[thirdparty/systemd.git] / src / basic / audit-util.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <linux/netlink.h>
#include <stdio.h>
#include <sys/socket.h>

#include "alloc-util.h"
#include "audit-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "parse-util.h"
#include "process-util.h"
#include "user-util.h"

int audit_session_from_pid(pid_t pid, uint32_t *id) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uint32_t u;
        int r;

        assert(id);

        /* We don't convert ENOENT to ESRCH here, since we can't
         * really distuingish between "audit is not available in the
         * kernel" and "the process does not exist", both which will
         * result in ENOENT. */

        p = procfs_file_alloca(pid, "sessionid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = safe_atou32(s, &u);
        if (r < 0)
                return r;

        if (u == AUDIT_SESSION_INVALID || u <= 0)
                return -ENODATA;

        *id = u;
        return 0;
}

int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uid_t u;
        int r;

        assert(uid);

        p = procfs_file_alloca(pid, "loginuid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = parse_uid(s, &u);
        if (r == -ENXIO) /* the UID was -1 */
                return -ENODATA;
        if (r < 0)
                return r;

        *uid = (uid_t) u;
        return 0;
}

bool use_audit(void) {
        static int cached_use = -1;

        if (cached_use < 0) {
                int fd;

                fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
                if (fd < 0)
                        cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
                else {
                        cached_use = true;
                        safe_close(fd);
                }
        }

        return cached_use;
}
Commit	Line	Data
d7832d2c KS	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7832d2c KS	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7832d2c	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7832d2c KS	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
d7832d2c	22	#include <errno.h>
11c3a366	23	#include <linux/netlink.h>
d7832d2c	24	#include <stdio.h>
11c3a366	25	#include <sys/socket.h>
d7832d2c	26
b5efdb8a	27	#include "alloc-util.h"
430f0182	28	#include "audit-util.h"
3ffd4af2	29	#include "fd-util.h"
a5c32cff	30	#include "fileio.h"
3ffd4af2	31	#include "macro.h"
6bedfcbb	32	#include "parse-util.h"
3ffd4af2	33	#include "process-util.h"
b1d4f8e1	34	#include "user-util.h"
d7832d2c KS	35
d7832d2c KS	36	int audit_session_from_pid(pid_t pid, uint32_t *id) {
5b12334d LP	37	_cleanup_free_ char *s = NULL;
5b12334d LP	38	const char *p;
d7832d2c KS	39	uint32_t u;
	40	int r;
	41
	42	assert(id);
	43
d7e46e01 LP	44	/* We don't convert ENOENT to ESRCH here, since we can't
	45	* really distuingish between "audit is not available in the
	46	* kernel" and "the process does not exist", both which will
	47	* result in ENOENT. */
	48
b68fa010	49	p = procfs_file_alloca(pid, "sessionid");
d7832d2c	50
5b12334d	51	r = read_one_line_file(p, &s);
d7832d2c KS	52	if (r < 0)
	53	return r;
	54
	55	r = safe_atou32(s, &u);
d7832d2c KS	56	if (r < 0)
	57	return r;
	58
cfeaa44a	59	if (u == AUDIT_SESSION_INVALID \|\| u <= 0)
d7e46e01	60	return -ENODATA;
d7832d2c KS	61
	62	*id = u;
	63	return 0;
	64	}
	65
	66	int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
5b12334d LP	67	_cleanup_free_ char *s = NULL;
5b12334d LP	68	const char *p;
d7832d2c KS	69	uid_t u;
	70	int r;
	71
	72	assert(uid);
	73
b68fa010	74	p = procfs_file_alloca(pid, "loginuid");
d7832d2c	75
5b12334d	76	r = read_one_line_file(p, &s);
d7832d2c KS	77	if (r < 0)
	78	return r;
	79
	80	r = parse_uid(s, &u);
d7e46e01 LP	81	if (r == -ENXIO) /* the UID was -1 */
d7e46e01 LP	82	return -ENODATA;
d7832d2c KS	83	if (r < 0)
	84	return r;
	85
d7832d2c KS	86	*uid = (uid_t) u;
	87	return 0;
	88	}
cfb1f5df LP	89
	90	bool use_audit(void) {
	91	static int cached_use = -1;
	92
	93	if (cached_use < 0) {
	94	int fd;
	95
	96	fd = socket(AF_NETLINK, SOCK_RAW\|SOCK_CLOEXEC\|SOCK_NONBLOCK, NETLINK_AUDIT);
	97	if (fd < 0)
	98	cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
	99	else {
	100	cached_use = true;
	101	safe_close(fd);
	102	}
	103	}
	104
	105	return cached_use;
	106	}