diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-10-06 15:44:27 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-10-06 15:44:27 +0200 |
commit | e057995bb1314a94ce460d8e5a2a20e73c0e2ad4 (patch) | |
tree | 6ca280b3a1526e61c9fed7b87854e2ba0ddb80c8 /src/basic/audit-util.c | |
parent | 94f42fe3a68129fc5d30fc0ee2094c3052ea782b (diff) | |
parent | 36d854780c01d589e5da1fc6e94f46aa41f7016f (diff) |
Merge pull request #4280 from giuseppe/unprivileged-user
[RFC] run systemd in an unprivileged container
Diffstat (limited to 'src/basic/audit-util.c')
-rw-r--r-- | src/basic/audit-util.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/basic/audit-util.c b/src/basic/audit-util.c index 5741fecdd6..d1c9695973 100644 --- a/src/basic/audit-util.c +++ b/src/basic/audit-util.c @@ -92,8 +92,11 @@ bool use_audit(void) { int fd; fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT); - if (fd < 0) - cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT; + if (fd < 0) { + cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM); + if (errno == EPERM) + log_debug_errno(errno, "Audit access prohibited, won't talk to audit"); + } else { cached_use = true; safe_close(fd); |