Skip to content
  • Simon McVittie's avatar
    bus: move shared libaudit code to a new audit.[ch] · 327a52e4
    Simon McVittie authored
    This fixes various duplicated libaudit interactions in both
    SELinux and AppArmor code paths, including opening two audit sockets
    if both SELinux and AppArmor were enabled at compile time.
    In particular, audit.c is now the only user of libcap-ng.
    
    This commit is not intended to introduce any functional changes,
    except for the de-duplication.
    
    The actual audit_log_user_avc_message() call is still duplicated,
    because the SELinux and AppArmor code paths use different mechanisms
    to compose the audit message: the SELinux path uses a statically-sized
    buffer on the stack which might be subject to truncation, whereas
    the AppArmor path uses malloc() (via DBusString) and falls back to
    using syslog on a memory allocation failure.
    
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89225
    
    
    Reviewed-by: default avatarColin Walters <walters@verbum.org>
    [smcv: minor issues raised during review are subsequently fixed]
    Signed-off-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
    327a52e4