From 2b820c534d8b3cb49b2554238d729e6f71df7772 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Tue, 15 Nov 2016 16:03:40 +0100
Subject: [PATCH] Audit the home directory ownership change.

---
 src/usermod.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/usermod.c b/src/usermod.c
index 687487d9..d72cf85f 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -1756,6 +1756,14 @@ static void move_home (void)
 			fail_exit (E_HOMEDIR);
 		}
 
+#ifdef WITH_AUDIT
+		if (uflg || gflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				      "changing home directory owner",
+				      user_newname, (unsigned int) user_newid, 1);
+		}
+#endif
+
 		if (rename (user_home, user_newhome) == 0) {
 			/* FIXME: rename above may have broken symlinks
 			 *        pointing to the user's home directory
@@ -2252,6 +2260,13 @@ int main (int argc, char **argv)
 			 * ownership.
 			 *
 			 */
+#ifdef WITH_AUDIT
+			if (uflg || gflg) {
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+					      "changing home directory owner",
+					      user_newname, (unsigned int) user_newid, 1);
+			}
+#endif
 			if (chown_tree (dflg ? user_newhome : user_home,
 			                user_id,
 			                uflg ? user_newid  : (uid_t)-1,