pam_selinux, pam_tally2: Add tty and rhost to audit data.

modules/pam_selinux/pam_selinux.c (send_audit_message): Obtain tty and
rhost from PAM items and pass them to audit.
modules/pam_tally2/pam_tally2.c (tally_check): Obtain tty and
rhost from PAM items and pass them to audit.
(main): Obtain tty name of stdin and pass it to audit.

1 files changed, 4 insertions, 1 deletions

diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index d66ccb46..473655c5 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -87,6 +87,7 @@ int send_audit_message(pam_handle_t *pamh, int success, security_context_t defau
 	int audit_fd = audit_open();
 	security_context_t default_raw=NULL;
 	security_context_t selected_raw=NULL;
+	const void *tty = NULL, *rhost = NULL;
 	rc = -1;
 	if (audit_fd < 0) {
 		if (errno == EINVAL || errno == EPROTONOSUPPORT ||
@@ -95,6 +96,8 @@ int send_audit_message(pam_handle_t *pamh, int success, security_context_t defau
 		pam_syslog(pamh, LOG_ERR, "Error connecting to audit system.");
 		return rc;
 	}
+	(void)pam_get_item(pamh, PAM_TTY, &tty);
+	(void)pam_get_item(pamh, PAM_RHOST, &rhost);
 	if (selinux_trans_to_raw_context(default_context, &default_raw) < 0) {
 		pam_syslog(pamh, LOG_ERR, "Error translating default context.");
 		default_raw = NULL;
@@ -110,7 +113,7 @@ int send_audit_message(pam_handle_t *pamh, int success, security_context_t defau
 		goto out;
 	}
 	if (audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE,
-				   msg, NULL, NULL, NULL, success) <= 0) {
+				   msg, rhost, NULL, tty, success) <= 0) {
 		pam_syslog(pamh, LOG_ERR, "Error sending audit message.");
 		goto out;
 	}