audit.c revision d7832d2c6e0ef5f2839a2296c1cc2fc85c7d9632
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <assert.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <ctype.h>
#include <sys/capability.h>
#include "macro.h"
#include "audit.h"
#include "util.h"
#include "log.h"
char *s;
uint32_t u;
int r;
if (have_effective_cap(CAP_AUDIT_CONTROL) <= 0)
return -ENOENT;
if (pid == 0)
r = read_one_line_file("/proc/self/sessionid", &s);
else {
char *p;
return -ENOMEM;
r = read_one_line_file(p, &s);
free(p);
}
if (r < 0)
return r;
r = safe_atou32(s, &u);
free(s);
if (r < 0)
return r;
if (u == (uint32_t) -1 || u <= 0)
return -ENOENT;
*id = u;
return 0;
}
char *s;
uid_t u;
int r;
/* Only use audit login uid if we are executed with sufficient
* capabilities so that pam_loginuid could do its job. If we
* are lacking the CAP_AUDIT_CONTROL capabality we most likely
* useless since it probably contains a uid of the host
* system. */
if (have_effective_cap(CAP_AUDIT_CONTROL) <= 0)
return -ENOENT;
if (pid == 0)
r = read_one_line_file("/proc/self/loginuid", &s);
else {
char *p;
return -ENOMEM;
r = read_one_line_file(p, &s);
free(p);
}
if (r < 0)
return r;
r = parse_uid(s, &u);
free(s);
if (r < 0)
return r;
if (u == (uid_t) -1)
return -ENOENT;
return 0;
}