libselinux/0010-libselinux-Change-userspace-AVC-setenforce-and-polic.patch

From 7ef5b1854f75056d23e60aabc86706dfed622669 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <chpebeni@linux.microsoft.com>
Date: Tue, 15 Sep 2020 13:33:32 -0400
Subject: [PATCH] libselinux: Change userspace AVC setenforce and policy load
 messages to audit format.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
---
 libselinux/src/avc_internal.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
index 572b2159c3ed..53a99a1fe957 100644
--- a/libselinux/src/avc_internal.c
+++ b/libselinux/src/avc_internal.c
@@ -59,7 +59,7 @@ int avc_process_setenforce(int enforcing)
 	int rc = 0;
 
 	avc_log(SELINUX_SETENFORCE,
-		"%s:  received setenforce notice (enforcing=%d)\n",
+		"%s:  op=setenforce lsm=selinux enforcing=%d res=1",
 		avc_prefix, enforcing);
 	if (avc_setenforce)
 		goto out;
@@ -81,7 +81,7 @@ int avc_process_policyload(uint32_t seqno)
 	int rc = 0;
 
 	avc_log(SELINUX_POLICYLOAD,
-		"%s:  received policyload notice (seqno=%u)\n",
+		"%s:  op=load_policy lsm=selinux seqno=%u res=1",
 		avc_prefix, seqno);
 	rc = avc_ss_reset(seqno);
 	if (rc < 0) {
-- 
2.29.0