Message ID | 201704200937.v3K9bf0f022355@finist_cl7.x64_64.work.ct |
---|---|
State | New |
Series | "ve/audit: allow changing loginuid for VE root" |
Headers | show
Delivered-To: criupatchwork@gmail.com Received: from gmail-imap.l.google.com [64.233.164.108] by patchwork.criu.org with IMAP (fetchmail-6.3.26) for <root@localhost> (single-drop); Thu, 20 Apr 2017 11:40:48 +0200 (CEST) Received: by 10.100.181.168 with SMTP id r37csp661142pjb; Thu, 20 Apr 2017 02:40:44 -0700 (PDT) X-Received: by 10.200.46.150 with SMTP id h22mr7603195qta.157.1492681244500; Thu, 20 Apr 2017 02:40:44 -0700 (PDT) Return-Path: <devel-bounces@openvz.org> Received: from mail.openvz.org (mail.openvz.org. [199.115.104.192]) by mx.google.com with ESMTPS id t63si5240154qtd.268.2017.04.20.02.40.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Apr 2017 02:40:44 -0700 (PDT) Received-SPF: pass (google.com: domain of devel-bounces@openvz.org designates 199.115.104.192 as permitted sender) client-ip=199.115.104.192; Authentication-Results: mx.google.com; spf=pass (google.com: domain of devel-bounces@openvz.org designates 199.115.104.192 as permitted sender) smtp.mailfrom=devel-bounces@openvz.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: from mail.openvz.org (localhost [127.0.0.1]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id v3K9boEK021056; Thu, 20 Apr 2017 02:38:02 -0700 Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-db5eur03lp0081.outbound.protection.outlook.com [94.245.120.81]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id v3K9bloc021053 for <devel@openvz.org>; Thu, 20 Apr 2017 02:37:47 -0700 Received: from DB5PR08CA0064.eurprd08.prod.outlook.com (2a01:111:e400:c576::32) by AM4PR0801MB1489.eurprd08.prod.outlook.com (2603:10a6:200:3d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1034.10; Thu, 20 Apr 2017 09:37:44 +0000 Received: from VE1EUR01FT016.eop-EUR01.prod.protection.outlook.com (2a01:111:f400:7e01::203) by DB5PR08CA0064.outlook.office365.com (2a01:111:e400:c576::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1034.10 via Frontend Transport; Thu, 20 Apr 2017 09:37:43 +0000 Authentication-Results: spf=pass (sender IP is 195.214.232.25) smtp.mailfrom=virtuozzo.com; openvz.org; dkim=none (message not signed) header.d=none; openvz.org; dmarc=pass action=none header.from=virtuozzo.com; Received-SPF: Pass (protection.outlook.com: domain of virtuozzo.com designates 195.214.232.25 as permitted sender) receiver=protection.outlook.com; client-ip=195.214.232.25; helo=relay.sw.ru; Received: from relay.sw.ru (195.214.232.25) by VE1EUR01FT016.mail.protection.outlook.com (10.152.2.227) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1019.14 via Frontend Transport; Thu, 20 Apr 2017 09:37:43 +0000 Received: from finist_cl7.x64_64.work.ct (msk-vpn.virtuozzo.com [195.214.232.6]) by relay.sw.ru (8.13.4/8.13.4) with ESMTP id v3K9bgBT010333 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 20 Apr 2017 12:37:42 +0300 (MSK) Received: from finist_cl7.x64_64.work.ct (localhost [127.0.0.1]) by finist_cl7.x64_64.work.ct (8.14.7/8.14.7) with ESMTP id v3K9bfxr022356; Thu, 20 Apr 2017 13:37:41 +0400 Received: (from khorenko@localhost) by finist_cl7.x64_64.work.ct (8.14.7/8.14.7/Submit) id v3K9bf0f022355; Thu, 20 Apr 2017 13:37:41 +0400 Date: Thu, 20 Apr 2017 13:37:41 +0400 Message-ID: <201704200937.v3K9bf0f022355@finist_cl7.x64_64.work.ct> X-Authentication-Warning: finist_cl7.x64_64.work.ct: khorenko set sender to khorenko@virtuozzo.com using -f From: Konstantin Khorenko <khorenko@virtuozzo.com> To: Pavel Tikhomirov <ptikhomirov@virtuozzo.com> In-Reply-To: <20170419102401.25350-1-ptikhomirov@virtuozzo.com> X-EOPAttributedMessage: 0 X-Forefront-Antispam-Report: CIP:195.214.232.25; IPV:CAL; SCL:-1; CTRY:RU; EFV:NLI; SFV:SKN; SFS:; DIR:INB; SFP:; SCL:-1; SRVR:AM4PR0801MB1489; H:relay.sw.ru; FPR:; SPF:None; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; VE1EUR01FT016; 1:81gh+nwwp9Bu/9QzEOTn1/9kIHr+4igvNbLTXLLZwpmlRwfzWAjCTukFImUwPd4+sP2alwUtVhssaw+csu6yPqcXE7fv8mYfEWncLAiaW9/5aB4BoGpBGNKLr5crEqzn/X5bJRqzroJOowg5B4GWCDJ3HXx1/ZVwpb+G820XXh3MUke2N9cyO+EU+Cz3YJggvlzghomyqNqeO3Cmh8K8Z0+OZauo4vs2goPEeptmZCOcKR6YkIUybw1+wkFwcIf7EglivQE3pOsCP6uXjYbNPzqW8hjP+HkVQFPlZ04ghp32I7uJ62nkAH7Y70HIIepCVjHRUwkiIhLhaAmiynNFJ0kw6AuverANGQJpGemELdKRpEuKuEtWRm8E5q5kkmSDDZLG/5+4uEgFhkAEVAlz2c6GOjrXXciU9eJvkJV/WB1yeFmwtmM6tQ9nKZfn3ulgEVRFJX6LaW2OBtzsgKrKXderkvuJ0o7kdTr7bSQvC4QilCnWrIAdI62t/pXwFPar0udn3hDBCF0l+nmIgMpuIw== MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: d846277d-5831-4c71-3ec9-08d487d0e53b X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(8251501002)(2017030254075)(201703131423075)(201703031133081); SRVR:AM4PR0801MB1489; X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 3:8CIMj2odaJ7H9OQok6OTMQf7HyTKEi1vY0TgumwyPAmQS87acK5+K0lnmaREvy8o6tylH3GJM1Fi/W+qbKit8oBrl+Yt1FoFKXjIT025ygXZz5XgJsNimfCD8MjY0n9w1oWVZFjlZ8teNF9BhEs2zUOYWJW/yz2zsglIhtL2PwKimqozxmX0DFx5bTGmToxyVzHx6lHFfXDKmAfnmbNoM+ONOe2OPyeR3AXuqc717HXPEicb/wt972FLpKxHFdZj1HzF0HKkHghYILHNWft+xdlpSlABl5bJCl/M9E/Nfre/6ZuiJRMuh+wpDT4QSaQuNKNsYmQMBE2iaGBMPkmOudAFO4o0OqLG3gcjQNXKENcMOi0WliRKS4WbqHWNYjN1yAIka0t4hRqqZWu5IF6mZIEoecA6JYv8etuaJ4CBVI/UL5gHlGVroryn471QDzZ2BKAHUCHMtdWTNcQCCV/eMhLdxUKABHFrP4fLDPg00h/GApQ5l2XXh3156hgHoOpm X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 25:lQXBxMD4/LyD1T+shiPDN1k4YN70wWgfcXwpYi9d6PQrK8+RQ15NbtUnZQMns8xMG6GeOwwZrbV8jZ43Fvp58U2AKfU6J8wBsCQ7i9gI8Q7mjfamyA0tIQZ7h4UorGKYe/1MdZ2F6pqe0rd72yMYm0Nsb+CyLBVxAdT7sITkODHIXS6KzenSZyJtpgeGbPyRkFUcrjH3v6VeGwT1MscxNHpgWX+5lhgGquv2ss1dkoB3gorNArae2pGdzd1uM291d9pfTDSTkpwmUfTH0Ex9mk3sI/U7aWg+M59OcTPk/LET390KCHQy/f7LL0bg2PtkgesoeBTXD4lTEpCyhbzFsFBuUlxthUxIZqkhyPrVBkcY3DwgBfhuWSVnPgGoFSwFz4UN7ICHvIpvtCNp5KiNI4R0t/IqjkTphQj8b9DSaGkwQ9+xfNvgvJq+XqbzsXFVX9QD2vqaf7jxJLktZ1mcVg==; 