shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-07 21:18:41 +03:00
Code

journald: add syslog fields for audit messages

Browse Source 
Audit messages would be displayed as "unknown[1]".

Also specify AUTH as facility... This seems to be the closest match
(/* security/authorization messages */).
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2015-03-04 10:31:42 -05:00
parent 924bc14fef
commit cd556b6ca8
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/journal/journald-audit.c
View File

@ -373,7 +373,7 @@ static void process_audit_string(Server *s, int type, const char *data, size_t s
if (isempty(p))
return;
n_iov_allocated = N_IOVEC_META_FIELDS + 5;
n_iov_allocated = N_IOVEC_META_FIELDS + 7;
iov = new(struct iovec, n_iov_allocated);
if (!iov) {
log_oom();
@ -392,6 +392,10 @@ static void process_audit_string(Server *s, int type, const char *data, size_t s
sprintf(id_field, "_AUDIT_ID=%" PRIu64, id);
IOVEC_SET_STRING(iov[n_iov++], id_field);
assert_cc(32 == LOG_AUTH);
IOVEC_SET_STRING(iov[n_iov++], "SYSLOG_FACILITY=32");
IOVEC_SET_STRING(iov[n_iov++], "SYSLOG_IDENTIFIER=audit");
m = alloca(strlen("MESSAGE=<audit-") + DECIMAL_STR_MAX(int) + strlen("> ") + strlen(p) + 1);
sprintf(m, "MESSAGE=<audit-%i> %s", type, p);
IOVEC_SET_STRING(iov[n_iov++], m);