From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 14 Apr 2015 14:29:03 +0000 (-0400)
Subject: journal: use audit event names instead of numbers
X-Git-Tag: v226.4~1^2~468
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=baa9b2f09da25d6ba820c43f9a55a6c9f2e48662;p=elogind.git

journal: use audit event names instead of numbers

<audit-1400> is replaced by AVC, etc.

A fallback mechanism is provided for unlisted event types.
Occasionally new types are added to the kernel, but not too often.

Add a simple "test", which simply prints the mapping.
---

diff --git a/src/journal/audit-type.c b/src/journal/audit-type.c
index b8c8ee531..4888c7d05 100644
--- a/src/journal/audit-type.c
+++ b/src/journal/audit-type.c
@@ -19,6 +19,7 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
+#include <stdio.h>
 #include <linux/audit.h>
 #ifdef HAVE_AUDIT
 #  include <libaudit.h>
diff --git a/src/journal/audit-type.h b/src/journal/audit-type.h
index 9f37716cd..fa5284e02 100644
--- a/src/journal/audit-type.h
+++ b/src/journal/audit-type.h
@@ -21,6 +21,19 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
+#include "macro.h"
 
 const char *audit_type_to_string(int type);
 int audit_type_from_string(const char *s);
+
+/* This is inspired by DNS TYPEnnn formatting */
+#define audit_type_name_alloca(type)                                    \
+        ({                                                              \
+                const char *_s_;                                        \
+                _s_ = audit_type_to_string(type);                       \
+                if (!_s_) {                                             \
+                        _s_ = alloca(strlen("AUDIT") + DECIMAL_STR_MAX(int)); \
+                        sprintf((char*) _s_, "AUDIT%04i", type);        \
+                }                                                       \
+                _s_;                                                    \
+        })
diff --git a/src/journal/test-audit-type.c b/src/journal/test-audit-type.c
new file mode 100644
index 000000000..7946cf3c4
--- /dev/null
+++ b/src/journal/test-audit-type.c
@@ -0,0 +1,44 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  This file is part of systemd.
+
+  Copyright 2015 Zbigniew JÄdrzejewski-Szmek
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <stdio.h>
+#include <linux/audit.h>
+
+#include "audit-type.h"
+
+static void print_audit_label(int i) {
+        const char *name;
+
+        name = audit_type_name_alloca(i);
+        /* This is a separate function only because of alloca */
+        printf("%i â %s â %s\n", i, audit_type_to_string(i), name);
+}
+
+static void test_audit_type(void) {
+        int i;
+
+        for (i = 0; i <= AUDIT_KERNEL; i++)
+                print_audit_label(i);
+}
+
+int main(int argc, char **argv) {
+        test_audit_type();
+}
