svn commit: r185484 - head/sys/security/audit

Christian S.J. Peron csjp at FreeBSD.org
Sun Nov 30 11:58:03 PST 2008


Author: csjp
Date: Sun Nov 30 19:58:03 2008
New Revision: 185484
URL: http://svn.freebsd.org/changeset/base/185484

Log:
  Partially roll back a revision which changed the error code being returned
  by getaudit(2).  Some applications such has su, id will interpret E2BIG as
  requiring the use of getaudit_addr(2) to pull extended audit state (ip6)
  from the kernel.
  
  This change un-breaks the ABI when auditing has been activated on a system
  and the users are logged in via ip6.
  
  This is a RELENG_7_1 candidate.
  
  MFC after:	1 day
  Discussed with:	rwatson

Modified:
  head/sys/security/audit/audit_syscalls.c

Modified: head/sys/security/audit/audit_syscalls.c
==============================================================================
--- head/sys/security/audit/audit_syscalls.c	Sun Nov 30 19:30:31 2008	(r185483)
+++ head/sys/security/audit/audit_syscalls.c	Sun Nov 30 19:58:03 2008	(r185484)
@@ -510,7 +510,7 @@ getaudit(struct thread *td, struct getau
 	if (error)
 		return (error);
 	if (cred->cr_audit.ai_termid.at_type == AU_IPv6)
-		return (ERANGE);
+		return (E2BIG);
 	bzero(&ai, sizeof(ai));
 	ai.ai_auid = cred->cr_audit.ai_auid;
 	ai.ai_mask = cred->cr_audit.ai_mask;


More information about the svn-src-all mailing list