[thirdparty/systemd.git] / src / basic / audit-util.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <stdio.h>

#include "audit-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "parse-util.h"
#include "process-util.h"
#include "user-util.h"
#include "util.h"

int audit_session_from_pid(pid_t pid, uint32_t *id) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uint32_t u;
        int r;

        assert(id);

        /* We don't convert ENOENT to ESRCH here, since we can't
         * really distuingish between "audit is not available in the
         * kernel" and "the process does not exist", both which will
         * result in ENOENT. */

        p = procfs_file_alloca(pid, "sessionid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = safe_atou32(s, &u);
        if (r < 0)
                return r;

        if (u == AUDIT_SESSION_INVALID || u <= 0)
                return -ENODATA;

        *id = u;
        return 0;
}

int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uid_t u;
        int r;

        assert(uid);

        p = procfs_file_alloca(pid, "loginuid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = parse_uid(s, &u);
        if (r == -ENXIO) /* the UID was -1 */
                return -ENODATA;
        if (r < 0)
                return r;

        *uid = (uid_t) u;
        return 0;
}

bool use_audit(void) {
        static int cached_use = -1;

        if (cached_use < 0) {
                int fd;

                fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
                if (fd < 0)
                        cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
                else {
                        cached_use = true;
                        safe_close(fd);
                }
        }

        return cached_use;
}
Commit	Line	Data
d7832d2c KS	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7832d2c KS	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7832d2c	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7832d2c KS	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
d7832d2c	22	#include <errno.h>
d7832d2c	23	#include <stdio.h>
d7832d2c	24
430f0182	25	#include "audit-util.h"
3ffd4af2	26	#include "fd-util.h"
a5c32cff	27	#include "fileio.h"
3ffd4af2	28	#include "macro.h"
6bedfcbb	29	#include "parse-util.h"
3ffd4af2	30	#include "process-util.h"
b1d4f8e1	31	#include "user-util.h"
3ffd4af2	32	#include "util.h"
d7832d2c KS	33
d7832d2c KS	34	int audit_session_from_pid(pid_t pid, uint32_t *id) {
5b12334d LP	35	_cleanup_free_ char *s = NULL;
5b12334d LP	36	const char *p;
d7832d2c KS	37	uint32_t u;
	38	int r;
	39
	40	assert(id);
	41
d7e46e01 LP	42	/* We don't convert ENOENT to ESRCH here, since we can't
	43	* really distuingish between "audit is not available in the
	44	* kernel" and "the process does not exist", both which will
	45	* result in ENOENT. */
	46
b68fa010	47	p = procfs_file_alloca(pid, "sessionid");
d7832d2c	48
5b12334d	49	r = read_one_line_file(p, &s);
d7832d2c KS	50	if (r < 0)
	51	return r;
	52
	53	r = safe_atou32(s, &u);
d7832d2c KS	54	if (r < 0)
	55	return r;
	56
cfeaa44a	57	if (u == AUDIT_SESSION_INVALID \|\| u <= 0)
d7e46e01	58	return -ENODATA;
d7832d2c KS	59
	60	*id = u;
	61	return 0;
	62	}
	63
	64	int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
5b12334d LP	65	_cleanup_free_ char *s = NULL;
5b12334d LP	66	const char *p;
d7832d2c KS	67	uid_t u;
	68	int r;
	69
	70	assert(uid);
	71
b68fa010	72	p = procfs_file_alloca(pid, "loginuid");
d7832d2c	73
5b12334d	74	r = read_one_line_file(p, &s);
d7832d2c KS	75	if (r < 0)
	76	return r;
	77
	78	r = parse_uid(s, &u);
d7e46e01 LP	79	if (r == -ENXIO) /* the UID was -1 */
d7e46e01 LP	80	return -ENODATA;
d7832d2c KS	81	if (r < 0)
	82	return r;
	83
d7832d2c KS	84	*uid = (uid_t) u;
	85	return 0;
	86	}
cfb1f5df LP	87
	88	bool use_audit(void) {
	89	static int cached_use = -1;
	90
	91	if (cached_use < 0) {
	92	int fd;
	93
	94	fd = socket(AF_NETLINK, SOCK_RAW\|SOCK_CLOEXEC\|SOCK_NONBLOCK, NETLINK_AUDIT);
	95	if (fd < 0)
	96	cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
	97	else {
	98	cached_use = true;
	99	safe_close(fd);
	100	}
	101	}
	102
	103	return cached_use;
	104	}