chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tree-wide: spelling fixes
[elogind.git]
/
src
/
journal
/
journald-audit.c
diff --git
a/src/journal/journald-audit.c
b/src/journal/journald-audit.c
index 520d1cbb31186be895bb60c06b5f9618ef6de6ab..20936f4bed7109f58d90acf53f551674e0042442 100644
(file)
--- a/
src/journal/journald-audit.c
+++ b/
src/journal/journald-audit.c
@@
-172,7
+172,7
@@
static int map_generic_field(const char *prefix, const char **p, struct iovec **
if (!((*e >= 'a' && *e <= 'z') ||
(*e >= 'A' && *e <= 'Z') ||
(*e >= '0' && *e <= '9') ||
if (!((*e >= 'a' && *e <= 'z') ||
(*e >= 'A' && *e <= 'Z') ||
(*e >= '0' && *e <= '9') ||
-
(*e == '_')
))
+
*e == '_' || *e == '-'
))
return 0;
}
return 0;
}
@@
-182,8
+182,18
@@
static int map_generic_field(const char *prefix, const char **p, struct iovec **
c = alloca(strlen(prefix) + (e - *p) + 2);
t = stpcpy(c, prefix);
c = alloca(strlen(prefix) + (e - *p) + 2);
t = stpcpy(c, prefix);
- for (f = *p; f < e; f++)
- *(t++) = *f >= 'a' && *f <= 'z' ? ((*f - 'a') + 'A') : *f;
+ for (f = *p; f < e; f++) {
+ char x;
+
+ if (*f >= 'a' && *f <= 'z')
+ x = (*f - 'a') + 'A'; /* uppercase */
+ else if (*f == '-')
+ x = '_'; /* dashes → underscores */
+ else
+ x = *f;
+
+ *(t++) = x;
+ }
strcpy(t, "=");
e ++;
strcpy(t, "=");
e ++;
@@
-196,7
+206,7
@@
static int map_generic_field(const char *prefix, const char **p, struct iovec **
return r;
}
return r;
}
-/* Kernel fields are those occuring in the audit string before
+/* Kernel fields are those occur
r
ing in the audit string before
* msg='. All of these fields are trusted, hence carry the "_" prefix.
* We try to translate the fields we know into our native names. The
* other's are generically mapped to _AUDIT_FIELD_XYZ= */
* msg='. All of these fields are trusted, hence carry the "_" prefix.
* We try to translate the fields we know into our native names. The
* other's are generically mapped to _AUDIT_FIELD_XYZ= */
@@
-230,7
+240,7
@@
static const MapField map_fields_kernel[] = {
{}
};
{}
};
-/* Userspace fields are thos
occu
ring in the audit string after
+/* Userspace fields are thos
e occur
ring in the audit string after
* msg='. All of these fields are untrusted, hence carry no "_"
* prefix. We map the fields we don't know to AUDIT_FIELD_XYZ= */
static const MapField map_fields_userspace[] = {
* msg='. All of these fields are untrusted, hence carry no "_"
* prefix. We map the fields we don't know to AUDIT_FIELD_XYZ= */
static const MapField map_fields_userspace[] = {
@@
-298,10
+308,8
@@
static int map_all_fields(
continue;
r = m->map(m->journal_field, &v, iov, n_iov_allocated, n_iov);
continue;
r = m->map(m->journal_field, &v, iov, n_iov_allocated, n_iov);
- if (r < 0) {
- log_debug("Failed to parse audit array: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_debug_errno(r, "Failed to parse audit array: %m");
if (r > 0) {
mapped = true;
if (r > 0) {
mapped = true;
@@
-312,10
+320,8
@@
static int map_all_fields(
if (!mapped) {
r = map_generic_field(prefix, &p, iov, n_iov_allocated, n_iov);
if (!mapped) {
r = map_generic_field(prefix, &p, iov, n_iov_allocated, n_iov);
- if (r < 0) {
- log_debug("Failed to parse audit array: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_debug_errno(r, "Failed to parse audit array: %m");
if (r == 0) {
/* Couldn't process as generic field, let's just skip over it */
if (r == 0) {
/* Couldn't process as generic field, let's just skip over it */
@@
-325,7
+331,7
@@
static int map_all_fields(
}
}
}
}
-static void process_audit_string(Server *s, int type, const char *data, size_t size
, const struct timeval *tv
) {
+static void process_audit_string(Server *s, int type, const char *data, size_t size) {
_cleanup_free_ struct iovec *iov = NULL;
size_t n_iov_allocated = 0;
unsigned n_iov = 0, k;
_cleanup_free_ struct iovec *iov = NULL;
size_t n_iov_allocated = 0;
unsigned n_iov = 0, k;
@@
-335,7
+341,7
@@
static void process_audit_string(Server *s, int type, const char *data, size_t s
char id_field[sizeof("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)],