31:jWn/jJfZsK0QdMwrkJnCQZOZ344xroQO6MHiNDfVhRZyU41+BEEShn7KFoQwi9f0MJimlU6Jh4WP7j2kj2CznwM43L90LpLilpHIG1GNJo+IeFiwUBp76KuPmPWzHHYYYnMynZJ0uwWrvrRHiD0YBt/6bAGLcnPsI3oz1R+GsGZtaNYVR2wbHVtSeXG3UMoxiJnQTXnE1sRl2h1KsdFTZOOJXrBYtskqwMhIQhUVwQucf/BcOxTrF8e6JRcb4HCT55aX9vKcJAsxSYZ+WpXlLm8dTnGYU5yG6iH3f/1cd85AkuJL1tiqCdWPGmBCFwkz X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 20:Z30qi7AZCSZww2WDIlKt3MHGzC3bMIxsfmeTmTA6NQSbWcrAeytwDN17LxF4BjmEnRWnWHwKnogk/xjhLigLZDd3er0QcitcemcXqibvga44b/VIXxkSw5GuSULkgyFRNsfyPM/amUp9o1PtqaufsLtTTmRQX6xoXH5v7bl7z59oFrseBx07qWd7T7wIbNAN7zcBOdYMl1IAflRJWUng4o/97mEh0r+QyOqra1s997uWBoYm/FU+WPzRlMdXMxtAYUZ+gWja6WncpRQGhoJa7KWDeNYZRTLDN8VYyNBXCKWEkA5hikIk2fhA/EhqgE3ACndrFur9NoWrd7kB5pR1FX4/EcYF4m1A/0+cDGkV3D6SFRcOnS4x6PiWmdU1iw/k2WYkuo90hrqj2tXFUSYGCFYWNtUa/ymtkCn9VPd5Th4CHhtH+g5bgQnDC21tCiDLzIsIbMtNpA72guizZ8k73+v67O4OHBA46+Geg7DMsVKwoZ8lgLR21dgJil8leUPpHSk6BoG/2IFWJEvmE9Vt8A== X-Exchange-Antispam-Report-Test: UriScan:(215187933766430)(17755550239193); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(9101521199)(601004)(2401047)(13023025)(13020025)(13013025)(8121501046)(93006095)(93004095)(3002001)(10201501046); SRVR:AM4PR0801MB1489; BCL:0; PCL:0; RULEID:; SRVR:AM4PR0801MB1489; X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 4:C6W2MwGGMmLlCK+ieZK7x2hPwiI6hnCLt1QyjOcty0f/OgvzH6asz75aVtgcKKUy1E54vXfRHIYIzNvlqXTzrs/0fYqQXrcyEGThFcHtqNBYKe/AJk+yDyBtClR3Sj5nDmzXVyHvgIcaGp0rXCYwi5lJMIeovnk263yO4JHU4s95RpVH3MfTA8NBpBBO26lsXt+6rZTedHUjGPp3zRajYZg8jzDrVl3AkYDOfWRhiYFpy5wA73IVmbH8A9qPCqmdKyYwi/E5xCrwPoWo0JX6QrHyqCFFD2UHT1mSA6Pbo29wuhAtyRk9DAng4y4x13nEGS7H8gJiIM7bGg/nm6dFya1tQF3+8Y02NoKLp2HJUZ3plIPhdQxcQpgF/AIDrMAyfgl5w0hiV8gixCQ51mCt2J9GAr+9RgIryMzY431nXcgXaz1dyNSFR1X9tYpfzfq/t1WkSg8XAjrN5WBJmdaN8o1eDpSZgx9Urzk22m+kpYV3uZ+gS7dVoK/MG1WudFpHlRnLymXTcHbHYNSaM+UD2gyY6GdAaVmYCdBZ2UIpN9r+FlUHgRmLjayB6LTOwr8m; 23:sDy/Tq/X31cU+fsvmwLsbV1NFsoyVN9OARsrm2AJdY8ZDfNdGh9f8rPFu1e/y1jtOW6489N6OZhqlRQmNT7Rxn+0/Jt3UTLWEpjSifo3FYTdySn9oNskvEp2AK/dR/u6bRq55Biv9DePTU9GEgdW+YTYRP3W6/2hAPa6CLWts8atzUrag/9IMV95m1F0POvI X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 6:lYEXi3rbBgLgTOopCynPYI9ahyb+LV/fMEyb0LGgtANpM0dqMGbPjBXKgzCvZ4kX33lbMn7wWaHSQtO50li8UncpQUWMjwg9M7arij/lAHUvQgNER5GRh6G3HL8kbKrK/Leyu2Fput19hXxCtHBvmVFT659Rvk7JfcBkuU/FceY5bFE4TsH8GRND1n09scp9bGQAMa3gwCg13YZD0Ki3iChTHN0/SCHMqyTZrRoaVq3TNOdm+ZBD43K2Kj3Hwvnlo7X6fslRlCitVgKmO7XzQBpp587N21WZrKajd0PuEYKqbRZPnNCfLKeN1UjeYL/slXgOtIeKt5KwuHivo3+vNry3pm5uIZpJeSD7h1ybYFB1v6R4iDiVJuYMh2ycr7bEILcpSY8xHVLBje4i3BJUvy3cw0qYZsbS+janW70hRThSbL2A2YKgHUXfmAiLOr9c; 5:+GpXdys6NDBa3xHNAWT7ycNswSNcPckFBjofns28+ZTt//JvkIrJTpb2wYDM/KpEcG8bIDHcElcLzTdthrcCsharUJe28rIdJYYjjpEeXvGFfQPUIkZW0J9uoH9s6AR4U9r94YfanTfJ3xC/jf+Ifw==; 