diff --git a/src/nm-audit-manager.c b/src/nm-audit-manager.c index de4e56c254..007e4321e7 100644 --- a/src/nm-audit-manager.c +++ b/src/nm-audit-manager.c @@ -165,15 +165,27 @@ nm_audit_log (NMAuditManager *self, GPtrArray *fields, const char *file, static void _audit_log_helper (NMAuditManager *self, GPtrArray *fields, const char *file, guint line, const char *func, const char *op, gboolean result, - NMAuthSubject *subject, const char *reason) + gpointer subject_context, const char *reason) { AuditField op_field = { }, pid_field = { }, uid_field = { }; AuditField result_field = { }, reason_field = { }; gulong pid, uid; + NMAuthSubject *subject = NULL; + gs_unref_object NMAuthSubject *subject_free = NULL; _audit_field_init_string (&op_field, "op", op, FALSE, BACKEND_ALL); g_ptr_array_insert (fields, 0, &op_field); + if (subject_context) { + if (NM_IS_AUTH_SUBJECT (subject_context)) + subject = subject_context; + else if (G_IS_DBUS_METHOD_INVOCATION (subject_context)) { + GDBusMethodInvocation *context = subject_context; + + subject = subject_free = nm_auth_subject_new_unix_process_from_context (context); + } else + g_warn_if_reached (); + } if (subject && nm_auth_subject_is_unix_process (subject)) { pid = nm_auth_subject_get_unix_process_pid (subject); uid = nm_auth_subject_get_unix_process_uid (subject); @@ -215,7 +227,7 @@ nm_audit_manager_audit_enabled (NMAuditManager *self) void _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMSettingsConnection *connection, - gboolean result, NMAuthSubject *subject, const char *reason) + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; AuditField uuid_field = { }, name_field = { }; @@ -234,13 +246,13 @@ _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, gui g_ptr_array_add (fields, &name_field); } - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } void _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, const char *arg, - gboolean result, NMAuthSubject *subject, + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; @@ -254,13 +266,13 @@ _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint _audit_field_init_string (&arg_field, "arg", arg, TRUE, BACKEND_ALL); g_ptr_array_add (fields, &arg_field); - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } void _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMDevice *device, - gboolean result, NMAuthSubject *subject, + gboolean result, gpointer subject_context, const char *reason) { gs_unref_ptrarray GPtrArray *fields = NULL; @@ -282,7 +294,7 @@ _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint l g_ptr_array_add (fields, &ifindex_field); } - _audit_log_helper (self, fields, file, line, func, op, result, subject, reason); + _audit_log_helper (self, fields, file, line, func, op, result, subject_context, reason); } #if HAVE_LIBAUDIT diff --git a/src/nm-audit-manager.h b/src/nm-audit-manager.h index 78333c8bed..a3f7bc72f9 100644 --- a/src/nm-audit-manager.h +++ b/src/nm-audit-manager.h @@ -66,48 +66,48 @@ GType nm_audit_manager_get_type (void); NMAuditManager *nm_audit_manager_get (void); gboolean nm_audit_manager_audit_enabled (NMAuditManager *self); -#define nm_audit_log_connection_op(op, connection, result, subject, reason) \ +#define nm_audit_log_connection_op(op, connection, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_connection_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (connection), (result), (subject), \ + (op), (connection), (result), (subject_context), \ (reason)); \ } \ } G_STMT_END -#define nm_audit_log_control_op(op, arg, result, subject, reason) \ +#define nm_audit_log_control_op(op, arg, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_control_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (arg), (result), (subject), (reason)); \ + (op), (arg), (result), (subject_context), (reason)); \ } \ } G_STMT_END -#define nm_audit_log_device_op(op, device, result, subject, reason) \ +#define nm_audit_log_device_op(op, device, result, subject_context, reason) \ G_STMT_START { \ NMAuditManager *_audit = nm_audit_manager_get (); \ \ if (nm_audit_manager_audit_enabled (_audit)) { \ _nm_audit_manager_log_device_op (_audit, __FILE__, __LINE__, G_STRFUNC, \ - (op), (device), (result), (subject), (reason)); \ + (op), (device), (result), (subject_context), (reason)); \ } \ } G_STMT_END void _nm_audit_manager_log_connection_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMSettingsConnection *connection, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); void _nm_audit_manager_log_control_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, const char *arg, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); void _nm_audit_manager_log_device_op (NMAuditManager *self, const char *file, guint line, const char *func, const char *op, NMDevice *device, - gboolean result, NMAuthSubject *subject, const char *reason); + gboolean result, gpointer subject_context, const char *reason); G_END_DECLS #endif /* __NM_AUDIT_MANAGER_H__ */