summaryrefslogtreecommitdiff
path: root/src/journal/journald-native.c
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2013-06-12 00:24:34 -0400
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2013-06-20 23:03:58 -0400
commit968f319679d9069af037240d0c3bcd126181cdac (patch)
tree64f15ecd2cf7368fb7d79adb1734b0f6e29c25c3 /src/journal/journald-native.c
parentfd59d9f29838c3888168554c774003e7ad6d33b0 (diff)
journal: allow callers to specify OBJECT_PID=
When journald encounters a message with OBJECT_PID= set coming from a priviledged process (UID==0), additional fields will be added to the message: OBJECT_UID=, OBJECT_GID=, OBJECT_COMM=, OBJECT_EXE=, OBJECT_CMDLINE=, OBJECT_AUDIT_SESSION=, OBJECT_AUDIT_LOGINUID=, OBJECT_SYSTEMD_CGROUP=, OBJECT_SYSTEMD_SESSION=, OBJECT_SYSTEMD_OWNER_UID=, OBJECT_SYSTEMD_UNIT= or OBJECT_SYSTEMD_USER_UNIT=. This is for other logging daemons, like setroubleshoot, to be able to augment their logs with data about the process. https://bugzilla.redhat.com/show_bug.cgi?id=951627
Diffstat (limited to 'src/journal/journald-native.c')
-rw-r--r--src/journal/journald-native.c40
1 files changed, 23 insertions, 17 deletions
diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index ec9afa187d..0f9af378cf 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -71,6 +71,10 @@ static bool valid_user_field(const char *p, size_t l) {
return true;
}
+static bool allow_object_pid(struct ucred *ucred) {
+ return ucred && ucred->uid == 0;
+}
+
void server_process_native_message(
Server *s,
const void *buffer, size_t buffer_size,
@@ -79,11 +83,12 @@ void server_process_native_message(
const char *label, size_t label_len) {
struct iovec *iovec = NULL;
- unsigned n = 0, m = 0, j, tn = (unsigned) -1;
+ unsigned n = 0, j, tn = (unsigned) -1;
const char *p;
- size_t remaining;
+ size_t remaining, m = 0;
int priority = LOG_INFO;
char *identifier = NULL, *message = NULL;
+ pid_t object_pid = 0;
assert(s);
assert(buffer || buffer_size == 0);
@@ -104,7 +109,7 @@ void server_process_native_message(
if (e == p) {
/* Entry separator */
- server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
+ server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid);
n = 0;
priority = LOG_INFO;
@@ -124,19 +129,10 @@ void server_process_native_message(
/* A property follows */
/* n received properties, +1 for _TRANSPORT */
- if (n + 1 + N_IOVEC_META_FIELDS >= m) {
- struct iovec *c;
- unsigned u;
-
- u = MAX((n + 1 + N_IOVEC_META_FIELDS) * 2U, 4U);
- c = realloc(iovec, u * sizeof(struct iovec));
- if (!c) {
- log_oom();
- break;
- }
-
- iovec = c;
- m = u;
+ if (!GREEDY_REALLOC(iovec, m, n + 1 + N_IOVEC_META_FIELDS +
+ !!object_pid * N_IOVEC_OBJECT_FIELDS)) {
+ log_oom();
+ break;
}
q = memchr(p, '=', e - p);
@@ -191,6 +187,16 @@ void server_process_native_message(
free(message);
message = t;
}
+ } else if (l > strlen("OBJECT_PID=") &&
+ l < strlen("OBJECT_PID=") + DECIMAL_STR_MAX(pid_t) &&
+ hasprefix(p, "OBJECT_PID=") &&
+ allow_object_pid(ucred)) {
+ char buf[DECIMAL_STR_MAX(pid_t)];
+ memcpy(buf, p + strlen("OBJECT_PID="), l - strlen("OBJECT_PID="));
+ char_array_0(buf);
+
+ /* ignore error */
+ parse_pid(buf, &object_pid);
}
}
@@ -260,7 +266,7 @@ void server_process_native_message(
server_forward_console(s, priority, identifier, message, ucred);
}
- server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
+ server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid);
finish:
for (j = 0; j < n; j++) {
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-10 16:26:06 +0000