[Rpm-maint] [rpm-software-management/rpm] Add support for audit logging package operations via plugin (#648)
Panu Matilainen
notifications at github.com
Thu Mar 28 12:46:46 UTC 2019
pmatilai commented on this pull request.
> + if (auditFd < 0)
+ goto exit;
+
+ int nelem = rpmtsNElements(ts);
+ struct teop *ops = xcalloc(nelem, sizeof(*ops));
+ char *dir = audit_encode_nv_string("root_dir", rpmtsRootDir(ts), 0);
+ int enforce = (rpmtsVfyLevel(ts) & RPMSIG_SIGNATURE_TYPE) != 0;
+
+ getAuditOps(ts, ops, nelem);
+
+ for (int i = 0; i < nelem; i++) {
+ const char *op = ops[i].op;
+ if (op) {
+ rpmte p = ops[i].te;
+ char *nevra = audit_encode_nv_string("sw", rpmteNEVRA(p), 0);
+ char eventTxt[256];
That was inherited from the sample code I got from the audit folks for this. I could imagine arbitrarily long strings are not that welcome in the audit system, but I don't know if there's an actual reason for it.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/648#discussion_r269982886
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20190328/21a15c7a/attachment.html>
More information about the Rpm-maint
mailing list