bus-proxy: print message direction in policy logs

Make sure to print "dbus-1 to kernel" or "kernel to dbus-1" in policy logs to better diagnose the situation.
author: David Herrmann <dh.herrmann@gmail.com> 2015-01-11 15:27:18 +0100
committer: David Herrmann <dh.herrmann@gmail.com> 2015-01-11 15:27:18 +0100
commit: b49c7806a395fd655edd19785f56874b28f5a24c (patch)
tree: 18d1555df0303ebf2542930fc8c2e434580ac045 /src/bus-proxyd/bus-xml-policy.c
parent: b5cfc2b953fca74bf4c42a4e9e38abe72cc26493 (diff)
1 files changed, 10 insertions, 6 deletions
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
index 366adbd7a..a5c431332 100644
--- a/src/bus-proxyd/bus-xml-policy.c
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -837,7 +837,8 @@ bool policy_check_recv(Policy *p,
                        const char *name,
                        const char *path,
                        const char *interface,
-                       const char *member) {
+                       const char *member,
+                       bool dbus_to_kernel) {
 
         struct policy_check_filter filter = {
                 .class        = POLICY_ITEM_RECV,
@@ -857,8 +858,9 @@ bool policy_check_recv(Policy *p,
         verdict = policy_check(p, &filter);
 
         log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
-                 "Receive permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
-                 uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
+                 "Receive permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
+                 dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name),
+                 strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
 
         return verdict == ALLOW;
 }
@@ -870,7 +872,8 @@ bool policy_check_send(Policy *p,
                        const char *name,
                        const char *path,
                        const char *interface,
-                       const char *member) {
+                       const char *member,
+                       bool dbus_to_kernel) {
 
         struct policy_check_filter filter = {
                 .class        = POLICY_ITEM_SEND,
@@ -890,8 +893,9 @@ bool policy_check_send(Policy *p,
         verdict = policy_check(p, &filter);
 
         log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
-                 "Send permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
-                 uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
+                 "Send permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
+                 dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name),
+                 strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
 
         return verdict == ALLOW;
 }
author	David Herrmann <dh.herrmann@gmail.com>	2015-01-11 15:27:18 +0100
committer	David Herrmann <dh.herrmann@gmail.com>	2015-01-11 15:27:18 +0100
commit	b49c7806a395fd655edd19785f56874b28f5a24c (patch)
tree	18d1555df0303ebf2542930fc8c2e434580ac045 /src/bus-proxyd/bus-xml-policy.c
parent	b5cfc2b953fca74bf4c42a4e9e38abe72cc26493 (diff)