rpms / audit

Clone
Source Code
GIT

Files

  1.   00064ebb641fe874d9a4375b9ece76ca6d43d8af
  2.   audit-1.7.3-prelude.patch
Blob Blame History Raw 
diff -urp audit-1.7.2.orig/audisp/plugins/prelude/audisp-prelude.c audit-1.7.2/audisp/plugins/prelude/audisp-prelude.c
--- audit-1.7.2.orig/audisp/plugins/prelude/audisp-prelude.c	2008-04-07 16:57:12.000000000 -0400
+++ audit-1.7.2/audisp/plugins/prelude/audisp-prelude.c	2008-04-17 16:27:51.000000000 -0400
@@ -228,7 +228,8 @@ int main(int argc, char *argv[])
 		return -1;
 	}
 
-	syslog(LOG_INFO, "audisp-prelude is ready for events");
+	if (mode != M_TEST)
+		syslog(LOG_INFO, "audisp-prelude is ready for events");
 	do {
 		/* Load configuration */
 		if (hup) {
@@ -248,9 +249,10 @@ int main(int argc, char *argv[])
 	/* Flush any accumulated events from queue */
 	auparse_flush_feed(au);
 
-	syslog(LOG_INFO, "audisp-prelude is exiting on stop request");
 	if (mode == M_TEST)
 		puts("audisp-prelude is exiting on stop request");
+	else
+		syslog(LOG_INFO, "audisp-prelude is exiting on stop request");
 
 	/* Cleanup subsystems */
 	if (client) 
@@ -1938,6 +1940,7 @@ static void handle_event(auparse_state_t
 				break;
 			case AUDIT_SYSCALL:
 				handle_watched_syscalls(au, &idmef, &alert);
+				goto_record_type(au, AUDIT_SYSCALL);
 				break;
 			default:
 				break;

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation