Skip to content

Commit

Permalink
Handle error return from audit_log_user_comm_message()
Browse files Browse the repository at this point in the history
audit_log_user_comm_message has warn_unused_result attribute and so this
emits a compiler warning with -fhardened, and that in turn breaks
the build with -Werror.

Emit a warning if audit log message fails, but suppress ECONNREFUSED to
silence spurious warnings in environments where audit daemon isn't
available, such as containers (like our test-suite) or rescue images.
This isn't entirely ideal but is consistent with what we do in similar
cases in eg systemd_inhibit (708e613)
and dbus_announce (071be75) plugins.

For extra entertainment, something in the GH CI environment causes
runroot_user tests to fail with EPERM, whereas no such errors occur
locally. Filter it out too.
  • Loading branch information
pmatilai authored and dmnks committed Nov 14, 2024
1 parent 09fb83a commit de987ca
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions plugins/audit.c
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
#include "system.h"

#include <errno.h>
#include <stdlib.h>
#include <libaudit.h>

#include <rpm/rpmlog.h>
#include <rpm/rpmstring.h>
#include <rpm/rpmts.h>
#include <rpm/rpmplugin.h>
Expand Down Expand Up @@ -82,8 +84,16 @@ static rpmRC audit_tsm_post(rpmPlugin plugin, rpmts ts, int res)
rasprintf(&eventTxt,
"op=%s %s sw_type=rpm key_enforce=%u gpg_res=%u %s",
op, nevra, enforce, verified, dir);
audit_log_user_comm_message(auditFd, AUDIT_SOFTWARE_UPDATE,
eventTxt, NULL, NULL, NULL, NULL, result);

if (audit_log_user_comm_message(auditFd, AUDIT_SOFTWARE_UPDATE,
eventTxt, NULL, NULL, NULL, NULL, result) <= 0)
{
/* Filter out noise from containers and other novelties */
int ignore = (errno == ECONNREFUSED || errno == EPERM);
rpmlog(ignore ? RPMLOG_DEBUG : RPMLOG_WARNING,
_("logging an audit message failed: %s\n"),
strerror(errno));
}
free(nevra);
free(eventTxt);
}
Expand Down

0 comments on commit de987ca

Please sign in to comment.