl0X2xv Z191c2VyX21lc3NhZ2UoYXVkaXRfZmQsIEFVRElUX0ZTX1JFTEFCRUwsDQorICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgIm9wPW1hc3MgcmVsYWJlbCIsIE5VTEwsIE5VTEwsIE5VTEwsICFl cnJzKTsNCisgIGlmIChyYyA8PSAwKSB7DQorICAgIGZwcmludGYoc3RkZXJyLCAiRXJyb3Igc2Vu ZGluZyBhdWRpdCBtZXNzYWdlOiAlcy5cbiIsIHN0cmVycm9yKGVycm5vKSk7DQorICB9DQorICBh dWRpdF9jbG9zZShhdWRpdF9mZCk7DQorfQ0KKw0KIGludCBtYWluKGludCBhcmdjLCBjaGFyICoq YXJndikNCiB7DQogCXN0cnVjdCBzdGF0IHNiOw0KIAlpbnQgb3B0LCByYywgaTsNCi0NCisgICAg ICAgIGludCBkb25lX3Jvb3QgPSAwOyAvKiBoYXZlIHdlIHByb2Nlc3NlZCB0aGUgLyBkaXJlY3Rv cnkgYXMgYW4gYXJnICovDQorICAgICAgICANCiAJbWVtc2V0KGV4Y2x1ZGVBcnJheSwwLCBzaXpl b2YoZXhjbHVkZUFycmF5KSk7DQogDQogCS8qIFZhbGlkYXRlIGFsbCBmaWxlIGNvbnRleHRzIGR1 cmluZyBtYXRjaHBhdGhjb25faW5pdC4gKi8NCkBAIC02MTgsNiArNjQ3LDggQEANCiAJfQ0KIAll bHNlIGZvciAoOyBvcHRpbmQgPCBhcmdjOyBvcHRpbmQrKykNCiAJew0KKyAgICAgICAgICAgICAg ICBkb25lX3Jvb3QgfD0gIXN0cmNtcChhcmd2W29wdGluZF0sICIvIik7DQorICAgICAgICAgICAg ICAgIA0KIAkJaWYgKE5VTEwgIT0gcm9vdHBhdGgpIHsNCiAJCQlxcHJpbnRmKCIlczogIGxhYmVs aW5nIGZpbGVzLCBwcmV0ZW5kaW5nICVzIGlzIC9cbiIsDQogCQkJCWFyZ3ZbMF0sIHJvb3RwYXRo KTsNCkBAIC02NDgsNiArNjc5LDcgQEANCiAJCQkJZnByaW50ZihzdGRlcnIsDQogCQkJCSIlczog IGVycm9yIHdoaWxlIGxhYmVsaW5nIGZpbGVzIHVuZGVyICVzXG4iLA0KIAkJCQlhcmd2WzBdLCBh cmd2W29wdGluZF0pOw0KKwkJCQltYXliZV9hdWRpdF9tYXNzX3JlbGFiZWwoZG9uZV9yb290LCAx KTsNCiAJCQkJZXhpdCgxKTsNCiAJCQl9DQogCQl9DQpAQCAtNjY0LDYgKzY5Niw4IEBADQogCQlt YXRjaHBhdGhjb25fZmlsZXNwZWNfZGVzdHJveSgpOw0KIAl9DQogDQorICAgICAgICBtYXliZV9h dWRpdF9tYXNzX3JlbGFiZWwoZG9uZV9yb290LCAwKTsNCisNCiAJaWYgKHdhcm5fbm9fbWF0Y2gp DQogCQltYXRjaHBhdGhjb25fY2hlY2ttYXRjaGVzKGFyZ3ZbMF0pOw0KIA0KLS0tIHBvbGljeWNv cmV1dGlscy0xLjMwLjEwLW9yaWcvc2V0ZmlsZXMvTWFrZWZpbGUJMjAwNi0wNS0yMyAwNjoyMDow My4wMDAwMDAwMDAgLTA0MDANCisrKyBwb2xpY3ljb3JldXRpbHMtMS4zMC4xMC9zZXRmaWxlcy9N YWtlZmlsZQkyMDA2LTA1LTI0IDE4OjEwOjQxLjAwMDAwMDAwMCAtMDQwMA0KQEAgLTcsNiArNyw3 IEBADQogQ0ZMQUdTID0gLVdlcnJvciAtV2FsbCAtVyANCiBvdmVycmlkZSBDRkxBR1MgKz0gLURf RklMRV9PRkZTRVRfQklUUz02NCAtSSQoUFJFRklYKS9pbmNsdWRlDQogTERMSUJTID0gLWxzZWxp bnV4IC1sc2Vwb2wgLUwkKExJQkRJUikNCitMRExJQlMgKz0gLWxhdWRpdA0KIA0KIGFsbDogc2V0 ZmlsZXMNCiANCg== --=-3nKvTQQkOznrJHr9KKL1-- --=-ZzB/7csJAE5vFVY8iK3u Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQBEdhs111eXTEMrxtQRAvKdAJ9NReLqQWCjytj7XZC7YkELLSPswQCfZP5+ O5O9BrB0bcHKrZbnKZPgo3Q= =TBQH -----END PGP SIGNATURE----- --=-ZzB/7csJAE5vFVY8iK3u-- --===============1411382853== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- redhat-lspp mailing list redhat-lspp@redhat.com https://www.redhat.com/mailman/listinfo/redhat-lspp --===============1411382853==--