From: Christian Göttsche <cgzones@googlemail.com>
Date: Fri, 4 Nov 2022 15:30:57 +0000 (+0100)
Subject: core: update audit messages
X-Git-Tag: v253-rc1~592
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c826b7ef3272157167a5c9d493e9672f00d84b98;p=thirdparty%2Fsystemd.git

core: update audit messages

Pass getuid() instead of literal `0` as auid, since user session
managers also issue audit messages on SELinux denials.
---

diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index c69baa8a1a7..c1744cff92d 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -113,9 +113,9 @@ _printf_(2, 3) static int log_callback(int type, const char *fmt, ...) {
 
                 if (r >= 0) {
                         if (type == SELINUX_AVC)
-                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
+                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, getuid());
                         else if (type == SELINUX_ERROR)
-                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_SELINUX_ERR, buf, NULL, NULL, NULL, 0);
+                                audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_SELINUX_ERR, buf, NULL, NULL, NULL, getuid());
 
                         return 0;
                 }