chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
audit: turn the audit fd into a static variable
[elogind.git]
/
src
/
core
/
selinux-access.c
diff --git
a/src/core/selinux-access.c
b/src/core/selinux-access.c
index 3a244ad9ffab422c0bcbd829fe529d01dc778735..9ddc042eca1475fcaafbde49f61f852944c3ab07 100644
(file)
--- a/
src/core/selinux-access.c
+++ b/
src/core/selinux-access.c
@@
-32,6
+32,7
@@
#include "dbus-common.h"
#include "audit.h"
#include "selinux-util.h"
#include "dbus-common.h"
#include "audit.h"
#include "selinux-util.h"
+#include "audit-fd.h"
#include <stdio.h>
#include <string.h>
#include <stdio.h>
#include <string.h>
@@
-44,7
+45,6
@@
#include <limits.h>
static bool initialized = false;
#include <limits.h>
static bool initialized = false;
-static int audit_fd = -1;
struct auditstruct {
const char *path;
struct auditstruct {
const char *path;
@@
-169,11
+169,11
@@
static int log_callback(int type, const char *fmt, ...) {
va_start(ap, fmt);
#ifdef HAVE_AUDIT
va_start(ap, fmt);
#ifdef HAVE_AUDIT
- if (
audit_fd
>= 0) {
+ if (
get_audit_fd()
>= 0) {
char buf[LINE_MAX];
vsnprintf(buf, sizeof(buf), fmt, ap);
char buf[LINE_MAX];
vsnprintf(buf, sizeof(buf), fmt, ap);
- audit_log_user_avc_message(
audit_fd
, AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+ audit_log_user_avc_message(
get_audit_fd()
, AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
va_end(ap);
return 0;
va_end(ap);
return 0;
@@
-210,12
+210,9
@@
static int access_init(void) {
return r;
}
return r;
}
-static int selinux_init(
Manager *m,
DBusError *error) {
+static int selinux_init(DBusError *error) {
int r;
int r;
-#ifdef HAVE_AUDIT
- audit_fd = m->audit_fd;
-#endif
if (initialized)
return 0;
if (initialized)
return 0;
@@
-318,7
+315,6
@@
static int get_calling_context(
still be generated if the access would be denied in enforcing mode.
*/
static int selinux_access_check(
still be generated if the access would be denied in enforcing mode.
*/
static int selinux_access_check(
- Manager *m,
DBusConnection *connection,
DBusMessage *message,
const char *path,
DBusConnection *connection,
DBusMessage *message,
const char *path,
@@
-330,13
+326,12
@@
static int selinux_access_check(
const char *tclass = NULL;
struct auditstruct audit;
const char *tclass = NULL;
struct auditstruct audit;
- assert(m);
assert(connection);
assert(message);
assert(permission);
assert(error);
assert(connection);
assert(message);
assert(permission);
assert(error);
- r = selinux_init(
m,
error);
+ r = selinux_init(error);
if (r < 0)
return r;
if (r < 0)
return r;
@@
-416,7
+411,7
@@
int selinux_unit_access_check(
assert(permission);
assert(error);
assert(permission);
assert(error);
- return selinux_access_check(
u->manager,
connection, message, u->source_path ? u->source_path : u->fragment_path, permission, error);
+ return selinux_access_check(connection, message, u->source_path ? u->source_path : u->fragment_path, permission, error);
}
int selinux_manager_access_check(
}
int selinux_manager_access_check(
@@
-432,7
+427,7
@@
int selinux_manager_access_check(
assert(permission);
assert(error);
assert(permission);
assert(error);
- return selinux_access_check(
m,
connection, message, NULL, permission, error);
+ return selinux_access_check(connection, message, NULL, permission, error);
}
void selinux_access_finish(void) {
}
void selinux_access_finish(void) {