From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paul Moore <paul.moore@hp.com>
Subject: Re: auditing labeled ipsec
Date: Wed, 11 Oct 2006 16:58:07 -0400
Message-ID: <452D5ADF.4020607@hp.com>
References: <1160599200.17737.54.camel@faith.austin.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Return-path: <redhat-lspp-bounces@redhat.com>
In-Reply-To: <1160599200.17737.54.camel@faith.austin.ibm.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/redhat-lspp>,
	<mailto:redhat-lspp-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/redhat-lspp>
List-Post: <mailto:redhat-lspp@redhat.com>
List-Help: <mailto:redhat-lspp-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/redhat-lspp>,
	<mailto:redhat-lspp-request@redhat.com?subject=subscribe>
Sender: redhat-lspp-bounces@redhat.com
Errors-To: redhat-lspp-bounces@redhat.com
To: Joy Latten <latten@austin.ibm.com>
Cc: redhat-lspp@redhat.com, linux-audit@redhat.com, sgrubb@redhat.com
List-Id: linux-audit@redhat.com

Joy Latten wrote:
> Linux provides two apis to add/delete/manage SAs and spd.
> One is netlink which was extended to do key management. The 
> other is pfkeyv2, which our setkey and racoon uses.
> 
> With all that said, I am not able to figure out how to get "auid" from
> pfkeyv2? I can use NETLINK_CB(skb).loginuid to get it when netlink is
> used, but I don't think I can use this for pfkeyv2 since I am not using
> netlink headers. I am using pfkey message headers, such as sadb_msg,
> which don't include this. 
> 
> Any ideas or suggestions?

While it's been a looong time since I looked at PFKEY I believe you can get away
with plucking the loginuid from the current task, yes?  no?

-- 
paul moore
linux security @ hp