summaryrefslogtreecommitdiff
path: root/src/shared
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-11-03 21:09:38 +0100
committerLennart Poettering <lennart@poettering.net>2014-11-03 21:51:28 +0100
commitcfb1f5df7ce6868d3edb7333591b91c9809d64d3 (patch)
tree44a3419d44887d8e5d046a1c54c69e624c0a5d42 /src/shared
parent875c2e220e2611165e09051c4747971811f1de58 (diff)
core: introduce ConditionSecurity=audit
And conditionalize journald audit support with it
Diffstat (limited to 'src/shared')
-rw-r--r--src/shared/audit.c18
-rw-r--r--src/shared/audit.h2
2 files changed, 20 insertions, 0 deletions
diff --git a/src/shared/audit.c b/src/shared/audit.c
index f101050825..4701c0a8de 100644
--- a/src/shared/audit.c
+++ b/src/shared/audit.c
@@ -80,3 +80,21 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
*uid = (uid_t) u;
return 0;
}
+
+bool use_audit(void) {
+ static int cached_use = -1;
+
+ if (cached_use < 0) {
+ int fd;
+
+ fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
+ if (fd < 0)
+ cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT;
+ else {
+ cached_use = true;
+ safe_close(fd);
+ }
+ }
+
+ return cached_use;
+}
diff --git a/src/shared/audit.h b/src/shared/audit.h
index 0effc0baa0..b4aecffb30 100644
--- a/src/shared/audit.h
+++ b/src/shared/audit.h
@@ -27,3 +27,5 @@
int audit_session_from_pid(pid_t pid, uint32_t *id);
int audit_loginuid_from_pid(pid_t pid, uid_t *uid);
+
+bool use_audit(void);