[PATCH v1] auditctl: check for a watch before adding perm

[PATCH v1] auditctl: check for a watch before adding perm

[Richard Guy Briggs]

The existing check would never trigger since add and del are defaulted to
AUDIT_FILTER_UNSET which is not zero.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
---
 src/auditctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/auditctl.c b/src/auditctl.c
index ca6905b2884e..06bb747c5fd2 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -1020,7 +1020,7 @@ process_keys:
 		}
 		break;
 	case 'p':
-		if (!add && !del) {
+		if (add == AUDIT_FILTER_UNSET && del == AUDIT_FILTER_UNSET) {
 			audit_msg(LOG_ERR,
 			"permission option needs a watch given prior to it");
 			retval = -1;
-- 
2.27.0

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v1] auditctl: check for a watch before adding perm

[Steve Grubb]

On Thursday, October 28, 2021 3:48:57 PM EDT Richard Guy Briggs wrote:
> The existing check would never trigger since add and del are defaulted to
> AUDIT_FILTER_UNSET which is not zero.

Thanks! Applied.

-Steve

> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> ---
>  src/auditctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/auditctl.c b/src/auditctl.c
> index ca6905b2884e..06bb747c5fd2 100644
> --- a/src/auditctl.c
> +++ b/src/auditctl.c
> @@ -1020,7 +1020,7 @@ process_keys:
>  		}
>  		break;
>  	case 'p':
> -		if (!add && !del) {
> +		if (add == AUDIT_FILTER_UNSET && del == AUDIT_FILTER_UNSET) {
>  			audit_msg(LOG_ERR,
>  			"permission option needs a watch given prior to it");
>  			retval = -1;




--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit