[systemd-commits] 2 commits - configure.ac .gitignore Makefile.am src/journal
Zbigniew Jędrzejewski-Szmek
zbyszek at kemper.freedesktop.org
Thu Apr 23 20:56:47 PDT 2015
.gitignore | 1
Makefile.am | 32 +++++++++++++++++++++++++++---
configure.ac | 1
src/journal/.gitignore | 2 +
src/journal/audit-type.c | 32 ++++++++++++++++++++++++++++++
src/journal/audit-type.h | 39 +++++++++++++++++++++++++++++++++++++
src/journal/journald-audit.c | 8 ++++---
src/journal/test-audit-type.c | 44 ++++++++++++++++++++++++++++++++++++++++++
8 files changed, 153 insertions(+), 6 deletions(-)
New commits:
commit 8bb3626dac93c0157989fb87afe0212958d7dbb4
Author: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Date: Tue Apr 14 10:29:03 2015 -0400
journal: use audit event names instead of numbers
<audit-1400> is replaced by AVC, etc.
A fallback mechanism is provided for unlisted event types.
Occasionally new types are added to the kernel, but not too often.
Add a simple "test", which simply prints the mapping.
diff --git a/.gitignore b/.gitignore
index bcf21fe..9da5122 100644
--- a/.gitignore
+++ b/.gitignore
@@ -141,6 +141,7 @@
/systemd-vconsole-setup
/tags
/test-architecture
+/test-audit-type
/test-async
/test-barrier
/test-boot-timestamp
diff --git a/Makefile.am b/Makefile.am
index c854b63..f936534 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4533,6 +4533,12 @@ test_compress_benchmark_LDADD = \
libsystemd-journal-internal.la \
libsystemd-shared.la
+test_audit_type_SOURCES = \
+ src/journal/test-audit-type.c
+
+test_audit_type_LDADD = \
+ libsystemd-journal-core.la
+
libsystemd_journal_core_la_SOURCES = \
src/journal/journald-kmsg.c \
src/journal/journald-kmsg.h \
@@ -4615,7 +4621,8 @@ tests += \
test-journal-interleaving \
test-journal-flush \
test-mmap-cache \
- test-catalog
+ test-catalog \
+ test-audit-type
if HAVE_COMPRESSION
tests += \
diff --git a/src/journal/audit-type.c b/src/journal/audit-type.c
index b8c8ee5..4888c7d 100644
--- a/src/journal/audit-type.c
+++ b/src/journal/audit-type.c
@@ -19,6 +19,7 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include <stdio.h>
#include <linux/audit.h>
#ifdef HAVE_AUDIT
# include <libaudit.h>
diff --git a/src/journal/audit-type.h b/src/journal/audit-type.h
index 9f37716..fa5284e 100644
--- a/src/journal/audit-type.h
+++ b/src/journal/audit-type.h
@@ -21,6 +21,19 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include "macro.h"
const char *audit_type_to_string(int type);
int audit_type_from_string(const char *s);
+
+/* This is inspired by DNS TYPEnnn formatting */
+#define audit_type_name_alloca(type) \
+ ({ \
+ const char *_s_; \
+ _s_ = audit_type_to_string(type); \
+ if (!_s_) { \
+ _s_ = alloca(strlen("AUDIT") + DECIMAL_STR_MAX(int)); \
+ sprintf((char*) _s_, "AUDIT%04i", type); \
+ } \
+ _s_; \
+ })
diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c
index 46eb82f..64395e1 100644
--- a/src/journal/journald-audit.c
+++ b/src/journal/journald-audit.c
@@ -21,6 +21,7 @@
#include "missing.h"
#include "journald-audit.h"
+#include "audit-type.h"
typedef struct MapField {
const char *audit_field;
