diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-11-03 21:09:38 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-11-03 21:51:28 +0100 |
commit | cfb1f5df7ce6868d3edb7333591b91c9809d64d3 (patch) | |
tree | 44a3419d44887d8e5d046a1c54c69e624c0a5d42 /src/shared | |
parent | 875c2e220e2611165e09051c4747971811f1de58 (diff) |
core: introduce ConditionSecurity=audit
And conditionalize journald audit support with it
Diffstat (limited to 'src/shared')
-rw-r--r-- | src/shared/audit.c | 18 | ||||
-rw-r--r-- | src/shared/audit.h | 2 |
2 files changed, 20 insertions, 0 deletions
diff --git a/src/shared/audit.c b/src/shared/audit.c index f101050825..4701c0a8de 100644 --- a/src/shared/audit.c +++ b/src/shared/audit.c @@ -80,3 +80,21 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) { *uid = (uid_t) u; return 0; } + +bool use_audit(void) { + static int cached_use = -1; + + if (cached_use < 0) { + int fd; + + fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT); + if (fd < 0) + cached_use = errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT; + else { + cached_use = true; + safe_close(fd); + } + } + + return cached_use; +} diff --git a/src/shared/audit.h b/src/shared/audit.h index 0effc0baa0..b4aecffb30 100644 --- a/src/shared/audit.h +++ b/src/shared/audit.h @@ -27,3 +27,5 @@ int audit_session_from_pid(pid_t pid, uint32_t *id); int audit_loginuid_from_pid(pid_t pid, uid_t *uid); + +bool use_audit(void); |