type_field[sizeof("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)],
source_time_field[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
char id_field[sizeof("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)],
type_field[sizeof("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)],
source_time_field[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
- c
onst c
har *m;
+ char *m;
assert(s);
assert(s);
@@
-386,7
+392,8
@@
static void process_audit_string(Server *s, int type, const char *data, size_t s
sprintf(id_field, "_AUDIT_ID=%" PRIu64, id);
IOVEC_SET_STRING(iov[n_iov++], id_field);
sprintf(id_field, "_AUDIT_ID=%" PRIu64, id);
IOVEC_SET_STRING(iov[n_iov++], id_field);
- m = strappenda("MESSAGE=audit: ", p);
+ m = alloca(strlen("MESSAGE=<audit-") + DECIMAL_STR_MAX(int) + strlen("> ") + strlen(p) + 1);
+ sprintf(m, "MESSAGE=<audit-%i> %s", type, p);
IOVEC_SET_STRING(iov[n_iov++], m);
z = n_iov;
IOVEC_SET_STRING(iov[n_iov++], m);
z = n_iov;
@@
-398,7
+405,7
@@
static void process_audit_string(Server *s, int type, const char *data, size_t s
goto finish;
}
goto finish;
}
- server_dispatch_message(s, iov, n_iov, n_iov_allocated, NULL,
tv
, NULL, 0, NULL, LOG_NOTICE, 0);
+ server_dispatch_message(s, iov, n_iov, n_iov_allocated, NULL,
NULL
, NULL, 0, NULL, LOG_NOTICE, 0);
finish:
/* free() all entries that map_all_fields() added. All others
finish:
/* free() all entries that map_all_fields() added. All others
@@
-413,7
+420,6
@@
void server_process_audit_message(
const void *buffer,
size_t buffer_size,
const struct ucred *ucred,
const void *buffer,
size_t buffer_size,
const struct ucred *ucred,
- const struct timeval *tv,
const union sockaddr_union *sa,
socklen_t salen) {
const union sockaddr_union *sa,
socklen_t salen) {
@@
-453,7
+459,7
@@
void server_process_audit_message(
if (nl->nlmsg_type < AUDIT_FIRST_USER_MSG)
return;
if (nl->nlmsg_type < AUDIT_FIRST_USER_MSG)
return;
- process_audit_string(s, nl->nlmsg_type, NLMSG_DATA(nl), nl->nlmsg_len - ALIGN(sizeof(struct nlmsghdr))
, tv
);
+ process_audit_string(s, nl->nlmsg_type, NLMSG_DATA(nl), nl->nlmsg_len - ALIGN(sizeof(struct nlmsghdr)));
}
static int enable_audit(int fd, bool b) {
}
static int enable_audit(int fd, bool b) {
@@
-517,35
+523,29
@@
int server_open_audit(Server *s) {
if (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT)
log_debug("Audit not supported in the kernel.");
else
if (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT)
log_debug("Audit not supported in the kernel.");
else
- log_warning
(
"Failed to create audit socket, ignoring: %m");
+ log_warning
_errno(errno,
"Failed to create audit socket, ignoring: %m");
return 0;
}
r = bind(s->audit_fd, &sa.sa, sizeof(sa.nl));
return 0;
}
r = bind(s->audit_fd, &sa.sa, sizeof(sa.nl));
- if (r < 0) {
- log_error("Failed to join audit multicast group: %m");
- return -errno;
- }
+ if (r < 0)
+ return log_error_errno(errno, "Failed to join audit multicast group: %m");
} else
fd_nonblock(s->audit_fd, 1);
r = setsockopt(s->audit_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
} else
fd_nonblock(s->audit_fd, 1);
r = setsockopt(s->audit_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
- if (r < 0) {
- log_error("Failed to set SO_PASSCRED on audit socket: %m");
- return -errno;
- }
+ if (r < 0)
+ return log_error_errno(errno, "Failed to set SO_PASSCRED on audit socket: %m");
r = sd_event_add_io(s->event, &s->audit_event_source, s->audit_fd, EPOLLIN, process_datagram, s);
r = sd_event_add_io(s->event, &s->audit_event_source, s->audit_fd, EPOLLIN, process_datagram, s);
- if (r < 0) {
- log_error("Failed to add audit fd to event loop: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to add audit fd to event loop: %m");
/* We are listening now, try to enable audit */
r = enable_audit(s->audit_fd, true);
if (r < 0)
/* We are listening now, try to enable audit */
r = enable_audit(s->audit_fd, true);
if (r < 0)
- log_warning
("Failed to issue audit enable call: %s", strerror(-r)
);
+ log_warning
_errno(r, "Failed to issue audit enable call: %m"
);
return 0;
}
return 0;
}