SELinux: new permission between tty audit and audit socket New selinux permission to separate the ability to turn on tty auditing from the ability to set audit rules. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>

commit: dd34b5d75a0405814a3de83f02a44ac297e81629 [log] [tgz]
author: Eric Paris <eparis@redhat.com> Thu Mar 05 13:43:35 2009 -0500
committer: James Morris <jmorris@namei.org> Fri Mar 06 08:50:21 2009 +1100
tree: f24939a7b7f6b33c44939ee4022d7e95b3f670b6
parent: 6a25b27d602aac24f3c642722377ba5d778417ec [diff] [blame]
diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h
index 0b8f9b2..d645192 100644
--- a/security/selinux/include/av_permissions.h
+++ b/security/selinux/include/av_permissions.h

@@ -708,6 +708,7 @@
 #define NETLINK_AUDIT_SOCKET__NLMSG_WRITE         0x00800000UL
 #define NETLINK_AUDIT_SOCKET__NLMSG_RELAY         0x01000000UL
 #define NETLINK_AUDIT_SOCKET__NLMSG_READPRIV      0x02000000UL
+#define NETLINK_AUDIT_SOCKET__NLMSG_TTY_AUDIT     0x04000000UL
 #define NETLINK_IP6FW_SOCKET__IOCTL               0x00000001UL
 #define NETLINK_IP6FW_SOCKET__READ                0x00000002UL
 #define NETLINK_IP6FW_SOCKET__WRITE               0x00000004UL
commit	dd34b5d75a0405814a3de83f02a44ac297e81629	[log] [tgz]
author	Eric Paris <eparis@redhat.com>	Thu Mar 05 13:43:35 2009 -0500
committer	James Morris <jmorris@namei.org>	Fri Mar 06 08:50:21 2009 +1100
tree	f24939a7b7f6b33c44939ee4022d7e95b3f670b6
parent	6a25b27d602aac24f3c642722377ba5d778417ec [diff] [blame]