selinux-util: downgrade log level to LOG_DEBUG when error code is zero

Previously, the logger is only used in error paths, but since
fe3f2ac0734e64dcd729b00992a6261cbf4cc846, the logger is also used in a
success path. Let's not log loudly on success.

This also drops unused log_selinux_enforcing().

diff --git a/src/shared/selinux-util.h b/src/shared/selinux-util.h
index d8df89d79ec2807f04310a2185a2023fd6d4ded5..e97bc40dcca769db9c6bb790eeb45b93f3af1862 100644 (file)
--- a/src/shared/selinux-util.h
+++ b/src/shared/selinux-util.h
@@ -17,14 +17,14 @@ static inline void freeconp(char **p) {
 
 #define _cleanup_freecon_ _cleanup_(freeconp)
 
-#define log_selinux_enforcing(...)                                      \
-        log_full(mac_selinux_enforcing() ? LOG_ERR : LOG_WARNING, __VA_ARGS__)
-
+/* This accepts 0 error, like _zerook(). */
 #define log_selinux_enforcing_errno(error, ...)                         \
         ({                                                              \
-                bool _enforcing = mac_selinux_enforcing();              \
-                int _level = _enforcing ? LOG_ERR : LOG_WARNING;        \
                 int _e = (error);                                       \
+                bool _enforcing = mac_selinux_enforcing();              \
+                int _level =                                            \
+                        ERRNO_VALUE(_e) == 0 ? LOG_DEBUG :              \
+                                  _enforcing ? LOG_ERR : LOG_WARNING;   \
                                                                         \
                 int _r = (log_get_max_level() >= LOG_PRI(_level))       \
                         ? log_internal(_level, _e, PROJECT_FILE, __LINE__, __func__, __VA_ARGS__) \