Add syslog of security denials and configuration file reloads

We need to start logging denials so that they become more easily trackable and debuggable.
author: Colin Walters <walters@verbum.org> 2008-12-10 14:17:02 -0500
committer: Colin Walters <walters@verbum.org> 2008-12-12 14:00:16 -0500
commit: bb2a464067c6843320f367b590b0e4cb00225e50 (patch)
tree: 51f42dbfa5ee4bcebc667832cf1429036941c63a /bus/bus.c
parent: b4a75abf8658378934ffd689837c72da2ac22117 (diff)
1 files changed, 77 insertions, 13 deletions
diff --git a/bus/bus.c b/bus/bus.c
index 42cc295f..c6fd693e 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -54,6 +54,7 @@ struct BusContext
   BusMatchmaker *matchmaker;
   BusLimits limits;
   unsigned int fork : 1;
+  unsigned int syslog : 1;
   unsigned int keep_umask : 1;
   unsigned int allow_anonymous : 1;
 };
@@ -389,6 +390,7 @@ process_config_first_time_only (BusContext      *context,
     }
 
   context->fork = bus_config_parser_get_fork (parser);
+  context->syslog = bus_config_parser_get_syslog (parser);
   context->keep_umask = bus_config_parser_get_keep_umask (parser);
   context->allow_anonymous = bus_config_parser_get_allow_anonymous (parser);
   
@@ -834,7 +836,10 @@ bus_context_reload_config (BusContext *context,
     }
   ret = TRUE;
 
+  bus_context_log_info (context, "Reloaded configuration");
  failed:  
+  if (!ret)
+    bus_context_log_info (context, "Unable to reload configuration: %s", error->message);
   if (parser != NULL)
     bus_config_parser_unref (parser);
   return ret;
@@ -1115,6 +1120,32 @@ bus_context_get_reply_timeout (BusContext *context)
   return context->limits.reply_timeout;
 }
 
+void
+bus_context_log_info (BusContext *context, const char *msg, ...)
+{
+  va_list args;
+
+  va_start (args, msg);
+  
+  if (context->syslog)
+    _dbus_log_info (msg, args);
+
+  va_end (args);
+}
+
+void
+bus_context_log_security (BusContext *context, const char *msg, ...)
+{
+  va_list args;
+
+  va_start (args, msg);
+  
+  if (context->syslog)
+    _dbus_log_security (msg, args);
+
+  va_end (args);
+}
+
 /*
  * addressed_recipient is the recipient specified in the message.
  *
@@ -1139,8 +1170,10 @@ bus_context_check_security_policy (BusContext     *context,
 {
   BusClientPolicy *sender_policy;
   BusClientPolicy *recipient_policy;
+  dbus_int32_t toggles;
   int type;
   dbus_bool_t requested_reply;
+  const char *sender_name;
   
   type = dbus_message_get_type (message);
   
@@ -1151,6 +1184,12 @@ bus_context_check_security_policy (BusContext     *context,
   _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
                 addressed_recipient != NULL ||
                 strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0);
+
+  /* Used in logging below */
+  if (sender != NULL)
+    sender_name = bus_connection_get_name (sender);
+  else
+    sender_name = NULL;
   
   switch (type)
     {
@@ -1193,8 +1232,9 @@ bus_context_check_security_policy (BusContext     *context,
               dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
                               "An SELinux policy prevents this sender "
                               "from sending this message to this recipient "
-                              "(rejected message had interface \"%s\" "
+                              "(rejected message had sender \"%s\" interface \"%s\" "
                               "member \"%s\" error name \"%s\" destination \"%s\")",
+                              sender_name ? sender_name : "(unset)",
                               dbus_message_get_interface (message) ?
                               dbus_message_get_interface (message) : "(unset)",
                               dbus_message_get_member (message) ?
@@ -1312,16 +1352,16 @@ bus_context_check_security_policy (BusContext     *context,
                                          context->registry,
                                          requested_reply,
                                          proposed_recipient,
-                                         message))
+                                         message, &toggles))
     {
       const char *dest;
+      const char *msg = "Rejected send message, %d matched rules; "
+                        "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")";
 