@@ -336,7 +337,7 @@ static void process_audit_string(Server *s, int type, const char *data, size_t s
size_t n_iov_allocated = 0;
unsigned n_iov = 0, k;
uint64_t seconds, msec, id;
- const char *p;
+ const char *p, *type_name;
unsigned z;
char id_field[sizeof("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)],
type_field[sizeof("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)],
@@ -396,8 +397,9 @@ static void process_audit_string(Server *s, int type, const char *data, size_t s
IOVEC_SET_STRING(iov[n_iov++], "SYSLOG_FACILITY=32");
IOVEC_SET_STRING(iov[n_iov++], "SYSLOG_IDENTIFIER=audit");
- m = alloca(strlen("MESSAGE=<audit-") + DECIMAL_STR_MAX(int) + strlen("> ") + strlen(p) + 1);
- sprintf(m, "MESSAGE=<audit-%i> %s", type, p);
+ type_name = audit_type_name_alloca(type);
+
+ m = strjoina("MESSAGE=", type_name, " ", p);
IOVEC_SET_STRING(iov[n_iov++], m);
z = n_iov;
diff --git a/src/journal/test-audit-type.c b/src/journal/test-audit-type.c
new file mode 100644
index 0000000..7946cf3
--- /dev/null
+++ b/src/journal/test-audit-type.c
@@ -0,0 +1,44 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2015 Zbigniew Jędrzejewski-Szmek
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <stdio.h>
+#include <linux/audit.h>
+
+#include "audit-type.h"
+
+static void print_audit_label(int i) {
+ const char *name;
+
+ name = audit_type_name_alloca(i);
+ /* This is a separate function only because of alloca */
+ printf("%i → %s → %s\n", i, audit_type_to_string(i), name);
+}
+
+static void test_audit_type(void) {
+ int i;
+
+ for (i = 0; i <= AUDIT_KERNEL; i++)
+ print_audit_label(i);
+}
+
+int main(int argc, char **argv) {
+ test_audit_type();
+}
commit 4733607eec54034d2083534ebff2dad89c28574e
Author: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Date: Mon Mar 16 13:14:18 2015 -0400
journal: add int↔audit type name mapping
diff --git a/Makefile.am b/Makefile.am
index be7e9a2..c854b63 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -218,6 +218,7 @@ AM_CPPFLAGS = \
-I $(top_srcdir)/src/network \
-I $(top_srcdir)/src/login \
-I $(top_srcdir)/src/journal \
+ -I $(top_builddir)/src/journal \
-I $(top_srcdir)/src/timedate \
-I $(top_srcdir)/src/timesync \
-I $(top_srcdir)/src/resolve \
@@ -1313,13 +1314,25 @@ src/shared/cap-from-name.gperf: src/shared/cap-list.txt
src/shared/cap-from-name.h: src/shared/cap-from-name.gperf
$(AM_V_GPERF)$(GPERF) -L ANSI-C -t --ignore-case -N lookup_capability -H hash_capability_name -p -C <$< >$@
+audit_list_includes = -include linux/audit.h missing.h
+if HAVE_AUDIT
+audit_list_includes += -include libaudit.h
+endif
+
+src/journal/audit_type-list.txt:
+ $(AM_V_at)$(MKDIR_P) $(dir $@)
+ $(AM_V_GEN)$(CPP) $(CFLAGS) $(AM_CPPFLAGS) $(CPPFLAGS) -dM -include linux/audit.h -include missing.h - </dev/null | grep -vE 'AUDIT_.*(FIRST|LAST)_' | $(SED) -r -n 's/^#define\s+AUDIT_(\w+)\s+([0-9]{4})\s*$$/\1\t\2/p' | sort -k2 >$@
+
+src/journal/audit_type-to-name.h: src/journal/audit_type-list.txt
+ $(AM_V_GEN)$(AWK) 'BEGIN{ print "const char *audit_type_to_string(int type) {\n\tswitch(type) {" } {printf " case AUDIT_%s: return \"%s\";\n", $$1, $$1 } END{ print " default: return NULL;\n\t}\n}\n" }' <$< >$@
