[systemd-devel] [PATCH 1/2] RFC: journald: Do not always record _AUDIT_SESSION and _AUDIT_LOGINUID
Lennart Poettering
lennart at poettering.net
Mon Apr 8 06:31:35 PDT 2013
On Sat, 06.04.13 10:20, Holger Hans Peter Freyther (holger at freyther.de) wrote:
> When systemd was compiled without audit support, do not collect the
> audit session and loginuid in the journal. This is saving a couple of
> syscalls and memory allocations per log message.
Looks good!
Applied!
Thanks!
Lennart
> ---
> src/journal/journald-server.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
> index a9d7aa1..b97b9dc 100644
> --- a/src/journal/journald-server.c
> +++ b/src/journal/journald-server.c
> @@ -555,8 +555,10 @@ static void dispatch_message_real(
> assert(n + N_IOVEC_META_FIELDS <= m);
>
> if (ucred) {
> +#ifdef HAVE_AUDIT
> uint32_t audit;
> uid_t loginuid;
> +#endif
>
> realuid = ucred->uid;
>
> @@ -596,6 +598,7 @@ static void dispatch_message_real(
> IOVEC_SET_STRING(iovec[n++], cmdline);
> }
>
> +#ifdef HAVE_AUDIT
> r = audit_session_from_pid(ucred->pid, &audit);
> if (r >= 0)
> if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
> @@ -605,6 +608,7 @@ static void dispatch_message_real(
> if (r >= 0)
> if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
> IOVEC_SET_STRING(iovec[n++], audit_loginuid);
> +#endif
>
> t = shortened_cgroup_path(ucred->pid);
> if (t) {
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list