audit: report new directories in recurse mode too

Add new 'd' flag for it.
cute-signatures
Timo Teräs 2012-07-16 16:34:35 +03:00
parent ea5b08d1d5
commit 0999ec9533
1 changed files with 5 additions and 12 deletions

View File

@ -103,8 +103,8 @@ static int audit_directory(struct audit_ctx *actx,
struct apk_db_dir *dbd, struct apk_db_dir *dbd,
struct apk_file_info *fi) struct apk_file_info *fi)
{ {
if (dbd == NULL) if (dbd == NULL || dbd->refs == 1)
return 'D'; return actx->recursive ? 'd' : 'D';
if (actx->check_permissions && if (actx->check_permissions &&
(dbd->mode != 0 || dbd->uid != 0 || dbd->gid != 0)) { (dbd->mode != 0 || dbd->uid != 0 || dbd->gid != 0)) {
@ -171,26 +171,19 @@ static int audit_directory_tree_item(void *ctx, int dirfd, const char *name)
} else { } else {
child = apk_db_dir_query(db, bfull); child = apk_db_dir_query(db, bfull);
if (child == NULL) if (child == NULL)
recurse = FALSE; goto done;
else
child = apk_db_dir_ref(child); child = apk_db_dir_ref(child);
} }
reason = audit_directory(actx, db, child, &fi); reason = audit_directory(actx, db, child, &fi);
if (reason < 0) if (reason < 0)
goto done; goto done;
if (reason == 'D') {
if (actx->mode == MODE_SYSTEM)
goto done;
if (!actx->recursive)
recurse = FALSE;
}
recurse_check: recurse_check:
atctx->path[atctx->pathlen++] = '/'; atctx->path[atctx->pathlen++] = '/';
bfull.len++; bfull.len++;
report_audit(actx, reason, bfull, NULL); report_audit(actx, reason, bfull, NULL);
if (recurse) { if (reason != 'D' && recurse) {
atctx->dir = child; atctx->dir = child;
reason = apk_dir_foreach_file( reason = apk_dir_foreach_file(
openat(dirfd, name, O_RDONLY|O_CLOEXEC), openat(dirfd, name, O_RDONLY|O_CLOEXEC),