Commit 44d2e9da authored by John Johansen's avatar John Johansen

fix: auditing of capabilities

BugLink: http://bugs.launchpad.net/bugs/1378091

The audit flags are not being set correctly by the parser so that

  audit capability XXX,

will not result in an audit message being logged when the capability
is used.
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie's avatarSteve Beattie <steve@nxnw.org>
parent 52cd4835
......@@ -793,13 +793,17 @@ rules: rules opt_prefix capability
if ($2.owner)
yyerror(_("owner prefix not allowed on capability rules"));
if ($2.deny)
if ($2.deny && $2.audit) {
$1->caps.deny |= $3;
else
} else if ($2.deny) {
$1->caps.deny |= $3;
$1->caps.quiet |= $3;
} else {
$1->caps.allow |= $3;
if ($2.audit)
$1->caps.audit |= $3;
}
if (!$2.audit)
$1->caps.quiet |= $3;
$$ = $1;
};
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment