diff options
author | Thomas Haller <thaller@redhat.com> | 2016-01-07 16:31:19 +0100 |
---|---|---|
committer | Lubomir Rintel <lkundrak@v3.sk> | 2016-01-10 23:14:29 +0100 |
commit | 06dfaeec0967ed9065ff04391658ed6f18f6e621 (patch) | |
tree | b1e700e96411d30ed91cb2218f4e7d091dabfc8f | |
parent | 8adff4993c7f1a0e3e03f3dd7fbffd5d9b0d6fb8 (diff) | |
download | NetworkManager-06dfaeec0967ed9065ff04391658ed6f18f6e621.tar.gz |
audit: allow passing GDBusMethodInvocation context to audit methods
-rw-r--r-- | src/nm-audit-manager.c | 26 | ||||
-rw-r--r-- | src/nm-audit-manager.h | 18 |
2 files changed, 28 insertions, 16 deletions
diff --git a/src/nm-audit-manager.c b/src/nm-audit-manager.c index de4e56c254..007e4321e7 100644 --- a/src/nm-audit-manager.c +++ b/src/nm-audit-manager.c @@ -165,15 +165,27 @@ nm_audit_log (NMAuditManager *self, GPtrArray *fields, const char *file, static void _audit_log_helper (NMAuditManager *self, GPtrArray *fields, const char *file, guint line, const char *func, const char *op, gboolean result, - NMAuthSubject *subject, const char *reason) + gpointer subject_context, const char *reason) { AuditField op_field = { }, pid_field = { }, uid_field = { }; AuditField result_field = { }, reason_field = { }; gulong pid, uid; + NMAuthSubject *subject = NULL; + gs_unref_object NMAuthSubject *subject_free = NULL; _audit_field_init_string (&op_field, "op", op, FALSE, BACKEND_ALL); g_ptr_array_insert (fields, 0, &op_field); + if (subject_context) { + if (NM_IS_AUTH_SUBJECT (subject_context)) + subject = subject_context; + else if (G_IS_DBUS_METHOD_INVOCATION (subject_context)) { + GDBusMethodInvocation *context = subject_context; + + subject = subject_free = nm_auth_subject_new_unix_process_from_context (context); + } else + g_warn_if_reached (); + } if (subject && nm_auth_subject_is_unix_process (subject)) { pid = nm_auth_subject_get_unix_process_pid (subject); uid = nm_auth_subject_get_unix_process_uid (subject); @@ -215,7 +227,7 @@ nm_audit_manager_audit_enabled (NMAuditManager *self) void _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMSettingsConnection *connection, - gboolean result, NMAuthSubject *subject, const char *reason) + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; AuditField uuid_field = { }, name_field = { }; @@ -234,13 +246,13 @@ _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, gui g_ptr_array_add (fields, &name_field); } - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } void _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, const char *arg, - gboolean result, NMAuthSubject *subject, + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; @@ -254,13 +266,13 @@ _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint _audit_field_init_string (&arg_field, "arg", arg, TRUE, BACKEND_ALL); g_ptr_array_add (fields, &arg_field); - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } void _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMDevice *device, - gboolean result, NMAuthSubject *subject, + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; @@ -282,7 +294,7 @@ _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint l g_ptr_array_add (fields, &ifindex_field); } - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } #if HAVE_LIBAUDIT diff --git a/src/nm-audit-manager.h b/src/nm-audit-manager.h index 78333c8bed..a3f7bc72f9 100644 --- a/src/nm-audit-manager.h +++ b/src/nm-audit-manager.h @@ -66,48 +66,48 @@ GType nm_audit_manager_get_type (void); NMAuditManager *nm_audit_manager_get (void); gboolean nm_audit_manager_audit_enabled (NMAuditManager *self); -#define nm_audit_log_connection_op(op, connection, result, subject, reason) \ +#define nm_audit_log_connection_op(op, connection, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_connection_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (connection), (result), (subject), \ + (op), (connection), (result), (subject_context), \ (reason)); \ } \ } G_STMT_END -#define nm_audit_log_control_op(op, arg, result, subject, reason) \ +#define nm_audit_log_control_op(op, arg, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_control_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (arg), (result), (subject), (reason)); \ + (op), (arg), (result), (subject_context), (reason)); \ } \ } G_STMT_END -#define nm_audit_log_device_op(op, device, result, subject, reason) \ +#define nm_audit_log_device_op(op, device, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_device_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (device), (result), (subject), (reason)); \ + (op), (device), (result), (subject_context), (reason)); \ } \ } G_STMT_END void _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMSettingsConnection *connection, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); void _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, const char *arg, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); void _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMDevice *device, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); G_END_DECLS #endif /* __NM_AUDIT_MANAGER_H__ */ |