]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
d7832d2c KS |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2010 Lennart Poettering | |
d7832d2c KS |
6 | ***/ |
7 | ||
d7832d2c | 8 | #include <errno.h> |
11c3a366 | 9 | #include <linux/netlink.h> |
d7832d2c | 10 | #include <stdio.h> |
11c3a366 | 11 | #include <sys/socket.h> |
d7832d2c | 12 | |
b5efdb8a | 13 | #include "alloc-util.h" |
430f0182 | 14 | #include "audit-util.h" |
3ffd4af2 | 15 | #include "fd-util.h" |
a5c32cff | 16 | #include "fileio.h" |
3ffd4af2 | 17 | #include "macro.h" |
6bedfcbb | 18 | #include "parse-util.h" |
3ffd4af2 | 19 | #include "process-util.h" |
b1d4f8e1 | 20 | #include "user-util.h" |
d7832d2c KS |
21 | |
22 | int audit_session_from_pid(pid_t pid, uint32_t *id) { | |
5b12334d LP |
23 | _cleanup_free_ char *s = NULL; |
24 | const char *p; | |
d7832d2c KS |
25 | uint32_t u; |
26 | int r; | |
27 | ||
28 | assert(id); | |
29 | ||
d7e46e01 LP |
30 | /* We don't convert ENOENT to ESRCH here, since we can't |
31 | * really distuingish between "audit is not available in the | |
32 | * kernel" and "the process does not exist", both which will | |
33 | * result in ENOENT. */ | |
34 | ||
b68fa010 | 35 | p = procfs_file_alloca(pid, "sessionid"); |
d7832d2c | 36 | |
5b12334d | 37 | r = read_one_line_file(p, &s); |
d7832d2c KS |
38 | if (r < 0) |
39 | return r; | |
40 | ||
41 | r = safe_atou32(s, &u); | |
d7832d2c KS |
42 | if (r < 0) |
43 | return r; | |
44 | ||
3a87a86e | 45 | if (!audit_session_is_valid(u)) |
d7e46e01 | 46 | return -ENODATA; |
d7832d2c KS |
47 | |
48 | *id = u; | |
49 | return 0; | |
50 | } | |
51 | ||
52 | int audit_loginuid_from_pid(pid_t pid, uid_t *uid) { | |
5b12334d LP |
53 | _cleanup_free_ char *s = NULL; |
54 | const char *p; | |
d7832d2c KS |
55 | uid_t u; |
56 | int r; | |
57 | ||
58 | assert(uid); | |
59 | ||
b68fa010 | 60 | p = procfs_file_alloca(pid, "loginuid"); |
d7832d2c | 61 | |
5b12334d | 62 | r = read_one_line_file(p, &s); |
d7832d2c KS |
63 | if (r < 0) |
64 | return r; | |
65 | ||
66 | r = parse_uid(s, &u); | |
d7e46e01 LP |
67 | if (r == -ENXIO) /* the UID was -1 */ |
68 | return -ENODATA; | |
d7832d2c KS |
69 | if (r < 0) |
70 | return r; | |
71 | ||
3a87a86e | 72 | *uid = u; |
d7832d2c KS |
73 | return 0; |
74 | } | |
cfb1f5df LP |
75 | |
76 | bool use_audit(void) { | |
77 | static int cached_use = -1; | |
78 | ||
79 | if (cached_use < 0) { | |
80 | int fd; | |
81 | ||
82 | fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT); | |
f006b30b GS |
83 | if (fd < 0) { |
84 | cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM); | |
85 | if (errno == EPERM) | |
86 | log_debug_errno(errno, "Audit access prohibited, won't talk to audit"); | |
87 | } | |
cfb1f5df LP |
88 | else { |
89 | cached_use = true; | |
90 | safe_close(fd); | |
91 | } | |
92 | } | |
93 | ||
94 | return cached_use; | |
95 | } |