AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-11-30 14:06:51 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
2d283862dc
linux_dsm_epyc7002/include/uapi
History
Richard Guy Briggs 451f921639 audit: add netlink multicast group for log read 
Add a netlink multicast socket with one group to kaudit for "best-effort"
delivery to read-only userspace clients such as systemd, in addition to the
existing bidirectional unicast auditd userspace client.

Currently, auditd is intended to use the CAP_AUDIT_CONTROL and CAP_AUDIT_WRITE
capabilities, but actually uses CAP_NET_ADMIN.  The CAP_AUDIT_READ capability
is added for use by read-only AUDIT_NLGRP_READLOG netlink multicast group
clients to the kaudit subsystem.

This will safely give access to services such as systemd to consume audit logs
while ensuring write access remains restricted for integrity.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-04-22 21:42:27 -04:00
..
asm-generic madvise: correct the comment of MADV_DODUMP flag 2014-04-07 16:35:58 -07:00
drm drm/tegra: Remove gratuitous pad field 2014-04-16 17:11:04 +02:00
linux audit: add netlink multicast group for log read 2014-04-22 21:42:27 -04:00
mtd UBI: make UBI_IOCVOLCRBLK take a parameter for future usage 2014-03-06 12:04:22 +02:00
rdma IB/core: Re-enable create_flow/destroy_flow uverbs 2013-11-17 08:22:09 -08:00
scsi
sound ALSA: compress: add num_sample_rates in snd_codec_desc 2014-01-07 18:33:40 +01:00
video
xen xen: install xen/gntdev.h and xen/gntalloc.h 2014-02-11 10:12:36 -05:00
Kbuild