Use "previous" user name when no new user is available in
semanage_seuser_audit. Otherwise "id=0" is logged instead of
"acct=user_name" ("id=0" is hard coded value).
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1622045
---
libsemanage/src/seusers_local.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c
index 413ebddd..5fbb09e4 100644
--- a/libsemanage/src/seusers_local.c
+++ b/libsemanage/src/seusers_local.c
@@ -71,17 +71,18 @@ static int semanage_seuser_audit(semanage_handle_t * handle,
const char *sep = "-";
int rc = -1;
strcpy(msg, "login");
+ if (previous) {
+ name = semanage_seuser_get_name(seuser);
+ psename = semanage_seuser_get_sename(previous);
+ pmls = semanage_seuser_get_mlsrange(previous);
+ proles = semanage_user_roles(handle, psename);
+ }
if (seuser) {
name = semanage_seuser_get_name(seuser);
sename = semanage_seuser_get_sename(seuser);
mls = semanage_seuser_get_mlsrange(seuser);
roles = semanage_user_roles(handle, sename);
}
- if (previous) {
- psename = semanage_seuser_get_sename(previous);
- pmls = semanage_seuser_get_mlsrange(previous);
- proles = semanage_user_roles(handle, psename);
- }
if (audit_type != AUDIT_ROLE_REMOVE) {
if (sename && (!psename || strcmp(psename, sename) != 0)) {
strcat(msg,sep);
--
2.14.3
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
