audit: add @args to device logging functions
This commit is contained in:
Beniamino Galvani
@@ -8674,7 +8674,7 @@ reapply_cb (NMDevice *self,
|
||||
}
|
||||
|
||||
if (error) {
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, subject, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, NULL, subject, error->message);
|
||||
g_dbus_method_invocation_return_gerror (context, error);
|
||||
return;
|
||||
}
|
||||
@@ -8683,11 +8683,11 @@ reapply_cb (NMDevice *self,
|
||||
connection ? : (NMConnection *) nm_device_get_settings_connection (self),
|
||||
version_id,
|
||||
&local)) {
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, subject, local->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, NULL, subject, local->message);
|
||||
g_dbus_method_invocation_take_error (context, local);
|
||||
local = NULL;
|
||||
} else {
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, TRUE, subject, NULL);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, TRUE, NULL, subject, NULL);
|
||||
g_dbus_method_invocation_return_value (context, NULL);
|
||||
}
|
||||
}
|
||||
@@ -8710,7 +8710,7 @@ impl_device_reapply (NMDevice *self,
|
||||
error = g_error_new_literal (NM_DEVICE_ERROR,
|
||||
NM_DEVICE_ERROR_FAILED,
|
||||
"Invalid flags specified");
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, context, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, NULL, context, error->message);
|
||||
g_dbus_method_invocation_take_error (context, error);
|
||||
return;
|
||||
}
|
||||
@@ -8719,7 +8719,7 @@ impl_device_reapply (NMDevice *self,
|
||||
error = g_error_new_literal (NM_DEVICE_ERROR,
|
||||
NM_DEVICE_ERROR_NOT_ACTIVE,
|
||||
"Device is not activated");
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, context, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, NULL, context, error->message);
|
||||
g_dbus_method_invocation_take_error (context, error);
|
||||
return;
|
||||
}
|
||||
@@ -8735,7 +8735,7 @@ impl_device_reapply (NMDevice *self,
|
||||
&error);
|
||||
if (!connection) {
|
||||
g_prefix_error (&error, "The settings specified are invalid: ");
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, context, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_REAPPLY, self, FALSE, NULL, context, error->message);
|
||||
g_dbus_method_invocation_take_error (context, error);
|
||||
return;
|
||||
}
|
||||
@@ -8865,7 +8865,7 @@ disconnect_cb (NMDevice *self,
|
||||
|
||||
if (error) {
|
||||
g_dbus_method_invocation_return_gerror (context, error);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, FALSE, subject, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, FALSE, NULL, subject, error->message);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -8874,7 +8874,7 @@ disconnect_cb (NMDevice *self,
|
||||
local = g_error_new_literal (NM_DEVICE_ERROR,
|
||||
NM_DEVICE_ERROR_NOT_ACTIVE,
|
||||
"Device is not active");
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, FALSE, subject, local->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, FALSE, NULL, subject, local->message);
|
||||
g_dbus_method_invocation_take_error (context, local);
|
||||
} else {
|
||||
nm_device_set_autoconnect_intern (self, FALSE);
|
||||
@@ -8883,7 +8883,7 @@ disconnect_cb (NMDevice *self,
|
||||
NM_DEVICE_STATE_DEACTIVATING,
|
||||
NM_DEVICE_STATE_REASON_USER_REQUESTED);
|
||||
g_dbus_method_invocation_return_value (context, NULL);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, TRUE, subject, NULL);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DISCONNECT, self, TRUE, NULL, subject, NULL);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8934,12 +8934,12 @@ delete_cb (NMDevice *self,
|
||||
|
||||
if (error) {
|
||||
g_dbus_method_invocation_return_gerror (context, error);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DELETE, self, FALSE, subject, error->message);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DELETE, self, FALSE, NULL, subject, error->message);
|
||||
return;
|
||||
}
|
||||
|
||||
/* Authorized */
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DELETE, self, TRUE, subject, NULL);
|
||||
nm_audit_log_device_op (NM_AUDIT_OP_DEVICE_DELETE, self, TRUE, NULL, subject, NULL);
|
||||
if (nm_device_unrealize (self, TRUE, &local))
|
||||
g_dbus_method_invocation_return_value (context, NULL);
|
||||
else
|
||||
|
||||
@@ -302,11 +302,11 @@ _nm_audit_manager_log_generic_op (NMAuditManager *self, const char *file, guint
|
||||
void
|
||||
_nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line,
|
||||
const char *func, const char *op, NMDevice *device,
|
||||
gboolean result, gpointer subject_context,
|
||||
gboolean result, const char *args, gpointer subject_context,
|
||||
const char *reason)
|
||||
{
|
||||
gs_unref_ptrarray GPtrArray *fields = NULL;
|
||||
AuditField interface_field = { }, ifindex_field = { };
|
||||
AuditField interface_field = { }, ifindex_field = { }, args_field = { };
|
||||
int ifindex;
|
||||
|
||||
g_return_if_fail (op);
|
||||
@@ -324,6 +324,11 @@ _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint l
|
||||
g_ptr_array_add (fields, &ifindex_field);
|
||||
}
|
||||
|
||||
if (args) {
|
||||
_audit_field_init_string (&args_field, "args", args, FALSE, BACKEND_ALL);
|
||||
g_ptr_array_add (fields, &args_field);
|
||||
}
|
||||
|
||||
_audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason);
|
||||
}
|
||||
|
||||
|
||||
@@ -83,13 +83,13 @@ gboolean nm_audit_manager_audit_enabled (NMAuditManager *self);
|
||||
} \
|
||||
} G_STMT_END
|
||||
|
||||
#define nm_audit_log_device_op(op, device, result, subject_context, reason) \
|
||||
#define nm_audit_log_device_op(op, device, result, args, subject_context, reason) \
|
||||
G_STMT_START { \
|
||||
NMAuditManager *_audit = nm_audit_manager_get (); \
|
||||
\
|
||||
if (nm_audit_manager_audit_enabled (_audit)) { \
|
||||
_nm_audit_manager_log_device_op (_audit, __FILE__, __LINE__, G_STRFUNC, \
|
||||
(op), (device), (result), (subject_context), (reason)); \
|
||||
(op), (device), (result), (args), (subject_context), (reason)); \
|
||||
} \
|
||||
} G_STMT_END
|
||||
|
||||
@@ -114,6 +114,7 @@ void _nm_audit_manager_log_generic_op (NMAuditManager *self, const char *file
|
||||
|
||||
void _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line,
|
||||
const char *func, const char *op, NMDevice *device,
|
||||
gboolean result, gpointer subject_context, const char *reason);
|
||||
gboolean result, const char *args, gpointer subject_context,
|
||||
const char *reason);
|
||||
|
||||
#endif /* __NM_AUDIT_MANAGER_H__ */
|
||||
|
||||
Reference in New Issue
Block a user