[thirdparty/systemd.git] / src / basic / audit-util.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <stdio.h>

#include "alloc-util.h"
#include "audit-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "parse-util.h"
#include "process-util.h"
#include "user-util.h"
#include "util.h"

int audit_session_from_pid(pid_t pid, uint32_t *id) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uint32_t u;
        int r;

        assert(id);

        /* We don't convert ENOENT to ESRCH here, since we can't
         * really distuingish between "audit is not available in the
         * kernel" and "the process does not exist", both which will
         * result in ENOENT. */

        p = procfs_file_alloca(pid, "sessionid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = safe_atou32(s, &u);
        if (r < 0)
                return r;

        if (u == AUDIT_SESSION_INVALID || u <= 0)
                return -ENODATA;

        *id = u;
        return 0;
}

int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uid_t u;
        int r;

        assert(uid);

        p = procfs_file_alloca(pid, "loginuid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = parse_uid(s, &u);
        if (r == -ENXIO) /* the UID was -1 */
                return -ENODATA;
        if (r < 0)
                return r;

        *uid = (uid_t) u;
        return 0;
}

bool use_audit(void) {
        static int cached_use = -1;

        if (cached_use < 0) {
                int fd;

                fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
                if (fd < 0)
                        cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
                else {
                        cached_use = true;
                        safe_close(fd);
                }
        }

        return cached_use;
}
Commit	Line	Data
d7832d2c KS	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7832d2c KS	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7832d2c	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7832d2c KS	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
d7832d2c	22	#include <errno.h>
d7832d2c	23	#include <stdio.h>
d7832d2c	24
b5efdb8a	25	#include "alloc-util.h"
430f0182	26	#include "audit-util.h"
3ffd4af2	27	#include "fd-util.h"
a5c32cff	28	#include "fileio.h"
3ffd4af2	29	#include "macro.h"
6bedfcbb	30	#include "parse-util.h"
3ffd4af2	31	#include "process-util.h"
b1d4f8e1	32	#include "user-util.h"
3ffd4af2	33	#include "util.h"
d7832d2c KS	34
d7832d2c KS	35	int audit_session_from_pid(pid_t pid, uint32_t *id) {
5b12334d LP	36	_cleanup_free_ char *s = NULL;
5b12334d LP	37	const char *p;
d7832d2c KS	38	uint32_t u;
	39	int r;
	40
	41	assert(id);
	42
d7e46e01 LP	43	/* We don't convert ENOENT to ESRCH here, since we can't
	44	* really distuingish between "audit is not available in the
	45	* kernel" and "the process does not exist", both which will
	46	* result in ENOENT. */
	47
b68fa010	48	p = procfs_file_alloca(pid, "sessionid");
d7832d2c	49
5b12334d	50	r = read_one_line_file(p, &s);
d7832d2c KS	51	if (r < 0)
	52	return r;
	53
	54	r = safe_atou32(s, &u);
d7832d2c KS	55	if (r < 0)
	56	return r;
	57
cfeaa44a	58	if (u == AUDIT_SESSION_INVALID \|\| u <= 0)
d7e46e01	59	return -ENODATA;
d7832d2c KS	60
	61	*id = u;
	62	return 0;
	63	}
	64
	65	int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
5b12334d LP	66	_cleanup_free_ char *s = NULL;
5b12334d LP	67	const char *p;
d7832d2c KS	68	uid_t u;
	69	int r;
	70
	71	assert(uid);
	72
b68fa010	73	p = procfs_file_alloca(pid, "loginuid");
d7832d2c	74
5b12334d	75	r = read_one_line_file(p, &s);
d7832d2c KS	76	if (r < 0)
	77	return r;
	78
	79	r = parse_uid(s, &u);
d7e46e01 LP	80	if (r == -ENXIO) /* the UID was -1 */
d7e46e01 LP	81	return -ENODATA;
d7832d2c KS	82	if (r < 0)
	83	return r;
	84
d7832d2c KS	85	*uid = (uid_t) u;
	86	return 0;
	87	}
cfb1f5df LP	88
	89	bool use_audit(void) {
	90	static int cached_use = -1;
	91
	92	if (cached_use < 0) {
	93	int fd;
	94
	95	fd = socket(AF_NETLINK, SOCK_RAW\|SOCK_CLOEXEC\|SOCK_NONBLOCK, NETLINK_AUDIT);
	96	if (fd < 0)
	97	cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
	98	else {
	99	cached_use = true;
	100	safe_close(fd);
	101	}
	102	}
	103
	104	return cached_use;
	105	}