[systemd-devel] [PATCH 1/2] RFC: journald: Do not always record _AUDIT_SESSION and _AUDIT_LOGINUID
Holger Hans Peter Freyther
holger at freyther.de
Sat Apr 6 01:20:34 PDT 2013
When systemd was compiled without audit support, do not collect the
audit session and loginuid in the journal. This is saving a couple of
syscalls and memory allocations per log message.
---
src/journal/journald-server.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index a9d7aa1..b97b9dc 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -555,8 +555,10 @@ static void dispatch_message_real(
assert(n + N_IOVEC_META_FIELDS <= m);
if (ucred) {
+#ifdef HAVE_AUDIT
uint32_t audit;
uid_t loginuid;
+#endif
realuid = ucred->uid;
@@ -596,6 +598,7 @@ static void dispatch_message_real(
IOVEC_SET_STRING(iovec[n++], cmdline);
}
+#ifdef HAVE_AUDIT
r = audit_session_from_pid(ucred->pid, &audit);
if (r >= 0)
if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
@@ -605,6 +608,7 @@ static void dispatch_message_real(
if (r >= 0)
if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
IOVEC_SET_STRING(iovec[n++], audit_loginuid);
+#endif
t = shortened_cgroup_path(ucred->pid);
if (t) {
--
1.7.10.4
More information about the systemd-devel
mailing list