am 4336d13c: am 85010465: Merge "logd: selinux auditd initial commit"

* commit '4336d13cb12a8e779d4c56c45dc6d7a47c0b7898':
  logd: selinux auditd initial commit

1 files changed, 15 insertions, 1 deletions

diff --git a/logd/main.cpp b/logd/main.cpp
index 8792d32..83ec6c0 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -34,6 +34,7 @@
 #include "CommandListener.h"
 #include "LogBuffer.h"
 #include "LogListener.h"
+#include "LogAudit.h"
 
 static int drop_privs() {
     struct sched_param param;
@@ -63,7 +64,10 @@ static int drop_privs() {
     capheader.pid = 0;
 
     capdata[CAP_TO_INDEX(CAP_SYSLOG)].permitted = CAP_TO_MASK(CAP_SYSLOG);
-    capdata[CAP_TO_INDEX(CAP_SYSLOG)].effective = CAP_TO_MASK(CAP_SYSLOG);
+    capdata[CAP_TO_INDEX(CAP_AUDIT_CONTROL)].permitted |= CAP_TO_MASK(CAP_AUDIT_CONTROL);
+
+    capdata[0].effective = capdata[0].permitted;
+    capdata[1].effective = capdata[1].permitted;
     capdata[0].inheritable = 0;
     capdata[1].inheritable = 0;
 
@@ -127,6 +131,16 @@ int main() {
         exit(1);
     }
 
+    // LogAudit listens on NETLINK_AUDIT socket for selinux
+    // initiated log messages. New log entries are added to LogBuffer
+    // and LogReader is notified to send updates to connected clients.
+
+    // failure is an option ... messages are in dmesg (required by standard)
+    LogAudit *al = new LogAudit(logBuf, reader);
+    if (al->startListener()) {
+        delete al;
+    }
+
     pause();
     exit(0);
 }