From mboxrd@z Thu Jan  1 00:00:00 1970
From: Yu Zhiguo <yuzg@cn.fujitsu.com>
Subject: Re: [PATCH] make it match explicitly when use option '-a', '-A'	and
 '-d' to specify "list,action"
Date: Wed, 30 Jul 2008 14:32:19 +0800
Message-ID: <48900AF3.1050204@cn.fujitsu.com>
References: <48803E3C.4060209@cn.fujitsu.com> <1216370953.2664.23.camel@amilo>
	<488083FA.5080504@cn.fujitsu.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <488083FA.5080504@cn.fujitsu.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Steve Grubb <sgrubb@redhat.com>
Cc: audit-list <linux-audit@redhat.com>
List-Id: linux-audit@redhat.com

Hello Steve,

  What your opinion about this patch?
  Perhaps you think we'd better be compatible with the manpage now.
So I made another patch according to the introduction of manpage.

  Whether there is a comma should be check because it is said in
the manpage:
   Please note the comma separating the two values. Omitting it
will cause errors.

  Then 'list' and 'action' will be obtained separately.

  Do you agree with me? This is the new patch for latest code in
audit SVN project.

Signed-off-by: Yu Zhiguo<yuzg@cn.fujitsu.com>
---
  src/auditctl.c |   28 +++++++++++++++++++---------
  1 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/src/auditctl.c b/src/auditctl.c
index d740509..dbd086e 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -172,31 +172,41 @@ static void usage(void)
  static int audit_rule_setup(const char *opt, int *flags, int *act)
  {
  	static int multiple = 0;
+	char *p;

  	if (++multiple != 1)
  		return 3;

-	if (strstr(opt, "task"))
+	/* comma separating */
+	p = strchr(opt, ',');
+	if (!p || strchr(p + 1, ','))
+		return 2;
+
+	/* obtain list */
+	if (!strncmp(opt, "task", p - opt))
  		*flags = AUDIT_FILTER_TASK;
-	else if (strstr(opt, "entry"))
+	else if (!strncmp(opt, "entry", p - opt))
  		*flags = AUDIT_FILTER_ENTRY;
-	else if (strstr(opt, "exit"))
+	else if (!strncmp(opt, "exit", p - opt))
  		*flags = AUDIT_FILTER_EXIT;
-	else if (strstr(opt, "user"))
+	else if (!strncmp(opt, "user", p - opt))
  		*flags = AUDIT_FILTER_USER;
-	else if (strstr(opt, "exclude")) {
+	else if (!strncmp(opt, "exclude", p - opt)) {
  		*flags = AUDIT_FILTER_EXCLUDE;
  		exclude = 1;
  	} else
  		return 2;
-	if (strstr(opt, "never"))
+
+	/* obtain action */
+	if (!strcmp(p + 1, "always"))
+		*act = AUDIT_ALWAYS;
+	else if (!strcmp(p + 1, "never"))
  		*act = AUDIT_NEVER;
-	else if (strstr(opt, "possible"))
+	else if (!strcmp(p + 1, "possible"))
  		return 1;
-	else if (strstr(opt, "always"))
-		*act = AUDIT_ALWAYS;
  	else
  		return 2;
+
  	return 0;
  }