From a1a725d20d254e110273d74d0729a34ed2a5e4e3 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Mon, 13 May 2013 11:53:00 +0200
Subject: [PATCH] linux: Set AUDIT_LOGINUID_IMMUTABLE

This prevents faking the loginuid even by root.
---
 pkgs/os-specific/linux/kernel/linux-3.4.nix | 1 +
 pkgs/os-specific/linux/kernel/linux-3.7.nix | 1 +
 pkgs/os-specific/linux/kernel/linux-3.8.nix | 1 +
 pkgs/os-specific/linux/kernel/linux-3.9.nix | 1 +
 4 files changed, 4 insertions(+)

diff --git a/pkgs/os-specific/linux/kernel/linux-3.4.nix b/pkgs/os-specific/linux/kernel/linux-3.4.nix
index d00c3b65329..aba9ded0366 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.4.nix
@@ -163,6 +163,7 @@ let
       AIC79XX_DEBUG_ENABLE n
       AIC7XXX_DEBUG_ENABLE n
       AIC94XX_DEBUG n
+      AUDIT_LOGINUID_IMMUTABLE y
       B43_PCMCIA y
       BLK_DEV_CMD640_ENHANCED y # CMD640 enhanced support
       BLK_DEV_IDEACPI y # IDE ACPI support
diff --git a/pkgs/os-specific/linux/kernel/linux-3.7.nix b/pkgs/os-specific/linux/kernel/linux-3.7.nix
index ac49774b818..1ee2b9d7eda 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.7.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.7.nix
@@ -164,6 +164,7 @@ let
       AIC79XX_DEBUG_ENABLE n
       AIC7XXX_DEBUG_ENABLE n
       AIC94XX_DEBUG n
+      AUDIT_LOGINUID_IMMUTABLE y
       B43_PCMCIA y
       BLK_DEV_CMD640_ENHANCED y # CMD640 enhanced support
       BLK_DEV_IDEACPI y # IDE ACPI support
diff --git a/pkgs/os-specific/linux/kernel/linux-3.8.nix b/pkgs/os-specific/linux/kernel/linux-3.8.nix
index a1b3ca62cfb..b6d6d49be65 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.8.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.8.nix
@@ -164,6 +164,7 @@ let
       AIC79XX_DEBUG_ENABLE n
       AIC7XXX_DEBUG_ENABLE n
       AIC94XX_DEBUG n
+      AUDIT_LOGINUID_IMMUTABLE y
       B43_PCMCIA y
       BLK_DEV_CMD640_ENHANCED y # CMD640 enhanced support
       BLK_DEV_IDEACPI y # IDE ACPI support
diff --git a/pkgs/os-specific/linux/kernel/linux-3.9.nix b/pkgs/os-specific/linux/kernel/linux-3.9.nix
index a6cb72af216..bb990c74186 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.9.nix
@@ -164,6 +164,7 @@ let
       AIC79XX_DEBUG_ENABLE n
       AIC7XXX_DEBUG_ENABLE n
       AIC94XX_DEBUG n
+      AUDIT_LOGINUID_IMMUTABLE y
       B43_PCMCIA y
       BLK_DEV_CMD640_ENHANCED y # CMD640 enhanced support
       BLK_DEV_IDEACPI y # IDE ACPI support