From mboxrd@z Thu Jan  1 00:00:00 1970
From: Joy Latten <latten@austin.ibm.com>
Subject: Re: [redhat-lspp] auditing labeled ipsec
Date: Wed, 11 Oct 2006 16:43:16 -0500
Message-ID: <1160602996.17737.57.camel@faith.austin.ibm.com>
References: <1160599200.17737.54.camel@faith.austin.ibm.com>
	<452D5ADF.4020607@hp.com>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <452D5ADF.4020607@hp.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Paul Moore <paul.moore@hp.com>
Cc: redhat-lspp@redhat.com, linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Wed, 2006-10-11 at 16:58 -0400, Paul Moore wrote:
> Joy Latten wrote:
> > Linux provides two apis to add/delete/manage SAs and spd.
> > One is netlink which was extended to do key management. The 
> > other is pfkeyv2, which our setkey and racoon uses.
> > 
> > With all that said, I am not able to figure out how to get "auid" from
> > pfkeyv2? I can use NETLINK_CB(skb).loginuid to get it when netlink is
> > used, but I don't think I can use this for pfkeyv2 since I am not using
> > netlink headers. I am using pfkey message headers, such as sadb_msg,
> > which don't include this. 
> > 
> > Any ideas or suggestions?
> 
> While it's been a looong time since I looked at PFKEY I believe you can get away
> with plucking the loginuid from the current task, yes?  no?
> 

I was also wondering if that would be ok? 

Joy