From bb2a464067c6843320f367b590b0e4cb00225e50 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 10 Dec 2008 14:17:02 -0500 Subject: Add syslog of security denials and configuration file reloads We need to start logging denials so that they become more easily trackable and debuggable. --- bus/bus.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 77 insertions(+), 13 deletions(-) (limited to 'bus/bus.c') diff --git a/bus/bus.c b/bus/bus.c index 42cc295f..c6fd693e 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -54,6 +54,7 @@ struct BusContext BusMatchmaker *matchmaker; BusLimits limits; unsigned int fork : 1; + unsigned int syslog : 1; unsigned int keep_umask : 1; unsigned int allow_anonymous : 1; }; @@ -389,6 +390,7 @@ process_config_first_time_only (BusContext *context, } context->fork = bus_config_parser_get_fork (parser); + context->syslog = bus_config_parser_get_syslog (parser); context->keep_umask = bus_config_parser_get_keep_umask (parser); context->allow_anonymous = bus_config_parser_get_allow_anonymous (parser); @@ -834,7 +836,10 @@ bus_context_reload_config (BusContext *context, } ret = TRUE; + bus_context_log_info (context, "Reloaded configuration"); failed: + if (!ret) + bus_context_log_info (context, "Unable to reload configuration: %s", error->message); if (parser != NULL) bus_config_parser_unref (parser); return ret; @@ -1115,6 +1120,32 @@ bus_context_get_reply_timeout (BusContext *context) return context->limits.reply_timeout; } +void +bus_context_log_info (BusContext *context, const char *msg, ...) +{ + va_list args; + + va_start (args, msg); + + if (context->syslog) + _dbus_log_info (msg, args); + + va_end (args); +} + +void +bus_context_log_security (BusContext *context, const char *msg, ...) +{ + va_list args; + + va_start (args, msg); + + if (context->syslog) + _dbus_log_security (msg, args); + + va_end (args); +} + /* * addressed_recipient is the recipient specified in the message. * @@ -1139,8 +1170,10 @@ bus_context_check_security_policy (BusContext *context, { BusClientPolicy *sender_policy; BusClientPolicy *recipient_policy; + dbus_int32_t toggles; int type; dbus_bool_t requested_reply; + const char *sender_name; type = dbus_message_get_type (message); @@ -1151,6 +1184,12 @@ bus_context_check_security_policy (BusContext *context, _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL || addressed_recipient != NULL || strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0); + + /* Used in logging below */ + if (sender != NULL) + sender_name = bus_connection_get_name (sender); + else + sender_name = NULL; switch (type) { @@ -1193,8 +1232,9 @@ bus_context_check_security_policy (BusContext *context, dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "An SELinux policy prevents this sender " "from sending this message to this recipient " - "(rejected message had interface \"%s\" " + "(rejected message had sender \"%s\" interface \"%s\" " "member \"%s\" error name \"%s\" destination \"%s\")", + sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? @@ -1312,16 +1352,16 @@ bus_context_check_security_policy (BusContext *context, context->registry, requested_reply, proposed_recipient, - message)) + message, &toggles)) { const char *dest; + const char *msg = "Rejected send message, %d matched rules; " + "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; dest = dbus_message_get_destination (message); - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, - "A security policy in place prevents this sender " - "from sending this message to this recipient, " - "see message bus configuration file (rejected message " - "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")", + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, + toggles, + sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? @@ -1329,6 +1369,17 @@ bus_context_check_security_policy (BusContext *context, dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", dest ? dest : DBUS_SERVICE_DBUS); + /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ + bus_context_log_security (context, msg, + toggles, + sender_name ? sender_name : "(unset)", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_DBUS); _dbus_verbose ("security policy disallowing message due to sender policy\n"); return FALSE; } @@ -1339,16 +1390,16 @@ bus_context_check_security_policy (BusContext *context, requested_reply, sender, addressed_recipient, proposed_recipient, - message)) + message, &toggles)) { + const char *msg = "Rejected receive message, %d matched rules; " + "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; const char *dest; dest = dbus_message_get_destination (message); - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, - "A security policy in place prevents this recipient " - "from receiving this message from this sender, " - "see message bus configuration file (rejected message " - "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)", + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, + toggles, + sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? @@ -1358,6 +1409,19 @@ bus_context_check_security_policy (BusContext *context, dest ? dest : DBUS_SERVICE_DBUS, dbus_message_get_reply_serial (message), requested_reply); + /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ + bus_context_log_security (context, msg, + toggles, + sender_name ? sender_name : "(unset)", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_DBUS, + dbus_message_get_reply_serial (message), + requested_reply); _dbus_verbose ("security policy disallowing message due to recipient policy\n"); return FALSE; } -- cgit