use USER_MGMT type for auditing in the pam_tally2 and faillock apps

(#1151576)
This commit is contained in:
Tomas Mraz 2014-10-17 12:10:57 +02:00
parent 757d3aed85
commit 1634393187
2 changed files with 62 additions and 1 deletions

View File

@ -0,0 +1,55 @@
diff -up Linux-PAM-1.1.8/modules/pam_faillock/main.c.audit-user-mgmt Linux-PAM-1.1.8/modules/pam_faillock/main.c
--- Linux-PAM-1.1.8/modules/pam_faillock/main.c.audit-user-mgmt 2014-10-17 12:09:12.928490104 +0200
+++ Linux-PAM-1.1.8/modules/pam_faillock/main.c 2014-10-17 12:09:43.001169008 +0200
@@ -127,7 +127,6 @@ do_user(struct options *opts, const char
}
if (opts->reset) {
#ifdef HAVE_LIBAUDIT
- char buf[64];
int audit_fd;
#endif
@@ -141,10 +140,8 @@ do_user(struct options *opts, const char
if ((audit_fd=audit_open()) >= 0) {
if (pwd != NULL) {
- snprintf(buf, sizeof(buf), "faillock reset uid=%u",
- pwd->pw_uid);
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
- buf, NULL, NULL, NULL, rv == 0);
+ audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
+ "faillock-reset", NULL, pwd->pw_uid, NULL, NULL, NULL, rv == 0);
}
close(audit_fd);
}
diff -up Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c.audit-user-mgmt Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c
--- Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c.audit-user-mgmt 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c 2014-10-17 12:09:12.965490940 +0200
@@ -997,9 +997,9 @@ main( int argc UNUSED, char **argv )
#ifdef HAVE_LIBAUDIT
char buf[64];
int audit_fd = audit_open();
- snprintf(buf, sizeof(buf), "pam_tally2 uid=%u reset=%hu", uid, cline_reset);
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
- buf, NULL, NULL, ttyname(STDIN_FILENO), 1);
+ snprintf(buf, sizeof(buf), "pam_tally2 reset=%hu", cline_reset);
+ audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
+ buf, NULL, uid, NULL, NULL, ttyname(STDIN_FILENO), 1);
if (audit_fd >=0)
close(audit_fd);
#endif
@@ -1040,11 +1040,10 @@ main( int argc UNUSED, char **argv )
}
else if ( !cline_reset ) {
#ifdef HAVE_LIBAUDIT
- char buf[64];
int audit_fd = audit_open();
- snprintf(buf, sizeof(buf), "pam_tally2 uid=all reset=0");
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
- buf, NULL, NULL, ttyname(STDIN_FILENO), 1);
+ audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
+ "pam_tally2-reset-all-accts reset=0", "*", -1,
+ NULL, NULL, ttyname(STDIN_FILENO), 1);
if (audit_fd >=0)
close(audit_fd);
#endif

View File

@ -3,7 +3,7 @@
Summary: An extensible library which provides authentication for applications
Name: pam
Version: 1.1.8
Release: 17%{?dist}
Release: 18%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+
# - this option is redundant as the BSD license allows that anyway.
# pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
@ -55,6 +55,7 @@ Patch39: pam-1.1.8-audit-grantor.patch
Patch40: pam-1.1.8-man-dbsuffix.patch
Patch41: pam-1.1.8-limits-check-process.patch
Patch42: pam-1.1.8-limits-docfix.patch
Patch43: pam-1.1.8-audit-user-mgmt.patch
%define _pamlibdir %{_libdir}
%define _moduledir %{_libdir}/security
@ -144,6 +145,7 @@ cp %{SOURCE18} .
%patch40 -p1 -b .dbsuffix
%patch41 -p1 -b .check-process
%patch42 -p1 -b .docfix
%patch43 -p1 -b .audit-user-mgmt
%build
autoreconf -i
@ -394,6 +396,10 @@ fi
%doc doc/adg/*.txt doc/adg/html
%changelog
* Fri Oct 17 2014 Tomáš Mráz <tmraz@redhat.com> 1.1.8-18
- use USER_MGMT type for auditing in the pam_tally2 and faillock
apps (#1151576)
* Thu Sep 11 2014 Tomáš Mráz <tmraz@redhat.com> 1.1.8-17
- update the audit-grantor patch with the upstream changes
- pam_userdb: correct the example in man page (#1078784)