summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2016-09-28 18:26:25 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2016-10-06 11:49:00 +0200
commitf006b30bd5a24cb4420e0d439ebb5805b2b4c84d (patch)
tree07031b0f739ebf023cf7ff55adece5bb34c717c4
parent77531863ca50fb5c0dfb952dbda50250bbe3e5d1 (diff)
audit: disable if cannot create NETLINK_AUDIT socket
-rw-r--r--src/basic/audit-util.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/basic/audit-util.c b/src/basic/audit-util.c
index 5741fecdd6..d1c9695973 100644
--- a/src/basic/audit-util.c
+++ b/src/basic/audit-util.c
@@ -92,8 +92,11 @@ bool use_audit(void) {
int fd;
fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
- if (fd < 0)
- cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
+ if (fd < 0) {
+ cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM);
+ if (errno == EPERM)
+ log_debug_errno(errno, "Audit access prohibited, won't talk to audit");
+ }
else {
cached_use = true;
safe_close(fd);