diff options
author | David Herrmann <dh.herrmann@gmail.com> | 2015-01-11 15:27:18 +0100 |
---|---|---|
committer | David Herrmann <dh.herrmann@gmail.com> | 2015-01-11 15:27:18 +0100 |
commit | b49c7806a395fd655edd19785f56874b28f5a24c (patch) | |
tree | 18d1555df0303ebf2542930fc8c2e434580ac045 /src/bus-proxyd/bus-xml-policy.c | |
parent | b5cfc2b953fca74bf4c42a4e9e38abe72cc26493 (diff) |
bus-proxy: print message direction in policy logs
Make sure to print "dbus-1 to kernel" or "kernel to dbus-1" in policy logs
to better diagnose the situation.
Diffstat (limited to 'src/bus-proxyd/bus-xml-policy.c')
-rw-r--r-- | src/bus-proxyd/bus-xml-policy.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c index 366adbd7ac..a5c4313327 100644 --- a/src/bus-proxyd/bus-xml-policy.c +++ b/src/bus-proxyd/bus-xml-policy.c @@ -837,7 +837,8 @@ bool policy_check_recv(Policy *p, const char *name, const char *path, const char *interface, - const char *member) { + const char *member, + bool dbus_to_kernel) { struct policy_check_filter filter = { .class = POLICY_ITEM_RECV, @@ -857,8 +858,9 @@ bool policy_check_recv(Policy *p, verdict = policy_check(p, &filter); log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG), - "Receive permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", - uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict))); + "Receive permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", + dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name), + strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict))); return verdict == ALLOW; } @@ -870,7 +872,8 @@ bool policy_check_send(Policy *p, const char *name, const char *path, const char *interface, - const char *member) { + const char *member, + bool dbus_to_kernel) { struct policy_check_filter filter = { .class = POLICY_ITEM_SEND, @@ -890,8 +893,9 @@ bool policy_check_send(Policy *p, verdict = policy_check(p, &filter); log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG), - "Send permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", - uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict))); + "Send permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", + dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name), + strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict))); return verdict == ALLOW; } |