From owner-p4-projects@FreeBSD.ORG  Mon Oct 17 19:20:38 2005
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 2A5E716A42F; Mon, 17 Oct 2005 19:20:38 +0000 (GMT)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BF14E16A423
	for <perforce@freebsd.org>; Mon, 17 Oct 2005 19:20:37 +0000 (GMT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8552E43D55
	for <perforce@freebsd.org>; Mon, 17 Oct 2005 19:20:37 +0000 (GMT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j9HJKb0l097133
	for <perforce@freebsd.org>; Mon, 17 Oct 2005 19:20:37 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j9HJKbPn097130
	for perforce@freebsd.org; Mon, 17 Oct 2005 19:20:37 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Mon, 17 Oct 2005 19:20:37 GMT
Message-Id: <200510171920.j9HJKbPn097130@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 85458 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2005 19:20:38 -0000

http://perforce.freebsd.org/chv.cgi?CH=85458

Change 85458 by rwatson@rwatson_peppercorn on 2005/10/17 19:20:18

	Audit the path passed to the acct() system call.  Annotate that we
	will need to add an argument token in the event that accounting is
	being disabled by the system call.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/kern/kern_acct.c#5 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/kern/kern_acct.c#5 (text+ko) ====

@@ -143,7 +143,8 @@
 	 * appending and make sure it's a 'normal'.
 	 */
 	if (uap->path != NULL) {
-		NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
+		NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNPATH1, UIO_USERSPACE,
+		    uap->path, td);
 		flags = FWRITE | O_APPEND;
 		error = vn_open(&nd, &flags, 0, -1);
 		if (error)
@@ -165,6 +166,9 @@
 		}
 #ifdef MAC
 	} else {
+		/*
+		 * XXXAUDIT: Need to audit that accounting is being disabled.
+		 */
 		error = mac_check_system_acct(td->td_ucred, NULL);
 		if (error)
 			goto done2;