From cbf59f4bb27390199eb9eb13a69da67d82339c85 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 16 Jul 2025 01:24:32 +0900 Subject: [PATCH] journald-audit: apply new Audit= setting on reload --- src/journal/journald-audit.c | 12 ++++++++++++ src/journal/journald-audit.h | 1 + src/journal/journald-config.c | 2 ++ 3 files changed, 15 insertions(+) diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c index 05374f3329..6f08875ca3 100644 --- a/src/journal/journald-audit.c +++ b/src/journal/journald-audit.c @@ -556,3 +556,15 @@ int manager_open_audit(Manager *m) { (void) manager_set_kernel_audit(m); return 0; } + +void manager_reset_kernel_audit(Manager *m, int old_set_audit) { + assert(m); + + if (m->audit_fd < 0) + return; + + if (m->config.set_audit == old_set_audit) + return; + + (void) manager_set_kernel_audit(m); +} diff --git a/src/journal/journald-audit.h b/src/journal/journald-audit.h index 17ba2efbbb..1f1b778e37 100644 --- a/src/journal/journald-audit.h +++ b/src/journal/journald-audit.h @@ -10,3 +10,4 @@ void manager_process_audit_message(Manager *m, const void *buffer, size_t buffer void process_audit_string(Manager *m, int type, const char *data, size_t size); int manager_open_audit(Manager *m); +void manager_reset_kernel_audit(Manager *m, int old_set_audit); diff --git a/src/journal/journald-config.c b/src/journal/journald-config.c index a2275a173e..5e6b072751 100644 --- a/src/journal/journald-config.c +++ b/src/journal/journald-config.c @@ -5,6 +5,7 @@ #include "conf-parser.h" #include "creds-util.h" #include "daemon-util.h" +#include "journald-audit.h" #include "journald-config.h" #include "journald-kmsg.h" #include "journald-manager.h" @@ -364,6 +365,7 @@ int manager_dispatch_reload_signal(sd_event_source *s, const struct signalfd_sig manager_reload_config(m); (void) manager_reopen_dev_kmsg(m, old.read_kmsg); + manager_reset_kernel_audit(m, old.set_audit); r = manager_reload_journals(m); if (r < 0)