]>
Commit | Line | Data |
---|---|---|
d7832d2c KS |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
9 | under the terms of the GNU Lesser General Public License as published by |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
d7832d2c KS |
11 | (at your option) any later version. |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 16 | Lesser General Public License for more details. |
d7832d2c | 17 | |
5430f7f2 | 18 | You should have received a copy of the GNU Lesser General Public License |
d7832d2c KS |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
20 | ***/ | |
21 | ||
d7832d2c | 22 | #include <errno.h> |
d7832d2c | 23 | #include <stdio.h> |
d7832d2c | 24 | |
d7832d2c | 25 | #include "audit.h" |
3ffd4af2 | 26 | #include "fd-util.h" |
a5c32cff | 27 | #include "fileio.h" |
3ffd4af2 LP |
28 | #include "macro.h" |
29 | #include "process-util.h" | |
b1d4f8e1 | 30 | #include "user-util.h" |
3ffd4af2 | 31 | #include "util.h" |
d7832d2c KS |
32 | |
33 | int audit_session_from_pid(pid_t pid, uint32_t *id) { | |
5b12334d LP |
34 | _cleanup_free_ char *s = NULL; |
35 | const char *p; | |
d7832d2c KS |
36 | uint32_t u; |
37 | int r; | |
38 | ||
39 | assert(id); | |
40 | ||
d7e46e01 LP |
41 | /* We don't convert ENOENT to ESRCH here, since we can't |
42 | * really distuingish between "audit is not available in the | |
43 | * kernel" and "the process does not exist", both which will | |
44 | * result in ENOENT. */ | |
45 | ||
b68fa010 | 46 | p = procfs_file_alloca(pid, "sessionid"); |
d7832d2c | 47 | |
5b12334d | 48 | r = read_one_line_file(p, &s); |
d7832d2c KS |
49 | if (r < 0) |
50 | return r; | |
51 | ||
52 | r = safe_atou32(s, &u); | |
d7832d2c KS |
53 | if (r < 0) |
54 | return r; | |
55 | ||
cfeaa44a | 56 | if (u == AUDIT_SESSION_INVALID || u <= 0) |
d7e46e01 | 57 | return -ENODATA; |
d7832d2c KS |
58 | |
59 | *id = u; | |
60 | return 0; | |
61 | } | |
62 | ||
63 | int audit_loginuid_from_pid(pid_t pid, uid_t *uid) { | |
5b12334d LP |
64 | _cleanup_free_ char *s = NULL; |
65 | const char *p; | |
d7832d2c KS |
66 | uid_t u; |
67 | int r; | |
68 | ||
69 | assert(uid); | |
70 | ||
b68fa010 | 71 | p = procfs_file_alloca(pid, "loginuid"); |
d7832d2c | 72 | |
5b12334d | 73 | r = read_one_line_file(p, &s); |
d7832d2c KS |
74 | if (r < 0) |
75 | return r; | |
76 | ||
77 | r = parse_uid(s, &u); | |
d7e46e01 LP |
78 | if (r == -ENXIO) /* the UID was -1 */ |
79 | return -ENODATA; | |
d7832d2c KS |
80 | if (r < 0) |
81 | return r; | |
82 | ||
d7832d2c KS |
83 | *uid = (uid_t) u; |
84 | return 0; | |
85 | } | |
cfb1f5df LP |
86 | |
87 | bool use_audit(void) { | |
88 | static int cached_use = -1; | |
89 | ||
90 | if (cached_use < 0) { | |
91 | int fd; | |
92 | ||
93 | fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT); | |
94 | if (fd < 0) | |
95 | cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT; | |
96 | else { | |
97 | cached_use = true; | |
98 | safe_close(fd); | |
99 | } | |
100 | } | |
101 | ||
102 | return cached_use; | |
103 | } |