-
Eric W. Biederman authored
commit 780a7654 upstream. audit rule additions containing "-F auid!=4294967295" were failing with EINVAL because of a regression caused by e1760bd5. Apparently some userland audit rule sets want to know if loginuid uid has been set and are using a test for auid != 4294967295 to determine that. In practice that is a horrible way to ask if a value has been set, because it relies on subtle implementation details and will break every time the uid implementation in the kernel changes. So add a clean way to test if the audit loginuid has been set, and silently convert the old idiom to the cleaner and more comprehensible new idiom. RGB notes: In upstream, audit_rule_to_entry has been refactored out. This is patch is already upstream in functionally the same form in commit 780a7654 . The decimal constant was cast to unsigned to quiet GCC 4.6 32-bit architecture warnings. Reported-By:
Steve Grubb <sgrubb@redhat.com> Signed-off-by:
"Eric W. Biederman" <ebiederm@xmission.com> Tested-by:
Richard Guy Briggs <rgb@redhat.com> Signed-off-by:
Eric Paris <eparis@redhat.com> Backported-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
60106c06
