summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-03-05 14:36:57 +0100
committerLennart Poettering <lennart@poettering.net>2013-03-05 14:36:59 +0100
commit82499507b369fea3033a74c22813bf423301aef4 (patch)
tree38acc6519a06c6216a18fe2eddc6fad8b8613eaf
parent40adcda869bda55f44b57fd3a2bd71d006dfb51b (diff)
journald: drop splitting-by-audit entirely
Thinking about it we should probably not hide bugs by falling back to audit when we have our own session information anyway.
-rw-r--r--src/journal/journald-server.c21
1 files changed, 8 insertions, 13 deletions
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index b46a2f63b3..c1ec0fad32 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -515,8 +515,8 @@ static void dispatch_message_real(
sd_id128_t id;
int r;
char *t;
- uid_t loginuid = 0, realuid = 0, owner = 0, journal_uid;
- bool loginuid_valid = false, owner_valid = false;
+ uid_t realuid = 0, owner = 0, journal_uid;
+ bool owner_valid = false;
assert(s);
assert(iovec);
@@ -525,6 +525,7 @@ static void dispatch_message_real(
if (ucred) {
uint32_t audit;
+ uid_t loginuid;
realuid = ucred->uid;
@@ -570,11 +571,9 @@ static void dispatch_message_real(
IOVEC_SET_STRING(iovec[n++], audit_session);
r = audit_loginuid_from_pid(ucred->pid, &loginuid);
- if (r >= 0) {
- loginuid_valid = true;
+ if (r >= 0)
if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
IOVEC_SET_STRING(iovec[n++], audit_loginuid);
- }
t = shortened_cgroup_path(ucred->pid);
if (t) {
@@ -672,18 +671,14 @@ static void dispatch_message_real(
if (s->split_mode == SPLIT_UID && realuid > 0)
/* Split up strictly by any UID */
journal_uid = realuid;
- else if (s->split_mode == SPLIT_LOGIN && owner_valid && owner > 0 && realuid > 0)
+ else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
/* Split up by login UIDs, this avoids creation of
* individual journals for system UIDs. We do this
* only if the realuid is not root, in order not to
- * accidentally leak privileged information logged by
- * a privileged process that is part of an
- * unprivileged session to the user. */
+ * accidentally leak privileged information to the
+ * user that is logged by a privileged process that is
+ * part of an unprivileged session.*/
journal_uid = owner;
- else if (s->split_mode == SPLIT_LOGIN && loginuid_valid && loginuid > 0 && realuid > 0)
- /* Hmm, let's try via the audit uids, as fallback,
- * just in case */
- journal_uid = loginuid;
else
journal_uid = 0;