Commit 517c4685 authored by Laurent Bigonville's avatar Laurent Bigonville Committed by Simon McVittie

Initialize audit subsystem even for the session bus

If SELinux is enabled on the system, dbus will check the permissions but
no audit trails will be generated in case of denial as the audit
subsystem is not initialized. Same should apply for apparmor.

[smcv: without audit, the equivalent of the audit trail goes to stderr
where it can be picked up by systemd-journald]

A unprivileged user should be able to open the audit socket
(audit_open()) but should not have the permissions to log an audit
trail. The CAP_AUDIT_WRITE file capability could be set on the
dbus-daemon executable in order to allow the session bus to log an AVC
denial.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83856
[smcv: s/should/could/ in commit message to reflect lack of consensus that
"setcap cap_audit_write+ep dbus-daemon" is desirable in general]
Reviewed-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
parent 2602ca61
......@@ -972,10 +972,10 @@ bus_context_new (const DBusString *config_file,
_DBUS_ASSERT_ERROR_IS_SET (error);
goto failed;
}
bus_audit_init (context);
}
bus_audit_init (context);
dbus_server_free_data_slot (&server_data_slot);
return context;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment