- write_to_journal(s,
- s->split_mode == SPLIT_NONE ? 0 :
- (s->split_mode == SPLIT_UID ? realuid :
- (realuid == 0 ? 0 : loginuid)), iovec, n);
-
- free(pid);
- free(uid);
- free(gid);
- free(comm);
- free(exe);
- free(cmdline);
- free(source_time);
- free(boot_id);
- free(machine_id);
- free(hostname);
- free(audit_session);
- free(audit_loginuid);
- free(cgroup);
- free(session);
- free(owner_uid);
- free(unit);
- free(selinux_context);
+ if (s->split_mode == SPLIT_UID && realuid > 0)
+ /* Split up strictly by any UID */
+ journal_uid = realuid;
+ else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
+ /* Split up by login UIDs, this avoids creation of
+ * individual journals for system UIDs. We do this
+ * only if the realuid is not root, in order not to
+ * accidentally leak privileged information to the
+ * user that is logged by a privileged process that is
+ * part of an unprivileged session.*/
+ journal_uid = owner;
+ else
+ journal_uid = 0;
+
+ write_to_journal(s, journal_uid, iovec, n);