       dest = dbus_message_get_destination (message);
-      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
-                      "A security policy in place prevents this sender "
-                      "from sending this message to this recipient, "
-                      "see message bus configuration file (rejected message "
-                      "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")",
+      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg,
+                      toggles,
+                      sender_name ? sender_name : "(unset)",
                       dbus_message_get_interface (message) ?
                       dbus_message_get_interface (message) : "(unset)",
                       dbus_message_get_member (message) ?
@@ -1329,6 +1369,17 @@ bus_context_check_security_policy (BusContext     *context,
                       dbus_message_get_error_name (message) ?
                       dbus_message_get_error_name (message) : "(unset)",
                       dest ? dest : DBUS_SERVICE_DBUS);
+      /* Needs to be duplicated to avoid calling malloc and having to handle OOM */
+      bus_context_log_security (context, msg,
+                                toggles,
+                                sender_name ? sender_name : "(unset)",
+                                dbus_message_get_interface (message) ?
+                                dbus_message_get_interface (message) : "(unset)",
+                                dbus_message_get_member (message) ?
+                                dbus_message_get_member (message) : "(unset)",
+                                dbus_message_get_error_name (message) ?
+                                dbus_message_get_error_name (message) : "(unset)",
+                                dest ? dest : DBUS_SERVICE_DBUS);
       _dbus_verbose ("security policy disallowing message due to sender policy\n");
       return FALSE;
     }
@@ -1339,16 +1390,16 @@ bus_context_check_security_policy (BusContext     *context,
                                             requested_reply,
                                             sender,
                                             addressed_recipient, proposed_recipient,
-                                            message))
+                                            message, &toggles))
     {
+      const char *msg = "Rejected receive message, %d matched rules; "
+                        "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)";
       const char *dest;
 
       dest = dbus_message_get_destination (message);
-      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
-                      "A security policy in place prevents this recipient "
-                      "from receiving this message from this sender, "
-                      "see message bus configuration file (rejected message "
-                      "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)",
+      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg,
+                      toggles,
+                      sender_name ? sender_name : "(unset)",
                       dbus_message_get_interface (message) ?
                       dbus_message_get_interface (message) : "(unset)",
                       dbus_message_get_member (message) ?
@@ -1358,6 +1409,19 @@ bus_context_check_security_policy (BusContext     *context,
                       dest ? dest : DBUS_SERVICE_DBUS,
                       dbus_message_get_reply_serial (message),
                       requested_reply);
+      /* Needs to be duplicated to avoid calling malloc and having to handle OOM */
+      bus_context_log_security (context, msg,
+                                toggles,
+                                sender_name ? sender_name : "(unset)",
+                                dbus_message_get_interface (message) ?
+                                dbus_message_get_interface (message) : "(unset)",
+                                dbus_message_get_member (message) ?
+                                dbus_message_get_member (message) : "(unset)",
+                                dbus_message_get_error_name (message) ?
+                                dbus_message_get_error_name (message) : "(unset)",
+                                dest ? dest : DBUS_SERVICE_DBUS,
+                                dbus_message_get_reply_serial (message),
+                                requested_reply);
       _dbus_verbose ("security policy disallowing message due to recipient policy\n");
       return FALSE;
     }
author	Colin Walters <walters@verbum.org>	2008-12-10 14:17:02 -0500
committer	Colin Walters <walters@verbum.org>	2008-12-12 14:00:16 -0500
commit	bb2a464067c6843320f367b590b0e4cb00225e50 (patch)
tree	51f42dbfa5ee4bcebc667832cf1429036941c63a /bus/bus.c
parent	b4a75abf8658378934ffd689837c72da2ac22117 (diff)