resolved: log process info of clients requesting resolution via D-Bus

author Lennart Poettering <lennart@poettering.net>

Mon, 9 Nov 2020 21:20:16 +0000 (22:20 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 16 Feb 2021 12:42:49 +0000 (13:42 +0100)
author Lennart Poettering <lennart@poettering.net>
Mon, 9 Nov 2020 21:20:16 +0000 (22:20 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 16 Feb 2021 12:42:49 +0000 (13:42 +0100)
diff --git a/src/resolve/resolved-bus.c b/src/resolve/resolved-bus.c

index 71374a19ad68286438c385d15d4d8f25976afa33..032ed0256bf41e9b0886ac2089ea3582360b43f1 100644 (file)
--- a/src/resolve/resolved-bus.c
+++ b/src/resolve/resolved-bus.c
@@ -7,6 +7,7 @@
  #include "bus-message-util.h"
  #include "bus-polkit.h"
  #include "dns-domain.h"
+#include "format-util.h"
  #include "memory-util.h"
  #include "missing_capability.h"
  #include "resolved-bus.h"
@@ -375,6 +376,31 @@ static int parse_as_address(sd_bus_message *m, int ifindex, const char *hostname
          return sd_bus_send(sd_bus_message_get_bus(m), reply, NULL);
  }
  
+void bus_client_log(sd_bus_message *m, const char *what) {
+        _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
+        const char *comm = NULL;
+        uid_t uid = UID_INVALID;
+        pid_t pid = 0;
+        int r;
+
+        assert(m);
+        assert(what);
+
+        if (!DEBUG_LOGGING)
+                return;
+
+        r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|SD_BUS_CREDS_COMM|SD_BUS_CREDS_AUGMENT, &creds);
+        if (r < 0)
+                return (void) log_debug_errno(r, "Failed to query client credentials, ignoring: %m");
+
+        (void) sd_bus_creds_get_uid(creds, &uid);
+        (void) sd_bus_creds_get_pid(creds, &pid);
+        (void) sd_bus_creds_get_comm(creds, &comm);
+
+        log_debug("D-Bus %s request from client PID " PID_FMT " (%s) with UID " UID_FMT,
+                  what, pid, strna(comm), uid);
+}
+
  static int bus_method_resolve_hostname(sd_bus_message *message, void *userdata, sd_bus_error *error) {
          _cleanup_(dns_question_unrefp) DnsQuestion *question_idna = NULL, *question_utf8 = NULL;
          Manager *m = userdata;
@@ -421,6 +447,8 @@ static int bus_method_resolve_hostname(sd_bus_message *message, void *userdata,
          if (r < 0 && r != -EALREADY)
                  return r;
  
+        bus_client_log(message, "hostname resolution");
+
          r = dns_query_new(m, &q, question_utf8, question_idna ?: question_utf8, NULL, ifindex, flags);
          if (r < 0)
                  return r;
@@ -563,6 +591,8 @@ static int bus_method_resolve_address(sd_bus_message *message, void *userdata, s
          if (r < 0)
                  return r;
  
+        bus_client_log(message, "address resolution");
+
          r = dns_query_new(m, &q, question, question, NULL, ifindex, flags|SD_RESOLVED_NO_SEARCH);
          if (r < 0)
                  return r;
@@ -739,6 +769,8 @@ static int bus_method_resolve_record(sd_bus_message *message, void *userdata, sd
          if (r < 0)
                  return r;
  
+        bus_client_log(message, "resource record resolution");
+
          /* Setting SD_RESOLVED_CLAMP_TTL: let's request that the TTL is fixed up for locally cached entries,
           * after all we return it in the wire format blob. */
          r = dns_query_new(m, &q, question, question, NULL, ifindex, flags|SD_RESOLVED_NO_SEARCH|SD_RESOLVED_CLAMP_TTL);
@@ -1271,6 +1303,8 @@ static int bus_method_resolve_service(sd_bus_message *message, void *userdata, s
          if (r < 0)
                  return r;
  
+        bus_client_log(message, "service resolution");
+
          r = dns_query_new(m, &q, question_utf8, question_idna, NULL, ifindex, flags|SD_RESOLVED_NO_SEARCH);
          if (r < 0)
                  return r;
@@ -1663,6 +1697,8 @@ static int bus_method_reset_statistics(sd_bus_message *message, void *userdata,
          assert(message);
          assert(m);
  
