mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-31 06:16:03 +00:00
use audit defines for reject, complain, audit, hint, status
This commit is contained in:
John Johansen
27
kernel-patches/for-mainline/audit-defines.diff
Normal file
27
kernel-patches/for-mainline/audit-defines.diff
Normal file
@@ -0,0 +1,27 @@
|
||||
---
|
||||
include/linux/audit.h | 9 +++++++--
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
--- a/include/linux/audit.h
|
||||
+++ b/include/linux/audit.h
|
||||
@@ -109,13 +109,18 @@
|
||||
#define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Add a XFRM policy */
|
||||
#define AUDIT_MAC_IPSEC_DELSPD 1414 /* Delete a XFRM policy */
|
||||
|
||||
+#define AUDIT_APPARMOR_AUDIT 1501 /* AppArmor audited grants */
|
||||
+#define AUDIT_APPARMOR_COMPLAIN 1502 /* Allowed Access for learning */
|
||||
+#define AUDIT_APPARMOR_REJECT 1503 /* Denied Access */
|
||||
+#define AUDIT_APPARMOR_HINT 1504 /* Process Tracking information */
|
||||
+#define AUDIT_APPARMOR_STATUS 1505 /* Changes in config */
|
||||
+#define AUDIT_APPARMOR_ERROR 1506 /* Internal AppArmor Errors */
|
||||
+
|
||||
#define AUDIT_FIRST_KERN_ANOM_MSG 1700
|
||||
#define AUDIT_LAST_KERN_ANOM_MSG 1799
|
||||
#define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */
|
||||
#define AUDIT_ANOM_ABEND 1701 /* Process ended abnormally */
|
||||
|
||||
-#define AUDIT_APPARMOR 1500 /* AppArmor audit */
|
||||
-
|
||||
#define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */
|
||||
|
||||
/* Rule flags */
|
||||
Reference in New Issue
Block a user