]>
Commit | Line | Data |
---|---|---|
c1165f82 LP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2012 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
c1165f82 | 20 | |
ffc227c9 | 21 | #include <errno.h> |
cf0fbc49 | 22 | |
c1165f82 | 23 | #include "audit-fd.h" |
c1165f82 | 24 | |
349cc4a5 | 25 | #if HAVE_AUDIT |
c1165f82 LP |
26 | |
27 | #include <libaudit.h> | |
cf0fbc49 | 28 | #include <stdbool.h> |
c1165f82 | 29 | |
b3fb3c01 | 30 | #include "capability-util.h" |
cf0fbc49 | 31 | #include "fd-util.h" |
ffc227c9 LP |
32 | #include "log.h" |
33 | #include "util.h" | |
34 | ||
c1165f82 LP |
35 | static bool initialized = false; |
36 | static int audit_fd; | |
37 | ||
38 | int get_audit_fd(void) { | |
39 | ||
40 | if (!initialized) { | |
b3fb3c01 GT |
41 | if (have_effective_cap(CAP_AUDIT_WRITE) == 0) { |
42 | audit_fd = -EPERM; | |
43 | initialized = true; | |
44 | ||
45 | return audit_fd; | |
46 | } | |
47 | ||
c1165f82 LP |
48 | audit_fd = audit_open(); |
49 | ||
50 | if (audit_fd < 0) { | |
ec2ce0c5 | 51 | if (!IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT)) |
56f64d95 | 52 | log_error_errno(errno, "Failed to connect to audit log: %m"); |
c1165f82 LP |
53 | |
54 | audit_fd = errno ? -errno : -EINVAL; | |
55 | } | |
56 | ||
57 | initialized = true; | |
58 | } | |
59 | ||
60 | return audit_fd; | |
61 | } | |
62 | ||
63 | void close_audit_fd(void) { | |
64 | ||
65 | if (initialized && audit_fd >= 0) | |
03e334a1 | 66 | safe_close(audit_fd); |
c1165f82 LP |
67 | |
68 | initialized = true; | |
69 | audit_fd = -ECONNRESET; | |
70 | } | |
71 | ||
72 | #else | |
73 | ||
74 | int get_audit_fd(void) { | |
75 | return -EAFNOSUPPORT; | |
76 | } | |
77 | ||
78 | void close_audit_fd(void) { | |
79 | } | |
80 | ||
81 | #endif |