journald: check session owner UID rather then audit ID when splitting up journal...

[elogind.git] / src / journal / journald-server.c

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 12a46e6bd0d3a4fd50be651fecf409e3576d4f3b..dcfdeaf68eb261d196220eb6ed14124687dbae49 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -34,6 +34,7 @@
 #include <systemd/sd-login.h>
 #endif
 
+#include "fileio.h"
 #include "mkdir.h"
 #include "hashmap.h"
 #include "journal-file.h"
@@ -514,7 +515,8 @@ static void dispatch_message_real(
         sd_id128_t id;
         int r;
         char *t;
-        uid_t loginuid = 0, realuid = 0;
+        uid_t loginuid = 0, realuid = 0, owner = 0, journal_uid;
+        bool loginuid_valid = false, owner_valid = false;
 
         assert(s);
         assert(iovec);
@@ -523,9 +525,6 @@ static void dispatch_message_real(
 
         if (ucred) {
                 uint32_t audit;
-#ifdef HAVE_LOGIND
-                uid_t owner;
-#endif
 
                 realuid = ucred->uid;
 
@@ -571,9 +570,11 @@ static void dispatch_message_real(
                                 IOVEC_SET_STRING(iovec[n++], audit_session);
 
                 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
-                if (r >= 0)
+                if (r >= 0) {
+                        loginuid_valid = true;
                         if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
                                 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
+                }
 
                 t = shortened_cgroup_path(ucred->pid);
                 if (t) {
@@ -593,9 +594,11 @@ static void dispatch_message_real(
                                 IOVEC_SET_STRING(iovec[n++], session);
                 }
 
-                if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
+                if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0) {
+                        owner_valid = true;
                         if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
                                 IOVEC_SET_STRING(iovec[n++], owner_uid);
+                }
 #endif
 
                 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
@@ -666,10 +669,16 @@ static void dispatch_message_real(
 
         assert(n <= m);
 
-        write_to_journal(s,
-                         s->split_mode == SPLIT_NONE ? 0 :
-                         (s->split_mode == SPLIT_UID ? realuid :
-                          (realuid == 0 ? 0 : loginuid)), iovec, n);
+        if (s->split_mode == SPLIT_UID && realuid > 0)
+                journal_uid = realuid;
+        else if (s->split_mode == SPLIT_LOGIN && owner_valid && owner > 0)
+                journal_uid = owner;
+        else if (s->split_mode == SPLIT_LOGIN && loginuid_valid && loginuid > 0)
+                journal_uid = loginuid;
+        else
+                journal_uid = 0;
+
+        write_to_journal(s, journal_uid, iovec, n);
 }
 
 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
@@ -1301,6 +1310,12 @@ int server_init(Server *s) {
 
         server_parse_config_file(s);
         server_parse_proc_cmdline(s);
+        if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
+                log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
+                          (long long unsigned) s->rate_limit_interval,
+                          s->rate_limit_burst);
+                s->rate_limit_interval = s->rate_limit_burst = 0;
+        }
 
         mkdir_p("/run/systemd/journal", 0755);
 
@@ -1387,7 +1402,8 @@ int server_init(Server *s) {
         if (!s->udev)
                 return -ENOMEM;
 
-        s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
+        s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
+                                               s->rate_limit_burst);
         if (!s->rate_limit)
                 return -ENOMEM;