Merge pull request #1542 from keszybz/journal-audit-optional

Make journald audit socket maskable
author: Lennart Poettering <lennart@poettering.net> 2015-10-13 17:23:33 +0200
committer: Lennart Poettering <lennart@poettering.net> 2015-10-13 17:23:33 +0200
commit: 18438f262c60823ad01bf88b7a8a326c3e8b511d (patch)
tree: 1ad6aa4c93400a77eeeb8e70e54df4abb5aa52ac /src/journal/journald-server.c
parent: c7e2496a2194557c8c52317209d1020dee845117 (diff)
parent: 37b7affefde5443680d73642a990ce86776e28af (diff)
1 files changed, 21 insertions, 6 deletions
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index fb172b7f5d..2d2a215f5d 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -1446,6 +1446,7 @@ static int server_open_hostname(Server *s) {
 int server_init(Server *s) {
         _cleanup_fdset_free_ FDSet *fds = NULL;
         int n, r, fd;
+        bool no_sockets;
 
         assert(s);
 
@@ -1555,30 +1556,44 @@ int server_init(Server *s) {
                 }
         }
 
-        r = server_open_stdout_socket(s, fds);
-        if (r < 0)
-                return r;
+        /* Try to restore streams, but don't bother if this fails */
+        (void) server_restore_streams(s, fds);
 
         if (fdset_size(fds) > 0) {
                 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
                 fds = fdset_free(fds);
         }
 
+        no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0;
+
+        /* always open stdout, syslog, native, and kmsg sockets */
+
+        /* systemd-journald.socket: /run/systemd/journal/stdout */
+        r = server_open_stdout_socket(s);
+        if (r < 0)
+                return r;
+
+        /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
         r = server_open_syslog_socket(s);
         if (r < 0)
                 return r;
 
+        /* systemd-journald.socket: /run/systemd/journal/socket */
         r = server_open_native_socket(s);
         if (r < 0)
                 return r;
 
+        /* /dev/ksmg */
         r = server_open_dev_kmsg(s);
         if (r < 0)
                 return r;
 
-        r = server_open_audit(s);
-        if (r < 0)
-                return r;
+        /* Unless we got *some* sockets and not audit, open audit socket */
+        if (s->audit_fd >= 0 || no_sockets) {
+                r = server_open_audit(s);
+                if (r < 0)
+                        return r;
+        }
 
         r = server_open_kernel_seqnum(s);
         if (r < 0)
author	Lennart Poettering <lennart@poettering.net>	2015-10-13 17:23:33 +0200
committer	Lennart Poettering <lennart@poettering.net>	2015-10-13 17:23:33 +0200
commit	18438f262c60823ad01bf88b7a8a326c3e8b511d (patch)
tree	1ad6aa4c93400a77eeeb8e70e54df4abb5aa52ac /src/journal/journald-server.c
parent	c7e2496a2194557c8c52317209d1020dee845117 (diff)
parent	37b7affefde5443680d73642a990ce86776e28af (diff)