diff options
| author | William Jon McCann <jmccann@redhat.com> | 2008-04-03 22:09:26 -0400 |
|---|---|---|
| committer | William Jon McCann <jmccann@redhat.com> | 2008-04-03 22:09:26 -0400 |
| commit | e633be1b9a81cfb7993e469066e50af47f563575 (patch) | |
| tree | 1449c68f2caab4c717ca2514ee547716fc2916d3 | |
| parent | 4740245c6f6137175ef51be2207c35185f4d98f1 (diff) | |
initial login session id support
Linux audit session id support. Still TODO:
* determine if session id should be hidden
* export to bus
* add to event log
* figure out how to add it to non-generated sessions
| -rw-r--r-- | src/ck-session-leader.c | 1 | ||||
| -rw-r--r-- | src/ck-session.c | 48 | ||||
| -rw-r--r-- | src/ck-session.h | 6 | ||||
| -rw-r--r-- | src/ck-sysdeps-freebsd.c | 9 | ||||
| -rw-r--r-- | src/ck-sysdeps-linux.c | 66 | ||||
| -rw-r--r-- | src/ck-sysdeps-solaris.c | 9 | ||||
| -rw-r--r-- | src/ck-sysdeps.h | 2 | ||||
| -rw-r--r-- | tools/ck-collect-session-info.c | 10 |
8 files changed, 151 insertions, 0 deletions
diff --git a/src/ck-session-leader.c b/src/ck-session-leader.c index 756feac..48df0b8 100644 --- a/src/ck-session-leader.c +++ b/src/ck-session-leader.c @@ -198,6 +198,7 @@ static struct { char *key; CkAddParamFunc func; } parse_ops[] = { + { "login-session-id", add_param_string }, { "display-device", add_param_string }, { "x11-display-device", add_param_string }, { "x11-display", add_param_string }, diff --git a/src/ck-session.c b/src/ck-session.c index d9e32be..52ee2c2 100644 --- a/src/ck-session.c +++ b/src/ck-session.c @@ -58,6 +58,7 @@ struct CkSessionPrivate char *seat_id; char *session_type; + char *login_session_id; char *display_device; char *x11_display_device; char *x11_display; @@ -98,6 +99,7 @@ enum { PROP_DISPLAY_DEVICE, PROP_SESSION_TYPE, PROP_REMOTE_HOST_NAME, + PROP_LOGIN_SESSION_ID, PROP_IS_LOCAL, PROP_ACTIVE, PROP_IDLE_HINT, @@ -498,6 +500,20 @@ ck_session_get_display_device (CkSession *session, } gboolean +ck_session_get_login_session_id (CkSession *session, + char **login_session_id, + GError **error) +{ + g_return_val_if_fail (CK_IS_SESSION (session), FALSE); + + if (login_session_id != NULL) { + *login_session_id = g_strdup (session->priv->login_session_id); + } + + return TRUE; +} + +gboolean ck_session_get_x11_display_device (CkSession *session, char **x11_display_device, GError **error) @@ -672,6 +688,19 @@ ck_session_set_x11_display_device (CkSession *session, } gboolean +ck_session_set_login_session_id (CkSession *session, + const char *login_session_id, + GError **error) +{ + g_return_val_if_fail (CK_IS_SESSION (session), FALSE); + + g_free (session->priv->login_session_id); + session->priv->login_session_id = g_strdup (login_session_id); + + return TRUE; +} + +gboolean ck_session_set_remote_host_name (CkSession *session, const char *remote_host_name, GError **error) @@ -732,6 +761,9 @@ ck_session_set_property (GObject *object, case PROP_DISPLAY_DEVICE: ck_session_set_display_device (self, g_value_get_string (value), NULL); break; + case PROP_LOGIN_SESSION_ID: + ck_session_set_login_session_id (self, g_value_get_string (value), NULL); + break; case PROP_UNIX_USER: ck_session_set_unix_user (self, g_value_get_uint (value), NULL); break; @@ -785,6 +817,9 @@ ck_session_get_property (GObject *object, case PROP_DISPLAY_DEVICE: g_value_set_string (value, self->priv->display_device); break; + case PROP_LOGIN_SESSION_ID: + g_value_set_string (value, self->priv->login_session_id); + break; case PROP_UNIX_USER: g_value_set_uint (value, self->priv->uid); break; @@ -975,6 +1010,13 @@ ck_session_class_init (CkSessionClass *klass) NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); g_object_class_install_property (object_class, + PROP_LOGIN_SESSION_ID, + g_param_spec_string ("login-session-id", + "login-session-id", + "login session id", + NULL, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); + g_object_class_install_property (object_class, PROP_X11_DISPLAY, g_param_spec_string ("x11-display", "x11-display", @@ -1272,6 +1314,12 @@ ck_session_dump (CkSession *session, "type", NONULL_STRING (session->priv->session_type)); } + if (session->priv->login_session_id != NULL && strlen (session->priv->login_session_id) > 0) { + g_key_file_set_string (key_file, + group_name, + "login_session_id", + NONULL_STRING (session->priv->login_session_id)); + } if (session->priv->display_device != NULL && strlen (session->priv->display_device) > 0) { g_key_file_set_string (key_file, group_name, diff --git a/src/ck-session.h b/src/ck-session.h index 8c5c00e..66ca705 100644 --- a/src/ck-session.h +++ b/src/ck-session.h @@ -104,12 +104,18 @@ gboolean ck_session_set_x11_display_device (CkSession *se gboolean ck_session_set_display_device (CkSession *session, const char *device, GError **error); +gboolean ck_session_set_login_session_id (CkSession *session, + const char *login_session_id, + GError **error); gboolean ck_session_set_remote_host_name (CkSession *session, const char *remote_host_name, GError **error); gboolean ck_session_set_session_type (CkSession *session, const char *type, GError **error); +gboolean ck_session_get_login_session_id (CkSession *session, + char **login_session_id, + GError **error); /* Exported methods */ diff --git a/src/ck-sysdeps-freebsd.c b/src/ck-sysdeps-freebsd.c index d7c7c0c..a30c380 100644 --- a/src/ck-sysdeps-freebsd.c +++ b/src/ck-sysdeps-freebsd.c @@ -315,6 +315,15 @@ ck_unix_pid_get_uid (pid_t pid) } gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + g_return_val_if_fail (pid > 1, FALSE); + + return FALSE; +} + +gboolean ck_get_max_num_consoles (guint *num) { int max_consoles; diff --git a/src/ck-sysdeps-linux.c b/src/ck-sysdeps-linux.c index 7dc99f7..09db310 100644 --- a/src/ck-sysdeps-linux.c +++ b/src/ck-sysdeps-linux.c @@ -618,6 +618,72 @@ ck_unix_pid_get_ppid (pid_t pid) } gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + gboolean ret; + gboolean res; + char *path; + char *contents; + gsize length; + GError *error; + char *end_of_valid_ulong; + gulong ulong_value; + + g_return_val_if_fail (pid > 1, FALSE); + + ret = FALSE; + contents = NULL; + + path = g_strdup_printf ("/proc/%u/sessionid", (guint)pid); + + error = NULL; + res = g_file_get_contents (path, + &contents, + &length, + &error); + if (! res) { + g_warning ("Couldn't read %s: %s", path, error->message); + g_error_free (error); + goto out; + } + + if (contents[0] == '\0') { + g_warning ("Couldn't read %s: empty file", path); + goto out; + } + + errno = 0; + ulong_value = strtoul (contents, &end_of_valid_ulong, 10); + + if (*end_of_valid_ulong != '\0') { + goto out; + } + + if (errno == ERANGE) { + g_warning ("Couldn't read %s: %s", path, g_strerror (errno)); + goto out; + } + + /* Will be G_MAXULONG if it isn't set */ + if (ulong_value == G_MAXULONG) { + goto out; + } + + if (idp != NULL) { + *idp = g_strdup_printf ("%lu", (unsigned long int)ulong_value); + } + + ret = TRUE; + + out: + g_free (contents); + g_free (path); + + return ret; +} + +gboolean ck_get_max_num_consoles (guint *num) { if (num != NULL) { diff --git a/src/ck-sysdeps-solaris.c b/src/ck-sysdeps-solaris.c index 87bf4fd..cd17bf7 100644 --- a/src/ck-sysdeps-solaris.c +++ b/src/ck-sysdeps-solaris.c @@ -356,6 +356,15 @@ ck_unix_pid_get_ppid (pid_t pid) } gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + g_return_val_if_fail (pid > 1, FALSE); + + return FALSE; +} + +gboolean ck_get_max_num_consoles (guint *num) { GError *error; diff --git a/src/ck-sysdeps.h b/src/ck-sysdeps.h index f0fceb7..c3f3756 100644 --- a/src/ck-sysdeps.h +++ b/src/ck-sysdeps.h @@ -45,6 +45,8 @@ GHashTable *ck_unix_pid_get_env_hash (pid_t pid); pid_t ck_unix_pid_get_ppid (pid_t pid); uid_t ck_unix_pid_get_uid (pid_t pid); +gboolean ck_unix_pid_get_login_session_id (pid_t pid, + char **id); gboolean ck_get_socket_peer_credentials (int socket_fd, diff --git a/tools/ck-collect-session-info.c b/tools/ck-collect-session-info.c index 334c088..75d8d45 100644 --- a/tools/ck-collect-session-info.c +++ b/tools/ck-collect-session-info.c @@ -37,6 +37,7 @@ typedef struct { uid_t uid; pid_t pid; + char *login_session_id; char *display_device; char *x11_display_device; char *x11_display; @@ -49,6 +50,7 @@ typedef struct { static void session_info_free (SessionInfo *si) { + g_free (si->login_session_id); g_free (si->display_device); g_free (si->x11_display_device); g_free (si->x11_display); @@ -309,6 +311,11 @@ fill_session_info (SessionInfo *si) si->is_local_is_set = TRUE; } + res = ck_unix_pid_get_login_session_id (si->pid, &si->login_session_id); + if (! res) { + si->login_session_id = NULL; + } + return TRUE; } @@ -331,6 +338,9 @@ print_session_info (SessionInfo *si) if (si->is_local_is_set == TRUE) { printf ("is-local = %s\n", si->is_local ? "true" : "false"); } + if (si->login_session_id != NULL) { + printf ("login-session-id = %s\n", si->login_session_id); + } } static gboolean |