diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-10-13 17:23:33 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-10-13 17:23:33 +0200 |
| commit | 18438f262c60823ad01bf88b7a8a326c3e8b511d (patch) | |
| tree | 1ad6aa4c93400a77eeeb8e70e54df4abb5aa52ac /src | |
| parent | c7e2496a2194557c8c52317209d1020dee845117 (diff) | |
| parent | 37b7affefde5443680d73642a990ce86776e28af (diff) | |
Merge pull request #1542 from keszybz/journal-audit-optional
Make journald audit socket maskable
Diffstat (limited to 'src')
| -rw-r--r-- | src/journal/journald-server.c | 27 | ||||
| -rw-r--r-- | src/journal/journald-stream.c | 7 | ||||
| -rw-r--r-- | src/journal/journald-stream.h | 4 |
3 files changed, 25 insertions, 13 deletions
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index fb172b7f5d..2d2a215f5d 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -1446,6 +1446,7 @@ static int server_open_hostname(Server *s) { int server_init(Server *s) { _cleanup_fdset_free_ FDSet *fds = NULL; int n, r, fd; + bool no_sockets; assert(s); @@ -1555,30 +1556,44 @@ int server_init(Server *s) { } } - r = server_open_stdout_socket(s, fds); - if (r < 0) - return r; + /* Try to restore streams, but don't bother if this fails */ + (void) server_restore_streams(s, fds); if (fdset_size(fds) > 0) { log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds)); fds = fdset_free(fds); } + no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0; + + /* always open stdout, syslog, native, and kmsg sockets */ + + /* systemd-journald.socket: /run/systemd/journal/stdout */ + r = server_open_stdout_socket(s); + if (r < 0) + return r; + + /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */ r = server_open_syslog_socket(s); if (r < 0) return r; + /* systemd-journald.socket: /run/systemd/journal/socket */ r = server_open_native_socket(s); if (r < 0) return r; + /* /dev/ksmg */ r = server_open_dev_kmsg(s); if (r < 0) return r; - r = server_open_audit(s); - if (r < 0) - return r; + /* Unless we got *some* sockets and not audit, open audit socket */ + if (s->audit_fd >= 0 || no_sockets) { + r = server_open_audit(s); + if (r < 0) + return r; + } r = server_open_kernel_seqnum(s); if (r < 0) diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c index 69e2d41863..cbdaa3b888 100644 --- a/src/journal/journald-stream.c +++ b/src/journal/journald-stream.c @@ -627,7 +627,7 @@ static int stdout_stream_restore(Server *s, const char *fname, int fd) { return 0; } -static int server_restore_streams(Server *s, FDSet *fds) { +int server_restore_streams(Server *s, FDSet *fds) { _cleanup_closedir_ DIR *d = NULL; struct dirent *de; int r; @@ -681,7 +681,7 @@ fail: return log_error_errno(errno, "Failed to read streams directory: %m"); } -int server_open_stdout_socket(Server *s, FDSet *fds) { +int server_open_stdout_socket(Server *s) { int r; assert(s); @@ -717,8 +717,5 @@ int server_open_stdout_socket(Server *s, FDSet *fds) { if (r < 0) return log_error_errno(r, "Failed to adjust priority of stdout server event source: %m"); - /* Try to restore streams, but don't bother if this fails */ - (void) server_restore_streams(s, fds); - return 0; } diff --git a/src/journal/journald-stream.h b/src/journal/journald-stream.h index 94bf955d78..257dce45df 100644 --- a/src/journal/journald-stream.h +++ b/src/journal/journald-stream.h @@ -24,6 +24,6 @@ #include "fdset.h" #include "journald-server.h" -int server_open_stdout_socket(Server *s, FDSet *fds); - +int server_open_stdout_socket(Server *s); +int server_restore_streams(Server *s, FDSet *fds); void stdout_stream_free(StdoutStream *s); |