src/core/audit-fd.c

   1 /* SPDX-License-Identifier: LGPL-2.1+ */
   2 /***
   3   This file is part of systemd.
   4
   5   Copyright 2012 Lennart Poettering
   6 ***/
   7
   8 #include <errno.h>
   9
  10 #include "audit-fd.h"
  11
  12 #if HAVE_AUDIT
  13
  14 #include <libaudit.h>
  15 #include <stdbool.h>
  16
  17 #include "capability-util.h"
  18 #include "fd-util.h"
  19 #include "log.h"
  20 #include "util.h"
  21
  22 static bool initialized = false;
  23 static int audit_fd;
  24
  25 int get_audit_fd(void) {
  26
  27         if (!initialized) {
  28                 if (have_effective_cap(CAP_AUDIT_WRITE) == 0) {
  29                         audit_fd = -EPERM;
  30                         initialized = true;
  31
  32                         return audit_fd;
  33                 }
  34
  35                 audit_fd = audit_open();
  36
  37                 if (audit_fd < 0) {
  38                         if (!IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT))
  39                                 log_error_errno(errno, "Failed to connect to audit log: %m");
  40
  41                         audit_fd = errno ? -errno : -EINVAL;
  42                 }
  43
  44                 initialized = true;
  45         }
  46
  47         return audit_fd;
  48 }
  49
  50 void close_audit_fd(void) {
  51
  52         if (initialized && audit_fd >= 0)
  53                 safe_close(audit_fd);
  54
  55         initialized = true;
  56         audit_fd = -ECONNRESET;
  57 }
  58
  59 #else
  60
  61 int get_audit_fd(void) {
  62         return -EAFNOSUPPORT;
  63 }
  64
  65 void close_audit_fd(void) {
  66 }
  67
  68 #endif