[Rpm-maint] [rpm-software-management/rpm] Add support for audit logging package operations via plugin (#648)

Panu Matilainen notifications at github.com
Thu Mar 28 12:46:46 UTC 2019


pmatilai commented on this pull request.



> +    if (auditFd < 0)
+	goto exit;
+
+    int nelem = rpmtsNElements(ts);
+    struct teop *ops = xcalloc(nelem, sizeof(*ops));
+    char *dir = audit_encode_nv_string("root_dir", rpmtsRootDir(ts), 0);
+    int enforce = (rpmtsVfyLevel(ts) & RPMSIG_SIGNATURE_TYPE) != 0;
+
+    getAuditOps(ts, ops, nelem);
+
+    for (int i = 0; i < nelem; i++) {
+	const char *op = ops[i].op;
+	if (op) {
+	    rpmte p = ops[i].te;
+	    char *nevra = audit_encode_nv_string("sw", rpmteNEVRA(p), 0);
+	    char eventTxt[256];

That was inherited from the sample code I got from the audit folks for this. I could imagine arbitrarily long strings are not that welcome in the audit system, but I don't know if there's an actual reason for it.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/648#discussion_r269982886
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20190328/21a15c7a/attachment.html>


More information about the Rpm-maint mailing list