From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 3 Sep 2015 16:24:57 +0000 (+0200)
Subject: audit: audit calls should return ENODATA when process are not in an audit session
X-Git-Tag: v226.4~1^2~89
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=477b3c51a0125596d4c5ed7798bf48f08de937af

audit: audit calls should return ENODATA when process are not in an audit session

ENODATA is how we usually indicate such "missing info" cases, so we
should do this here, too.
---

diff --git a/src/basic/audit.c b/src/basic/audit.c
index b10480638..9bf331cde 100644
--- a/src/basic/audit.c
+++ b/src/basic/audit.c
@@ -36,6 +36,11 @@ int audit_session_from_pid(pid_t pid, uint32_t *id) {
 
         assert(id);
 
+        /* We don't convert ENOENT to ESRCH here, since we can't
+         * really distuingish between "audit is not available in the
+         * kernel" and "the process does not exist", both which will
+         * result in ENOENT. */
+
         p = procfs_file_alloca(pid, "sessionid");
 
         r = read_one_line_file(p, &s);
@@ -47,7 +52,7 @@ int audit_session_from_pid(pid_t pid, uint32_t *id) {
                 return r;
 
         if (u == AUDIT_SESSION_INVALID || u <= 0)
-                return -ENXIO;
+                return -ENODATA;
 
         *id = u;
         return 0;
@@ -68,6 +73,8 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
                 return r;
 
         r = parse_uid(s, &u);
+        if (r == -ENXIO) /* the UID was -1 */
+                return -ENODATA;
         if (r < 0)
                 return r;
 
diff --git a/src/libelogind/sd-bus/bus-creds.c b/src/libelogind/sd-bus/bus-creds.c
index 40ed95dbe..cca0855be 100644
--- a/src/libelogind/sd-bus/bus-creds.c
+++ b/src/libelogind/sd-bus/bus-creds.c
@@ -1089,8 +1089,8 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
 
         if (missing & SD_BUS_CREDS_AUDIT_SESSION_ID) {
                 r = audit_session_from_pid(pid, &c->audit_session_id);
-                if (r == -ENXIO) {
-                        /* ENXIO means: no audit session id assigned */
+                if (r == -ENODATA) {
+                        /* ENODATA means: no audit session id assigned */
                         c->audit_session_id = AUDIT_SESSION_INVALID;
                         c->mask |= SD_BUS_CREDS_AUDIT_SESSION_ID;
                 } else if (r < 0) {
@@ -1102,8 +1102,8 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
 
         if (missing & SD_BUS_CREDS_AUDIT_LOGIN_UID) {
                 r = audit_loginuid_from_pid(pid, &c->audit_login_uid);
-                if (r == -ENXIO) {
-                        /* ENXIO means: no audit login uid assigned */
+                if (r == -ENODATA) {
+                        /* ENODATA means: no audit login uid assigned */
                         c->audit_login_uid = UID_INVALID;
                         c->mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID;
                 } else if (r < 0) {