chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
cgroup: add the missing setting of variable's value
[elogind.git]
/
src
/
core
/
selinux-access.c
diff --git
a/src/core/selinux-access.c
b/src/core/selinux-access.c
index 852a328b7c94f42ab0f36560e6892d1a52b1dcb6..0a3ee18bb9b527e9471e759d1da470be1479923e 100644
(file)
--- a/
src/core/selinux-access.c
+++ b/
src/core/selinux-access.c
@@
-6,16
+6,16
@@
Copyright 2012 Dan Walsh
systemd is free software; you can redistribute it and/or modify it
Copyright 2012 Dan Walsh
systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ under the terms of the GNU
Lesser
General Public License as published by
+ the Free Software Foundation; either version 2
.1
of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+
Lesser
General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU
Lesser
General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
@@
-104,8
+104,6
@@
static int bus_get_selinux_security_context(
*scon = b;
*scon = b;
- log_debug("GetConnectionSELinuxSecurityContext %s (pid %ld)", *scon, (long) bus_get_unix_process_id(connection, name, error));
-
return 0;
}
return 0;
}
@@
-134,7
+132,7
@@
static int bus_get_audit_data(
if (r < 0)
return r;
if (r < 0)
return r;
- r = get_process_cmdline(pid,
LINE_MAX
, true, &audit->cmdline);
+ r = get_process_cmdline(pid,
0
, true, &audit->cmdline);
if (r < 0)
return r;
if (r < 0)
return r;
@@
-176,20
+174,25
@@
static int audit_callback(
user_avc's into the /var/log/audit/audit.log, otherwise they will be
sent to syslog.
*/
user_avc's into the /var/log/audit/audit.log, otherwise they will be
sent to syslog.
*/
-static int log_callback(int type, const char *fmt, ...) {
+
_printf_attr_(2, 3)
static int log_callback(int type, const char *fmt, ...) {
va_list ap;
va_start(ap, fmt);
#ifdef HAVE_AUDIT
if (get_audit_fd() >= 0) {
va_list ap;
va_start(ap, fmt);
#ifdef HAVE_AUDIT
if (get_audit_fd() >= 0) {
- char buf[LINE_MAX];
+ _cleanup_free_ char *buf = NULL;
+ int r;
- vsnprintf(buf, sizeof(buf), fmt, ap);
- audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+ r = vasprintf(&buf, fmt, ap);
va_end(ap);
va_end(ap);
- return 0;
+ if (r >= 0) {
+ audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+ return 0;
+ }
+
+ va_start(ap, fmt);
}
#endif
log_metav(LOG_USER | LOG_INFO, __FILE__, __LINE__, __FUNCTION__, fmt, ap);
}
#endif
log_metav(LOG_USER | LOG_INFO, __FILE__, __LINE__, __FUNCTION__, fmt, ap);
@@
-258,7
+261,7
@@
static int get_audit_data(
const char *sender;
int r, fd;
struct ucred ucred;
const char *sender;
int r, fd;
struct ucred ucred;
- socklen_t len;
+ socklen_t len
= sizeof(ucred)
;
sender = dbus_message_get_sender(message);
if (sender)
sender = dbus_message_get_sender(message);
if (sender)
@@
-280,7
+283,7
@@
static int get_audit_data(
if (r < 0)
return r;
if (r < 0)
return r;
- r = get_process_cmdline(ucred.pid,
LINE_MAX
, true, &audit->cmdline);
+ r = get_process_cmdline(ucred.pid,
0
, true, &audit->cmdline);
if (r < 0)
return r;
if (r < 0)
return r;
@@
-308,17
+311,14
@@
static int get_calling_context(
*/
sender = dbus_message_get_sender(message);
if (sender) {
*/
sender = dbus_message_get_sender(message);
if (sender) {
- log_error("SELinux Got Sender %s", sender);
-
r = bus_get_selinux_security_context(connection, sender, scon, error);
if (r >= 0)
return r;
r = bus_get_selinux_security_context(connection, sender, scon, error);
if (r >= 0)
return r;
- log_error("bus_get_selinux_security_context failed %m");
+ log_error("bus_get_selinux_security_context failed
:
%m");
return r;
}
return r;
}
- log_debug("SELinux No Sender");
if (!dbus_connection_get_unix_fd(connection, &fd)) {
log_error("bus_connection_get_unix_fd failed %m");
return -EINVAL;
if (!dbus_connection_get_unix_fd(connection, &fd)) {
log_error("bus_connection_get_unix_fd failed %m");
return -EINVAL;
@@
-363,8
+363,6
@@
int selinux_access_check(
if (r < 0)
return r;
if (r < 0)
return r;
- log_debug("SELinux access check for path=%s permission=%s", strna(path), permission);
-
audit.uid = audit.loginuid = (uid_t) -1;
audit.gid = (gid_t) -1;
audit.cmdline = NULL;
audit.uid = audit.loginuid = (uid_t) -1;
audit.gid = (gid_t) -1;
audit.cmdline = NULL;