]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/audit-util.c
2 This file is part of systemd.
4 Copyright 2010 Lennart Poettering
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <linux/netlink.h>
23 #include <sys/socket.h>
25 #include "alloc-util.h"
26 #include "audit-util.h"
30 #include "parse-util.h"
31 #include "process-util.h"
32 #include "user-util.h"
34 int audit_session_from_pid(pid_t pid
, uint32_t *id
) {
35 _cleanup_free_
char *s
= NULL
;
42 /* We don't convert ENOENT to ESRCH here, since we can't
43 * really distuingish between "audit is not available in the
44 * kernel" and "the process does not exist", both which will
45 * result in ENOENT. */
47 p
= procfs_file_alloca(pid
, "sessionid");
49 r
= read_one_line_file(p
, &s
);
53 r
= safe_atou32(s
, &u
);
57 if (!audit_session_is_valid(u
))
64 int audit_loginuid_from_pid(pid_t pid
, uid_t
*uid
) {
65 _cleanup_free_
char *s
= NULL
;
72 p
= procfs_file_alloca(pid
, "loginuid");
74 r
= read_one_line_file(p
, &s
);
79 if (r
== -ENXIO
) /* the UID was -1 */
88 bool use_audit(void) {
89 static int cached_use
= -1;
94 fd
= socket(AF_NETLINK
, SOCK_RAW
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, NETLINK_AUDIT
);
96 cached_use
= !IN_SET(errno
, EAFNOSUPPORT
, EPROTONOSUPPORT
, EPERM
);
98 log_debug_errno(errno
, "Audit access prohibited, won't talk to audit");