X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fselinux-access.c;h=bc195f3c56e746746bd03d3a5cb2edc0baeb9f34;hb=795607b22308f5b92073b012e43be1892fdd97c0;hp=b93369846956cfdcff3359eb798947f46649bdbe;hpb=9bdbc2e2ec523dbefe1c1c7e164b5544aff0b185;p=elogind.git

diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index b93369846..bc195f3c5 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -104,8 +104,6 @@ static int bus_get_selinux_security_context(
 
         *scon = b;
 
-        log_debug("GetConnectionSELinuxSecurityContext %s (pid %ld)", *scon, (long) bus_get_unix_process_id(connection, name, error));
-
         return 0;
 }
 
@@ -183,13 +181,18 @@ static int log_callback(int type, const char *fmt, ...) {
 
 #ifdef HAVE_AUDIT
         if (get_audit_fd() >= 0) {
-                char buf[LINE_MAX];
+                _cleanup_free_ char *buf = NULL;
+                int r;
 
-                vsnprintf(buf, sizeof(buf), fmt, ap);
-                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+                r = vasprintf(&buf, fmt, ap);
                 va_end(ap);
 
-                return 0;
+                if (r >= 0) {
+                        audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+                        return 0;
+                }
+
+                va_start(ap, fmt);
         }
 #endif
         log_metav(LOG_USER | LOG_INFO, __FILE__, __LINE__, __FUNCTION__, fmt, ap);
@@ -258,7 +261,7 @@ static int get_audit_data(
         const char *sender;
         int r, fd;
         struct ucred ucred;
-        socklen_t len;
+        socklen_t len = sizeof(ucred);
 
         sender = dbus_message_get_sender(message);
         if (sender)
@@ -308,8 +311,6 @@ static int get_calling_context(
         */
         sender = dbus_message_get_sender(message);
         if (sender) {
-                log_error("SELinux Got Sender %s", sender);
-
                 r = bus_get_selinux_security_context(connection, sender, scon, error);
                 if (r >= 0)
                         return r;
@@ -318,7 +319,6 @@ static int get_calling_context(
                 return r;
         }
 
-        log_debug("SELinux No Sender");
         if (!dbus_connection_get_unix_fd(connection, &fd)) {
                 log_error("bus_connection_get_unix_fd failed %m");
                 return -EINVAL;
@@ -363,8 +363,6 @@ int selinux_access_check(
         if (r < 0)
                 return r;
 
-        log_debug("SELinux access check for path=%s permission=%s", strna(path), permission);
-
         audit.uid = audit.loginuid = (uid_t) -1;
         audit.gid = (gid_t) -1;
         audit.cmdline = NULL;