1 /* SPDX-License-Identifier: LGPL-2.1+ */
4 #include <linux/netlink.h>
6 #include <sys/socket.h>
8 #include "alloc-util.h"
9 #include "audit-util.h"
13 #include "parse-util.h"
14 #include "process-util.h"
15 #include "user-util.h"
17 int audit_session_from_pid(pid_t pid, uint32_t *id) {
18 _cleanup_free_ char *s = NULL;
25 /* We don't convert ENOENT to ESRCH here, since we can't
26 * really distuingish between "audit is not available in the
27 * kernel" and "the process does not exist", both which will
28 * result in ENOENT. */
30 p = procfs_file_alloca(pid, "sessionid");
32 r = read_one_line_file(p, &s);
36 r = safe_atou32(s, &u);
40 if (!audit_session_is_valid(u))
47 int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
48 _cleanup_free_ char *s = NULL;
55 p = procfs_file_alloca(pid, "loginuid");
57 r = read_one_line_file(p, &s);
62 if (r == -ENXIO) /* the UID was -1 */
71 #if 0 /// UNNEEDED by elogind
72 bool use_audit(void) {
73 static int cached_use = -1;
78 fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
80 cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM);
82 log_debug_errno(errno, "Won't talk to audit: %m");