/* Any time an access gets denied this callback will be called code copied from dbus. If audit is turned on the messages will go as user_avc's into the /var/log/audit/audit.log, otherwise they will be sent to syslog. */ _printf_(2, 3) static int log_callback(int type, const char *fmt, ...) { va_list ap; #ifdef HAVE_AUDIT if (get_audit_fd() >= 0) { _cleanup_free_ char *buf = NULL; int r; va_start(ap, fmt); r = vasprintf(&buf, fmt, ap); va_end(ap); if (r >= 0) { audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0); return 0; } } #endif va_start(ap, fmt); log_internalv(LOG_AUTH | LOG_INFO, 0, __FILE__, __LINE__, __FUNCTION__, fmt, ap); va_end(ap); return 0; }
/* libselinux uses this callback when access gets denied or other events happen. If audit is turned on, messages will be reported using audit netlink, otherwise they will be logged using the usual channels. Code copied from dbus and modified. */ _printf_(2, 3) static int log_callback(int type, const char *fmt, ...) { va_list ap; const char *fmt2; #if HAVE_AUDIT int fd; fd = get_audit_fd(); if (fd >= 0) { _cleanup_free_ char *buf = NULL; int r; va_start(ap, fmt); r = vasprintf(&buf, fmt, ap); va_end(ap); if (r >= 0) { if (type == SELINUX_AVC) audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0); else if (type == SELINUX_ERROR) audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_SELINUX_ERR, buf, NULL, NULL, NULL, 0); return 0; } } #endif fmt2 = strjoina("selinux: ", fmt); va_start(ap, fmt); #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wformat-nonliteral" log_internalv(LOG_AUTH | callback_type_to_priority(type), 0, __FILE__, __LINE__, __FUNCTION__, fmt2, ap); #pragma GCC diagnostic pop va_end(ap); return 0; }
/* Any time an access gets denied this callback will be called code copied from dbus. If audit is turned on the messages will go as user_avc's into the /var/log/audit/audit.log, otherwise they will be sent to syslog. */ static int log_callback(int type, const char *fmt, ...) { va_list ap; va_start(ap, fmt); #ifdef HAVE_AUDIT if (get_audit_fd() >= 0) { char buf[LINE_MAX]; vsnprintf(buf, sizeof(buf), fmt, ap); audit_log_user_avc_message(get_audit_fd(), AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0); va_end(ap); return 0; } #endif log_metav(LOG_USER | LOG_INFO, __FILE__, __LINE__, __FUNCTION__, fmt, ap); va_end(ap); return 0; }