Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > > Cc: Stephen Smalley <sds@xxxxxxxxxxxxx> > Cc: James Morris <james.l.morris@xxxxxxxxxx> > Cc: Eric Paris <eparis@xxxxxxxxxxxxxx> Acked-by: Serge E. Hallyn <serge.hallyn@xxxxxxxxxx> > Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > --- > security/selinux/selinuxfs.c | 6 +++--- > security/selinux/ss/services.c | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c > index 298e695..55af8c5 100644 > --- a/security/selinux/selinuxfs.c > +++ b/security/selinux/selinuxfs.c > @@ -174,7 +174,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, > audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, > "enforcing=%d old_enforcing=%d auid=%u ses=%u", > new_value, selinux_enforcing, > - audit_get_loginuid(current), > + from_kuid(&init_user_ns, audit_get_loginuid(current)), > audit_get_sessionid(current)); > selinux_enforcing = new_value; > if (selinux_enforcing) > @@ -305,7 +305,7 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf, > goto out; > audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, > "selinux=0 auid=%u ses=%u", > - audit_get_loginuid(current), > + from_kuid(&init_user_ns, audit_get_loginuid(current)), > audit_get_sessionid(current)); > } > > @@ -551,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf, > out1: > audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, > "policy loaded auid=%u ses=%u", > - audit_get_loginuid(current), > + from_kuid(&init_user_ns, audit_get_loginuid(current)), > audit_get_sessionid(current)); > out: > mutex_unlock(&sel_mutex); > diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c > index 4321b8f..b4feecc 100644 > --- a/security/selinux/ss/services.c > +++ b/security/selinux/ss/services.c > @@ -2440,7 +2440,7 @@ int security_set_bools(int len, int *values) > sym_name(&policydb, SYM_BOOLS, i), > !!values[i], > policydb.bool_val_to_struct[i]->state, > - audit_get_loginuid(current), > + from_kuid(&init_user_ns, audit_get_loginuid(current)), > audit_get_sessionid(current)); > } > if (values[i]) > -- > 1.7.5.4 > > _______________________________________________ > Containers mailing list > Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx > https://lists.linuxfoundation.org/mailman/listinfo/containers _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