24:yVgxv11mJ1vfSZ59Sdl4Y4jPLJwxSFWAQ0s4U75szlDjg9I4RlJ7uFRUuvUymfrmHHTHt2VMqjzxvmAClAnWlm4e/LQv05ee7juSWFHpWZo= SpamDiagnosticOutput: 1:2 SpamDiagnosticMetadata: 2b2090aae5154f77b71484475de18b04 X-Microsoft-Exchange-Diagnostics: 1; AM4PR0801MB1489; 7:3YEeseAVZqqE7ZDXlIAjI16jl+sdS36zHQI/mAuzb2LKhYeaeRI40TwDnRN+gpExaqjBB5iEtBp1iyXNsYq+4etvOe994YPOpY7SklBkw+B2IY/CeGcbiI9bBdGe+C3Uxs3fuH6rfQA8x742F9+GIcFifoNcQYnH/nk4CcUTV7t18D5DpUEEIIB/Q6217mLMk8G7vg3WZGe/dvFAuh796LaXRRnNqFveuOV+gVZ2zVDtQFV3rCRHvaI11VHQ5EqSDTy9Ao3MoMCgq5X5RLyUFn8WrB/1f4DNaiNMaOfD32hjNW2w9c5hHzRsJEB5H/MoLoSVf7e7hwI1vFqv1uBJznl4JMh/eZgKI06h5DwI9XbYugqcV2a1x/E2bVAa4IOm0Lex4MgtHDO+euKnisZFQQ==; 20:t3ib0IIYh1XsbyDwukWBu9yphuV8QSzGFqlVtnJnvfMa3T6gm2xrgvTdOdyWn5WaldV30n+QXaF+/PYBKfCIgAVlm+Lxj/82vltneFKl+gYFqLYexyXjYa/Nb/S9LB/1USBPwX98HzVcIDO6mCM6DH6k8cGC0uEkhHZW5wkIUMo= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2017 09:37:43.0676 (UTC) X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0bc7f26d-0264-416e-a6fc-8352af79c58f; Ip=[195.214.232.25]; Helo=[relay.sw.ru] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB1489 X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 195.214.232.25 X-MS-Exchange-CrossPremises-SCL: -1 X-MS-Exchange-CrossPremises-AuthSource: VE1EUR01FT016.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossPremises-AuthAs: Anonymous X-MS-Exchange-CrossPremises-AVStamp-Service: 1.0 X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:SKN; SKIP:0; X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent X-OrganizationHeadersPreserved: AM4PR0801MB1489.eurprd08.prod.outlook.com Cc: OpenVZ devel <devel@openvz.org> Subject: [Devel] [PATCH RHEL7 COMMIT] ve/audit: allow changing loginuid for VE root X-BeenThere: devel@openvz.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: OpenVZ development <devel.openvz.org> List-Unsubscribe: <https://lists.openvz.org/mailman/options/devel>, <mailto:devel-request@openvz.org?subject=unsubscribe> List-Archive: <http://lists.openvz.org/pipermail/devel/> List-Post: <mailto:devel@openvz.org> List-Help: <mailto:devel-request@openvz.org?subject=help> List-Subscribe: <https://lists.openvz.org/mailman/listinfo/devel>, <mailto:devel-request@openvz.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: devel-bounces@openvz.org Errors-To: devel-bounces@openvz.org |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6321dad..1afd926 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1898,7 +1898,7 @@ static int audit_set_loginuid_perm(kuid_t loginuid) if (is_audit_feature_set(AUDIT_FEATURE_LOGINUID_IMMUTABLE)) return -EPERM; /* it is set, you need permission */ - if (!capable(CAP_AUDIT_CONTROL)) + if (!ve_capable(CAP_AUDIT_CONTROL)) return -EPERM; /* reject if this is not an unset and we don't allow that */ if (is_audit_feature_set(AUDIT_FEATURE_ONLY_UNSET_LOGINUID) && uid_valid(loginuid))