From nobody Wed May  8 21:34:01 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1547650722143194.58125647403722;
 Wed, 16 Jan 2019 06:58:42 -0800 (PST)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id AA9EA3DE2F;
	Wed, 16 Jan 2019 14:58:39 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 14A7B60923;
	Wed, 16 Jan 2019 14:58:39 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 98B5B1803396;
	Wed, 16 Jan 2019 14:58:37 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x0GEwa2Z019014 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 16 Jan 2019 09:58:36 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id CC0525D77B; Wed, 16 Jan 2019 14:58:36 +0000 (UTC)
Received: from beluga.usersys.redhat.com (unknown [10.43.2.166])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 2A4D05D77C;
	Wed, 16 Jan 2019 14:58:29 +0000 (UTC)
From: Erik Skultety <eskultet@redhat.com>
To: libvir-list@redhat.com
Date: Wed, 16 Jan 2019 15:58:24 +0100
Message-Id: 
 <aa99f6c7600ca5fa098c1b97b0cf1ffaa3227852.1547650666.git.eskultet@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Erik Skultety <eskultet@redhat.com>
Subject: [libvirt] [PATCH v2] util: audit: Fix logging an error when kernel
	lacks audit support
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Wed, 16 Jan 2019 14:58:40 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Based on an upstream discussion, reporting the errno is useful for the
user to know why audit isn't supported. Even though having an error in
the logs might look concerning when 'audit_log=3D1', it also denotes that
audit is only going to be used if it's available, continuing normally
if it's unavailable for whatever reason.

Partially reverts commit 4199c2f221c.

https://bugzilla.redhat.com/show_bug.cgi?id=3D1596119

Signed-off-by: Erik Skultety <eskultet@redhat.com>
---
 src/remote/remote_daemon.c |  2 +-
 src/util/viraudit.c        | 16 ++--------------
 src/util/viraudit.h        |  2 +-
 3 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c
index 3be3ad02fc..ededef97b4 100644
--- a/src/remote/remote_daemon.c
+++ b/src/remote/remote_daemon.c
@@ -1380,7 +1380,7 @@ int main(int argc, char **argv) {

     if (config->audit_level) {
         VIR_DEBUG("Attempting to configure auditing subsystem");
-        if (virAuditOpen(config->audit_level) < 0) {
+        if (virAuditOpen() < 0) {
             if (config->audit_level > 1) {
                 ret =3D VIR_DAEMON_ERR_AUDIT;
                 goto cleanup;
diff --git a/src/util/viraudit.c b/src/util/viraudit.c
index a02e5b36fd..135d0e626a 100644
--- a/src/util/viraudit.c
+++ b/src/util/viraudit.c
@@ -54,23 +54,11 @@ static int auditfd =3D -1;
 #endif
 static bool auditlog;

-int virAuditOpen(unsigned int audit_level ATTRIBUTE_UNUSED)
+int virAuditOpen(void)
 {
 #if WITH_AUDIT
     if ((auditfd =3D audit_open()) < 0) {
-        /* You get these error codes only when the kernel does not
-         * have audit compiled in or it's disabled (e.g. by the kernel
-         * cmdline) */
-        if (errno =3D=3D EINVAL || errno =3D=3D EPROTONOSUPPORT ||
-            errno =3D=3D EAFNOSUPPORT) {
-            if (audit_level < 2)
-                VIR_INFO("Audit is not supported by the kernel");
-            else
-                virReportError(VIR_FROM_THIS, "%s", _("Audit is not suppor=
ted by the kernel"));
-        } else {
-            virReportSystemError(errno, "%s", _("Unable to initialize audi=
t layer"));
-        }
-
+        virReportSystemError(errno, "%s", _("Unable to initialize audit la=
yer"));
         return -1;
     }

diff --git a/src/util/viraudit.h b/src/util/viraudit.h
index 66605b16b5..7fbc28ba9b 100644
--- a/src/util/viraudit.h
+++ b/src/util/viraudit.h
@@ -31,7 +31,7 @@ typedef enum {
     VIR_AUDIT_RECORD_RESOURCE,
 } virAuditRecordType;

-int virAuditOpen(unsigned int audit_level);
+int virAuditOpen(void);

 void virAuditLog(bool enabled);

--
2.20.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list