+        bus_client_log(message, "statistics reset");
+
          LIST_FOREACH(scopes, s, m->dns_scopes)
                  s->cache.n_hit = s->cache.n_miss = 0;
  
@@ -1775,6 +1811,8 @@ static int bus_method_flush_caches(sd_bus_message *message, void *userdata, sd_b
          assert(message);
          assert(m);
  
+        bus_client_log(message, "cache flush");
+
          manager_flush_caches(m, LOG_INFO);
  
          return sd_bus_reply_method_return(message, NULL);
@@ -1786,6 +1824,8 @@ static int bus_method_reset_server_features(sd_bus_message *message, void *userd
          assert(message);
          assert(m);
  
+        bus_client_log(message, "server feature reset");
+
          manager_reset_server_features(m);
  
          return sd_bus_reply_method_return(message, NULL);
diff --git a/src/resolve/resolved-bus.h b/src/resolve/resolved-bus.h

index 8628d8ba6fdfe08ba92415933de41645715562d2..6c2bd266805b22a49d61a90428f74f4b4c91664f 100644 (file)
--- a/src/resolve/resolved-bus.h
+++ b/src/resolve/resolved-bus.h
@@ -13,3 +13,5 @@ int bus_dns_server_append(sd_bus_message *reply, DnsServer *s, bool with_ifindex
  int bus_property_get_resolve_support(sd_bus *bus, const char *path, const char *interface,
                                       const char *property, sd_bus_message *reply,
                                       void *userdata, sd_bus_error *error);
+
+void bus_client_log(sd_bus_message *m, const char *what);
diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c

index e435fd3a801ef571566d171dbb1dbc1ee76b9533..8649804674c9c1540d900368b22097773989a076 100644 (file)
--- a/src/resolve/resolved-link-bus.c
+++ b/src/resolve/resolved-link-bus.c
@@ -296,6 +296,8 @@ static int bus_link_method_set_dns_servers_internal(sd_bus_message *message, voi
                  }
          }
  
+        bus_client_log(message, "DNS server change");
+
          dns_server_mark_all(l->dns_servers);
  
          for (size_t i = 0; i < n; i++) {
@@ -404,6 +406,8 @@ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "dns domains change");
+
          dns_search_domain_mark_all(l->search_domains);
  
          for (;;) {
@@ -477,6 +481,8 @@ int bus_link_method_set_default_route(sd_bus_message *message, void *userdata, s
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "dns default route change");
+
          if (l->default_route != b) {
                  l->default_route = b;
  
@@ -523,6 +529,8 @@ int bus_link_method_set_llmnr(sd_bus_message *message, void *userdata, sd_bus_er
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "LLMNR change");
+
          l->llmnr_support = mode;
          link_allocate_scopes(l);
          link_add_rrs(l, false);
@@ -568,6 +576,8 @@ int bus_link_method_set_mdns(sd_bus_message *message, void *userdata, sd_bus_err
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "mDNS change");
+
          l->mdns_support = mode;
          link_allocate_scopes(l);
          link_add_rrs(l, false);
@@ -613,6 +623,8 @@ int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "D-o-T change");
+
          link_set_dns_over_tls_mode(l, mode);
  
          (void) link_save_user(l);
@@ -657,6 +669,8 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "DNSSEC change");
+
          link_set_dnssec_mode(l, mode);
  
          (void) link_save_user(l);
@@ -715,6 +729,8 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "DNSSEC NTA change");
+
          set_free_free(l->dnssec_negative_trust_anchors);
          l->dnssec_negative_trust_anchors = TAKE_PTR(ns);
  
@@ -748,6 +764,8 @@ int bus_link_method_revert(sd_bus_message *message, void *userdata, sd_bus_error
          if (r == 0)
                  return 1; /* Polkit will call us back */
  
+        bus_client_log(message, "revert");
+
          link_flush_settings(l);
          link_allocate_scopes(l);
          link_add_rrs(l, false);
author	Lennart Poettering <lennart@poettering.net>
	Mon, 9 Nov 2020 21:20:16 +0000 (22:20 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 16 Feb 2021 12:42:49 +0000 (13:42 +0100)
src/resolve/resolved-bus.c		patch \| blob \| blame \| history
src/resolve/resolved-bus.h		patch \| blob \| blame \| history
src/resolve/resolved-link-bus.c		patch \| blob \| blame \| history