[libsemanage/f20] Add msg to audit records

[Daniel J Walsh]

commit a6ecf474d2078918f72d7d9bbc313cd7b7d1c9df
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Mon Sep 23 15:13:49 2013 -0400

    Add msg to audit records

 libsemanage-rhat.patch |   24 +++++++++++++++++++++---
 libsemanage.spec       |    5 ++++-
 2 files changed, 25 insertions(+), 4 deletions(-)
---
diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch
index ad45297..e7bff36 100644
--- a/libsemanage-rhat.patch
+++ b/libsemanage-rhat.patch
@@ -254,10 +254,10 @@ index 8823b1e..d92633e 100644
  
  hidden_def(semanage_seuser_set_sename)
 diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c
-index e7cf12c..d8020a9 100644
+index e7cf12c..c77be73 100644
 --- a/libsemanage/src/seusers_local.c
 +++ b/libsemanage/src/seusers_local.c
-@@ -8,27 +8,131 @@ typedef struct semanage_seuser record_t;
+@@ -8,27 +8,149 @@ typedef struct semanage_seuser record_t;
  
  #include <sepol/policydb.h>
  #include <sepol/context.h>
@@ -316,6 +316,10 @@ index e7cf12c..d8020a9 100644
 +	const char *psename = NULL;
 +	const char *pmls = NULL;
 +	char *proles = NULL;
++	char msg[1024];
++	const char *sep = "-";
++
++	strcpy(msg,"login");
 +	if (seuser) {
 +		name = semanage_seuser_get_name(seuser);
 +		sename = semanage_seuser_get_sename(seuser);
@@ -327,6 +331,20 @@ index e7cf12c..d8020a9 100644
 +		pmls = semanage_seuser_get_mlsrange(previous);
 +		proles = semanage_user_roles(handle, psename);
 +	}
++	if (audit_type != AUDIT_ROLE_REMOVE) {
++		if (!psename || strcmp(psename, sename) != 0) {
++			sprintf(msg,"%s%s%s",msg, sep,"sename");
++			sep = ",";
++		}
++		if (!proles || strcmp(proles, roles) != 0) {
++			sprintf(msg,"%s%s%s",msg, sep,"role");
++			sep = ",";
++		}
++		if (!pmls || strcmp(pmls, mls) != 0) {
++			sprintf(msg,"%s%s%s",msg, sep,"range");
++			sep = ",";
++		}
++	}
 +
 +	int fd = audit_open();
 +	if (fd < 0)
@@ -336,7 +354,7 @@ index e7cf12c..d8020a9 100644
 +			return 0;
 +		return fd;
 +	}
-+	audit_log_semanage_message(fd, audit_type, NULL, NULL, name, 0, sename, roles, mls, psename, proles, pmls, NULL, NULL,NULL, success);
++	audit_log_semanage_message(fd, audit_type, NULL, msg, name, 0, sename, roles, mls, psename, proles, pmls, NULL, NULL,NULL, success);
 +	audit_close(fd);
 +	free(roles);
 +	free(proles);
diff --git a/libsemanage.spec b/libsemanage.spec
index dd3a771..ad111c1 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -7,7 +7,7 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
 Version: 2.1.10
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: libsemanage-%{version}.tgz
@@ -179,6 +179,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif # if with_python3
 
 %changelog
+* Mon Sep 23 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.10-11
+- Add msg to audit records
+
 * Thu Sep 19 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.10-10
 - Do not write error message to screen when looking for previous record for auditing.
 - Add mls_range from user record if the MLS range is not specified by the seuser add record.