]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
c1165f82 LP |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2012 Lennart Poettering | |
6 | ||
7 | systemd is free software; you can redistribute it and/or modify it | |
8 | under the terms of the GNU Lesser General Public License as published by | |
9 | the Free Software Foundation; either version 2.1 of the License, or | |
10 | (at your option) any later version. | |
11 | ||
12 | systemd is distributed in the hope that it will be useful, but | |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | Lesser General Public License for more details. | |
16 | ||
17 | You should have received a copy of the GNU Lesser General Public License | |
18 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
19 | ***/ | |
20 | ||
c1165f82 | 21 | |
ffc227c9 | 22 | #include <errno.h> |
cf0fbc49 | 23 | |
c1165f82 | 24 | #include "audit-fd.h" |
c1165f82 | 25 | |
349cc4a5 | 26 | #if HAVE_AUDIT |
c1165f82 LP |
27 | |
28 | #include <libaudit.h> | |
cf0fbc49 | 29 | #include <stdbool.h> |
c1165f82 | 30 | |
b3fb3c01 | 31 | #include "capability-util.h" |
cf0fbc49 | 32 | #include "fd-util.h" |
ffc227c9 LP |
33 | #include "log.h" |
34 | #include "util.h" | |
35 | ||
c1165f82 LP |
36 | static bool initialized = false; |
37 | static int audit_fd; | |
38 | ||
39 | int get_audit_fd(void) { | |
40 | ||
41 | if (!initialized) { | |
b3fb3c01 GT |
42 | if (have_effective_cap(CAP_AUDIT_WRITE) == 0) { |
43 | audit_fd = -EPERM; | |
44 | initialized = true; | |
45 | ||
46 | return audit_fd; | |
47 | } | |
48 | ||
c1165f82 LP |
49 | audit_fd = audit_open(); |
50 | ||
51 | if (audit_fd < 0) { | |
ec2ce0c5 | 52 | if (!IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT)) |
56f64d95 | 53 | log_error_errno(errno, "Failed to connect to audit log: %m"); |
c1165f82 LP |
54 | |
55 | audit_fd = errno ? -errno : -EINVAL; | |
56 | } | |
57 | ||
58 | initialized = true; | |
59 | } | |
60 | ||
61 | return audit_fd; | |
62 | } | |
63 | ||
64 | void close_audit_fd(void) { | |
65 | ||
66 | if (initialized && audit_fd >= 0) | |
03e334a1 | 67 | safe_close(audit_fd); |
c1165f82 LP |
68 | |
69 | initialized = true; | |
70 | audit_fd = -ECONNRESET; | |
71 | } | |
72 | ||
73 | #else | |
74 | ||
75 | int get_audit_fd(void) { | |
76 | return -EAFNOSUPPORT; | |
77 | } | |
78 | ||
79 | void close_audit_fd(void) { | |
80 | } | |
81 | ||
82 | #endif |