audit: improve the audit messages we generate

[elogind.git] / src / update-utmp / update-utmp.c

diff --git a/src/update-utmp/update-utmp.c b/src/update-utmp/update-utmp.c
index ecba4c8fe4cb44f12989653565e3946c74fc2c36..311d686a8cc3e654cca5271985ba5eea355909ce 100644 (file)
--- a/src/update-utmp/update-utmp.c
+++ b/src/update-utmp/update-utmp.c
@@ -38,6 +38,7 @@
 #include "utmp-wtmp.h"
 #include "bus-util.h"
 #include "bus-error.h"
+#include "unit-name.h"
 
 typedef struct Context {
         sd_bus *bus;
@@ -93,27 +94,11 @@ static int get_current_runlevel(Context *c) {
         assert(c);
 
         for (i = 0; i < ELEMENTSOF(table); i++) {
-                _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
-                _cleanup_free_ char *state = NULL;
-                const char *path = NULL;
+                _cleanup_free_ char *state = NULL, *path = NULL;
 
-                r = sd_bus_call_method(
-                                c->bus,
-                                "org.freedesktop.systemd1",
-                                "/org/freedesktop/systemd1",
-                                "org.freedesktop.systemd1.Manager",
-                                "LoadUnit",
-                                &error,
-                                &reply,
-                                "s", table[i].special);
-                if (r < 0) {
-                        log_warning("Failed to get runlevel: %s", bus_error_message(&error, -r));
-                        continue;
-                }
-
-                r = sd_bus_message_read(reply, "o", &path);
-                if (r < 0)
-                        return bus_log_parse_error(r);
+                path = unit_dbus_path_from_name(table[i].special);
+                if (!path)
+                        return log_oom();
 
                 r = sd_bus_get_property_string(
                                 c->bus,
@@ -146,7 +131,7 @@ static int on_reboot(Context *c) {
 
 #ifdef HAVE_AUDIT
         if (c->audit_fd >= 0)
-                if (audit_log_user_message(c->audit_fd, AUDIT_SYSTEM_BOOT, "init", NULL, NULL, NULL, 1) < 0 &&
+                if (audit_log_user_comm_message(c->audit_fd, AUDIT_SYSTEM_BOOT, "", "systemd-update-utmp", NULL, NULL, NULL, 1) < 0 &&
                     errno != EPERM) {
                         log_error("Failed to send audit message: %m");
                         r = -errno;
@@ -176,7 +161,7 @@ static int on_shutdown(Context *c) {
 
 #ifdef HAVE_AUDIT
         if (c->audit_fd >= 0)
-                if (audit_log_user_message(c->audit_fd, AUDIT_SYSTEM_SHUTDOWN, "init", NULL, NULL, NULL, 1) < 0 &&
+                if (audit_log_user_comm_message(c->audit_fd, AUDIT_SYSTEM_SHUTDOWN, "", "systemd-update-utmp", NULL, NULL, NULL, 1) < 0 &&
                     errno != EPERM) {
                         log_error("Failed to send audit message: %m");
                         r = -errno;
@@ -202,21 +187,19 @@ static int on_runlevel(Context *c) {
 
         /* First, get last runlevel */
         q = utmp_get_runlevel(&previous, NULL);
-        if (q < 0) {
 
+        if (q < 0) {
                 if (q != -ESRCH && q != -ENOENT) {
                         log_error("Failed to get current runlevel: %s", strerror(-q));
                         return q;
                 }
 
-                /* Hmm, we didn't find any runlevel, that means we
-                 * have been rebooted */
-                r = on_reboot(c);
                 previous = 0;
         }
 
         /* Secondly, get new runlevel */
         runlevel = get_current_runlevel(c);
+
         if (runlevel < 0)
                 return runlevel;
 
@@ -232,7 +215,7 @@ static int on_runlevel(Context *c) {
                              runlevel > 0 ? runlevel : 'N') < 0)
                         return log_oom();
 
-                if (audit_log_user_message(c->audit_fd, AUDIT_SYSTEM_RUNLEVEL, s, NULL, NULL, NULL, 1) < 0 &&
+                if (audit_log_user_comm_message(c->audit_fd, AUDIT_SYSTEM_RUNLEVEL, s, "systemd-update-utmp", NULL, NULL, NULL, 1) < 0 &&
                     errno != EPERM) {
                         log_error("Failed to send audit message: %m");
                         r = -errno;
@@ -287,7 +270,7 @@ int main(int argc, char *argv[]) {
                 goto finish;
         }
 
-        log_debug("systemd-update-utmp running as pid %lu", (unsigned long) getpid());
+        log_debug("systemd-update-utmp running as pid "PID_FMT, getpid());
 
         if (streq(argv[1], "reboot"))
                 r = on_reboot(&c);
@@ -300,7 +283,7 @@ int main(int argc, char *argv[]) {
                 r = -EINVAL;
         }
 
-        log_debug("systemd-update-utmp stopped as pid %lu", (unsigned long) getpid());
+        log_debug("systemd-update-utmp stopped as pid "PID_FMT, getpid());
 
 finish:
 #ifdef HAVE_AUDIT