[thirdparty/systemd.git] / src / basic / audit.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <stdio.h>

#include "audit.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "process-util.h"
#include "user-util.h"
#include "util.h"

int audit_session_from_pid(pid_t pid, uint32_t *id) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uint32_t u;
        int r;

        assert(id);

        /* We don't convert ENOENT to ESRCH here, since we can't
         * really distuingish between "audit is not available in the
         * kernel" and "the process does not exist", both which will
         * result in ENOENT. */

        p = procfs_file_alloca(pid, "sessionid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = safe_atou32(s, &u);
        if (r < 0)
                return r;

        if (u == AUDIT_SESSION_INVALID || u <= 0)
                return -ENODATA;

        *id = u;
        return 0;
}

int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
        _cleanup_free_ char *s = NULL;
        const char *p;
        uid_t u;
        int r;

        assert(uid);

        p = procfs_file_alloca(pid, "loginuid");

        r = read_one_line_file(p, &s);
        if (r < 0)
                return r;

        r = parse_uid(s, &u);
        if (r == -ENXIO) /* the UID was -1 */
                return -ENODATA;
        if (r < 0)
                return r;

        *uid = (uid_t) u;
        return 0;
}

bool use_audit(void) {
        static int cached_use = -1;

        if (cached_use < 0) {
                int fd;

                fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
                if (fd < 0)
                        cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
                else {
                        cached_use = true;
                        safe_close(fd);
                }
        }

        return cached_use;
}
Commit	Line	Data
d7832d2c KS	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
d7832d2c KS	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
d7832d2c	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
d7832d2c KS	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
d7832d2c	22	#include <errno.h>
d7832d2c	23	#include <stdio.h>
d7832d2c	24
d7832d2c	25	#include "audit.h"
3ffd4af2	26	#include "fd-util.h"
a5c32cff	27	#include "fileio.h"
3ffd4af2 LP	28	#include "macro.h"
3ffd4af2 LP	29	#include "process-util.h"
b1d4f8e1	30	#include "user-util.h"
3ffd4af2	31	#include "util.h"
d7832d2c KS	32
d7832d2c KS	33	int audit_session_from_pid(pid_t pid, uint32_t *id) {
5b12334d LP	34	_cleanup_free_ char *s = NULL;
5b12334d LP	35	const char *p;
d7832d2c KS	36	uint32_t u;
	37	int r;
	38
	39	assert(id);
	40
d7e46e01 LP	41	/* We don't convert ENOENT to ESRCH here, since we can't
	42	* really distuingish between "audit is not available in the
	43	* kernel" and "the process does not exist", both which will
	44	* result in ENOENT. */
	45
b68fa010	46	p = procfs_file_alloca(pid, "sessionid");
d7832d2c	47
5b12334d	48	r = read_one_line_file(p, &s);
d7832d2c KS	49	if (r < 0)
	50	return r;
	51
	52	r = safe_atou32(s, &u);
d7832d2c KS	53	if (r < 0)
	54	return r;
	55
cfeaa44a	56	if (u == AUDIT_SESSION_INVALID \|\| u <= 0)
d7e46e01	57	return -ENODATA;
d7832d2c KS	58
	59	*id = u;
	60	return 0;
	61	}
	62
	63	int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
5b12334d LP	64	_cleanup_free_ char *s = NULL;
5b12334d LP	65	const char *p;
d7832d2c KS	66	uid_t u;
	67	int r;
	68
	69	assert(uid);
	70
b68fa010	71	p = procfs_file_alloca(pid, "loginuid");
d7832d2c	72
5b12334d	73	r = read_one_line_file(p, &s);
d7832d2c KS	74	if (r < 0)
	75	return r;
	76
	77	r = parse_uid(s, &u);
d7e46e01 LP	78	if (r == -ENXIO) /* the UID was -1 */
d7e46e01 LP	79	return -ENODATA;
d7832d2c KS	80	if (r < 0)
	81	return r;
	82
d7832d2c KS	83	*uid = (uid_t) u;
	84	return 0;
	85	}
cfb1f5df LP	86
	87	bool use_audit(void) {
	88	static int cached_use = -1;
	89
	90	if (cached_use < 0) {
	91	int fd;
	92
	93	fd = socket(AF_NETLINK, SOCK_RAW\|SOCK_CLOEXEC\|SOCK_NONBLOCK, NETLINK_AUDIT);
	94	if (fd < 0)
	95	cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
	96	else {
	97	cached_use = true;
	98	safe_close(fd);
	99	}
	100	}
	101
	102	return cached_use;
	103	}