summaryrefslogtreecommitdiff
path: root/modules/pam_selinux
diff options
context:
space:
mode:
authorChristian Göttsche <cgzones@googlemail.com>2020-03-23 19:45:29 +0100
committerChristian Göttsche <cgzones@googlemail.com>2020-03-23 19:49:41 +0100
commitfbc66d1cdbbb4bd3abd98b84b51be05f4b061d95 (patch)
treeb673df620e8111061da9fffc8649895ba202664d /modules/pam_selinux
parentacbd4d51ea068de178f241d4a133316eec2e7d69 (diff)
pam_selinux: print additional information on failures
Diffstat (limited to 'modules/pam_selinux')
-rw-r--r--modules/pam_selinux/pam_selinux.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index 2e92b5c5..57b02bac 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -87,17 +87,17 @@ send_audit_message(pam_handle_t *pamh, int success, const char *default_context,
if (errno == EINVAL || errno == EPROTONOSUPPORT ||
errno == EAFNOSUPPORT)
return; /* No audit support in kernel */
- pam_syslog(pamh, LOG_ERR, "Error connecting to audit system.");
+ pam_syslog(pamh, LOG_ERR, "Error connecting to audit system: %m");
return;
}
(void)pam_get_item(pamh, PAM_TTY, &tty);
(void)pam_get_item(pamh, PAM_RHOST, &rhost);
if (selinux_trans_to_raw_context(default_context, &default_raw) < 0) {
- pam_syslog(pamh, LOG_ERR, "Error translating default context.");
+ pam_syslog(pamh, LOG_ERR, "Error translating default context '%s'.", default_context);
default_raw = NULL;
}
if (selinux_trans_to_raw_context(selected_context, &selected_raw) < 0) {
- pam_syslog(pamh, LOG_ERR, "Error translating selected context.");
+ pam_syslog(pamh, LOG_ERR, "Error translating selected context '%s'.", selected_context);
selected_raw = NULL;
}
if (asprintf(&msg, "pam: default-context=%s selected-context=%s",
@@ -108,7 +108,7 @@ send_audit_message(pam_handle_t *pamh, int success, const char *default_context,
}
if (audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE,
msg, rhost, NULL, tty, success) <= 0) {
- pam_syslog(pamh, LOG_ERR, "Error sending audit message.");
+ pam_syslog(pamh, LOG_ERR, "Error sending audit message: %m");
goto out;
}
out: