journal: Fix syslog forwarding without CAP_SYS_ADMIN

[elogind.git] / src / journal / journald-syslog.c

diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 45483eff36bc061c3f50200d4eb9a7f0a7c14e2f..5d211323adef015cbb4b68dd61a18d3bccbc3a3b 100644 (file)
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -85,12 +85,12 @@ static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned
                 return;
         }
 
-        if (ucred && errno == ESRCH) {
+        if (ucred && (errno == ESRCH || errno == EPERM)) {
                 struct ucred u;
 
                 /* Hmm, presumably the sender process vanished
-                 * by now, so let's fix it as good as we
-                 * can, and retry */
+                 * by now, or we don't have CAP_SYS_AMDIN, so
+                 * let's fix it as good as we can, and retry */
 
                 u = *ucred;
                 u.pid = getpid();
@@ -106,7 +106,7 @@ static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned
         }
 
         if (errno != ENOENT)
-                log_debug("Failed to forward syslog message: %m");
+                log_debug_errno(errno, "Failed to forward syslog message: %m");
 }
 
 static void forward_syslog_raw(Server *s, int priority, const char *buffer, const struct ucred *ucred, const struct timeval *tv) {
@@ -428,44 +428,36 @@ int server_open_syslog_socket(Server *s) {
                 };
 
                 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
-                if (s->syslog_fd < 0) {
-                        log_error("socket() failed: %m");
-                        return -errno;
-                }
+                if (s->syslog_fd < 0)
+                        return log_error_errno(errno, "socket() failed: %m");
 
                 unlink(sa.un.sun_path);
 
                 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
-                if (r < 0) {
-                        log_error("bind(%s) failed: %m", sa.un.sun_path);
-                        return -errno;
-                }
+                if (r < 0)
+                        return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
 
                 chmod(sa.un.sun_path, 0666);
         } else
                 fd_nonblock(s->syslog_fd, 1);
 
         r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
-        if (r < 0) {
-                log_error("SO_PASSCRED failed: %m");
-                return -errno;
-        }
+        if (r < 0)
+                return log_error_errno(errno, "SO_PASSCRED failed: %m");
 
 #ifdef HAVE_SELINUX
         if (mac_selinux_use()) {
                 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
                 if (r < 0)
-                        log_warning("SO_PASSSEC failed: %m");
+                        log_warning_errno(errno, "SO_PASSSEC failed: %m");
         }
 #endif
 
         r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
-        if (r < 0) {
-                log_error("SO_TIMESTAMP failed: %m");
-                return -errno;
-        }
+        if (r < 0)
+                return log_error_errno(errno, "SO_TIMESTAMP failed: %m");
 
-        r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, process_datagram, s);
+        r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
         if (r < 0)
                 return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");