Add syslog of security denials and configuration file reloads

We need to start logging denials so that they become more easily trackable and debuggable.
author: Colin Walters <walters@verbum.org> 2008-12-10 14:17:02 -0500
committer: Colin Walters <walters@verbum.org> 2008-12-12 14:00:16 -0500
commit: bb2a464067c6843320f367b590b0e4cb00225e50 (patch)
tree: 51f42dbfa5ee4bcebc667832cf1429036941c63a /bus/policy.c
parent: b4a75abf8658378934ffd689837c72da2ac22117 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/bus/policy.c b/bus/policy.c
index caa544e7..2c1a3541 100644
--- a/bus/policy.c
+++ b/bus/policy.c
@@ -866,7 +866,8 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
                                   BusRegistry     *registry,
                                   dbus_bool_t      requested_reply,
                                   DBusConnection  *receiver,
-                                  DBusMessage     *message)
+                                  DBusMessage     *message,
+                                  dbus_int32_t    *toggles)
 {
   DBusList *link;
   dbus_bool_t allowed;
@@ -876,6 +877,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
    */
 
   _dbus_verbose ("  (policy) checking send rules\n");
+  *toggles = 0;
   
   allowed = FALSE;
   link = _dbus_list_get_first_link (&policy->rules);
@@ -1026,6 +1028,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
 
       /* Use this rule */
       allowed = rule->allow;
+      (*toggles)++;
 
       _dbus_verbose ("  (policy) used rule, allow now = %d\n",
                      allowed);
@@ -1044,7 +1047,8 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
                                      DBusConnection  *sender,
                                      DBusConnection  *addressed_recipient,
                                      DBusConnection  *proposed_recipient,
-                                     DBusMessage     *message)
+                                     DBusMessage     *message,
+                                     dbus_int32_t    *toggles)
 {
   DBusList *link;
   dbus_bool_t allowed;
@@ -1059,6 +1063,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
    */
 
   _dbus_verbose ("  (policy) checking receive rules, eavesdropping = %d\n", eavesdropping);
+  *toggles = 0;
   
   allowed = FALSE;
   link = _dbus_list_get_first_link (&policy->rules);
@@ -1223,6 +1228,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
       
       /* Use this rule */
       allowed = rule->allow;
+      (*toggles)++;
 
       _dbus_verbose ("  (policy) used rule, allow now = %d\n",
                      allowed);
author	Colin Walters <walters@verbum.org>	2008-12-10 14:17:02 -0500
committer	Colin Walters <walters@verbum.org>	2008-12-12 14:00:16 -0500
commit	bb2a464067c6843320f367b590b0e4cb00225e50 (patch)
tree	51f42dbfa5ee4bcebc667832cf1429036941c63a /bus/policy.c
parent	b4a75abf8658378934ffd689837c72da2ac22117 (diff)