+
src/resolve/dns_type-list.txt: src/resolve/dns-type.h
$(AM_V_at)$(MKDIR_P) $(dir $@)
$(AM_V_GEN)$(SED) -n -r 's/.* DNS_TYPE_(\w+).*/\1/p' <$< >$@
src/resolve/dns_type-to-name.h: src/resolve/dns_type-list.txt
- $(AM_V_GEN)$(AWK) 'BEGIN{ print "const char *dns_type_to_string(int type) {\n\tswitch(type) {" } {printf " case DNS_TYPE_%s: return ", $$1; sub(/_/, "-"); printf "\"%s\";\n", $$1 } END{ print "\ndefault: return NULL;\n\t}\n}\n" }' <$< >$@
+ $(AM_V_GEN)$(AWK) 'BEGIN{ print "const char *dns_type_to_string(int type) {\n\tswitch(type) {" } {printf " case DNS_TYPE_%s: return ", $$1; sub(/_/, "-"); printf "\"%s\";\n", $$1 } END{ print " default: return NULL;\n\t}\n}\n" }' <$< >$@
src/resolve/dns_type-from-name.gperf: src/resolve/dns_type-list.txt
$(AM_V_GEN)$(AWK) 'BEGIN{ print "struct dns_type_name { const char* name; int id; };"; print "%null-strings"; print "%%";} { s=$$1; sub(/_/, "-", s); printf "%s, ", $$s; printf "DNS_TYPE_%s\n", $$1 }' <$< >$@
@@ -4634,7 +4647,13 @@ libsystemd_journal_internal_la_SOURCES = \
src/journal/catalog.h \
src/journal/mmap-cache.c \
src/journal/mmap-cache.h \
- src/journal/compress.c
+ src/journal/compress.c \
+ src/journal/audit-type.h \
+ src/journal/audit-type.c \
+ src/journal/audit_type-to-name.h
+
+gperf_txt_sources += \
+ src/journal/audit_type-list.txt
# using _CFLAGS = in the conditional below would suppress AM_CFLAGS
libsystemd_journal_internal_la_CFLAGS = \
diff --git a/configure.ac b/configure.ac
index fbb437e..600e203 100644
--- a/configure.ac
+++ b/configure.ac
@@ -781,6 +781,7 @@ else
AUDIT_LIBS=
fi
AC_SUBST(AUDIT_LIBS)
+AM_CONDITIONAL([HAVE_AUDIT], [test "x$have_audit" != xno])
# ------------------------------------------------------------------------------
AC_ARG_ENABLE([elfutils],
diff --git a/src/journal/.gitignore b/src/journal/.gitignore
index d6a7946..0f094f5 100644
--- a/src/journal/.gitignore
+++ b/src/journal/.gitignore
@@ -1,2 +1,4 @@
/journald-gperf.c
/libsystemd-journal.pc
+/audit_type-list.txt
+/audit_type-to-name.h
diff --git a/src/journal/audit-type.c b/src/journal/audit-type.c
new file mode 100644
index 0000000..b8c8ee5
--- /dev/null
+++ b/src/journal/audit-type.c
@@ -0,0 +1,31 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2015 Zbigniew Jędrzejewski-Szmek
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <linux/audit.h>
+#ifdef HAVE_AUDIT
+# include <libaudit.h>
+#endif
+
+#include "audit-type.h"
+#include "macro.h"
+#include "missing.h"
+
+#include "audit_type-to-name.h"
diff --git a/src/journal/audit-type.h b/src/journal/audit-type.h
new file mode 100644
index 0000000..9f37716
--- /dev/null
+++ b/src/journal/audit-type.h
@@ -0,0 +1,26 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+ This file is part of systemd.
+
+ Copyright 2015 Zbigniew Jędrzejewski-Szmek
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+
+const char *audit_type_to_string(int type);
+int audit_type_from_string(const char *s);
More information about the systemd-commits
mailing list