diff --git a/data/polkit.service.in b/data/polkit.service.in index e6db351f..15f44da6 100644 --- a/data/polkit.service.in +++ b/data/polkit.service.in @@ -8,7 +8,7 @@ BusName=org.freedesktop.PolicyKit1 CapabilityBoundingSet=CAP_SETUID CAP_SETGID DeviceAllow=/dev/null rw DevicePolicy=strict -ExecStart=@libprivdir@/polkitd --no-debug +ExecStart=@libprivdir@/polkitd --no-debug --log-level=err User=@polkitd_user@ LimitMEMLOCK=0 LockPersonality=yes diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c index c6a782c5..feba3650 100644 --- a/src/polkitbackend/polkitbackendauthority.c +++ b/src/polkitbackend/polkitbackendauthority.c @@ -52,6 +52,7 @@ enum }; static guint signals[LAST_SIGNAL] = {0}; +static guint polkit_authority_log_level = LOG_LEVEL_ERROR; G_DEFINE_ABSTRACT_TYPE (PolkitBackendAuthority, polkit_backend_authority, G_TYPE_OBJECT); @@ -1561,6 +1562,7 @@ _color_get (_Color color) void polkit_backend_authority_log (PolkitBackendAuthority *authority, + const guint message_log_level, const gchar *format, ...) { @@ -1571,13 +1573,18 @@ polkit_backend_authority_log (PolkitBackendAuthority *authority, gchar *message; va_list var_args; + if (message_log_level > polkit_authority_log_level) + { + return; + } + g_return_if_fail (POLKIT_BACKEND_IS_AUTHORITY (authority)); va_start (var_args, format); message = g_strdup_vprintf (format, var_args); va_end (var_args); - syslog (LOG_NOTICE, "%s", message); + syslog (message_log_level, "%s", message); g_get_current_time (&now); now_time = (time_t) now.tv_sec; @@ -1591,3 +1598,26 @@ polkit_backend_authority_log (PolkitBackendAuthority *authority, g_free (message); } + +void +polkit_backend_authority_set_log_level (const gchar *level) + { + /* Match syslog names so that they are the same across journalct, systemctl + * et al, but also accept more readable aliases for abbreviated levels. */ + if (g_strcmp0 (level, "debug") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_DEBUG; + else if (g_strcmp0 (level, "info") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_INFO; + else if (g_strcmp0 (level, "notice") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_NOTICE; + else if (g_strcmp0 (level, "warning") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_WARNING; + else if (g_strcmp0 (level, "err") == 0 || g_strcmp0 (level, "error") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_ERROR; + else if (g_strcmp0 (level, "crit") == 0 || g_strcmp0 (level, "critical") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_CRIT; + else if (g_strcmp0 (level, "alert") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_ALERT; + else if (g_strcmp0 (level, "emerg") == 0 || g_strcmp0 (level, "emergency") == 0) + polkit_authority_log_level = (guint) LOG_LEVEL_EMERG; +} diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h index 88df82e4..c4464da1 100644 --- a/src/polkitbackend/polkitbackendauthority.h +++ b/src/polkitbackend/polkitbackendauthority.h @@ -52,6 +52,21 @@ struct _PolkitBackendAuthority GObject parent_instance; }; +/** + * Log levels aligned with those used in syslog and LogControl + */ +enum +{ + LOG_LEVEL_EMERG, + LOG_LEVEL_ALERT, + LOG_LEVEL_CRIT, + LOG_LEVEL_ERROR, + LOG_LEVEL_WARNING, + LOG_LEVEL_NOTICE, + LOG_LEVEL_INFO, + LOG_LEVEL_DEBUG +}; + /** * PolkitBackendAuthorityClass: * @parent_class: The parent class. @@ -212,9 +227,13 @@ const gchar *polkit_backend_authority_get_version (PolkitBackendAut PolkitAuthorityFeatures polkit_backend_authority_get_features (PolkitBackendAuthority *authority); void polkit_backend_authority_log (PolkitBackendAuthority *authority, + const guint message_log_level, const gchar *format, ...); +void +polkit_backend_authority_set_log_level (const gchar *level); + GList *polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority, PolkitSubject *caller, const gchar *locale, diff --git a/src/polkitbackend/polkitbackendcommon.c b/src/polkitbackend/polkitbackendcommon.c index 2ab267f1..349242f6 100644 --- a/src/polkitbackend/polkitbackendcommon.c +++ b/src/polkitbackend/polkitbackendcommon.c @@ -349,6 +349,7 @@ polkit_backend_common_on_dir_monitor_changed (GFileMonitor *monitor, event_type == G_FILE_MONITOR_EVENT_CHANGES_DONE_HINT)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Reloading rules"); polkit_backend_common_reload_scripts (authority); } diff --git a/src/polkitbackend/polkitbackendduktapeauthority.c b/src/polkitbackend/polkitbackendduktapeauthority.c index 7c1f207d..3e665c74 100644 --- a/src/polkitbackend/polkitbackendduktapeauthority.c +++ b/src/polkitbackend/polkitbackendduktapeauthority.c @@ -86,6 +86,7 @@ static void report_error (void *udata, { PolkitBackendJsAuthority *authority = udata; polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "fatal Duktape JS backend error: %s", (msg ? msg : "no message")); } @@ -113,6 +114,7 @@ load_scripts (PolkitBackendJsAuthority *authority) GDir *dir = NULL; polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Loading rules from directory %s", dir_name); @@ -122,6 +124,7 @@ load_scripts (PolkitBackendJsAuthority *authority) if (dir == NULL) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error opening rules directory: %s (%s, %d)", error->message, g_quark_to_string (error->domain), error->code); g_clear_error (&error); @@ -147,9 +150,14 @@ load_scripts (PolkitBackendJsAuthority *authority) if (!execute_script_with_runaway_killer(authority, filename)) continue; num_scripts++; + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_DEBUG, + "Loaded and executed script in file %s", + filename); } polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Finished loading, compiling and executing %d rules", num_scripts); g_list_free_full (files, g_free); @@ -163,6 +171,7 @@ polkit_backend_common_reload_scripts (PolkitBackendJsAuthority *authority) duk_set_top (cx, 0); if (!duk_get_global_string (cx, "polkit")) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error deleting old rules, not loading new ones"); return; } @@ -171,6 +180,7 @@ polkit_backend_common_reload_scripts (PolkitBackendJsAuthority *authority) duk_call_prop (cx, 0, 0); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Collecting garbage unconditionally..."); load_scripts (authority); @@ -596,6 +606,7 @@ runaway_killer_thread_execute_js (gpointer user_data) if ((pthread_err = pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldtype))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error setting thread cancel type: %s", strerror(pthread_err)); goto err; @@ -607,6 +618,7 @@ runaway_killer_thread_execute_js (gpointer user_data) if (!g_file_load_contents(file, NULL, &contents, &len, NULL, NULL)) { polkit_backend_authority_log(POLKIT_BACKEND_AUTHORITY(ctx->authority), + LOG_LEVEL_ERROR, "Error loading script %s", ctx->filename); g_object_unref(file); goto err; @@ -619,6 +631,7 @@ runaway_killer_thread_execute_js (gpointer user_data) if (duk_peval_lstring(cx, contents, len) != 0) { polkit_backend_authority_log(POLKIT_BACKEND_AUTHORITY(ctx->authority), + LOG_LEVEL_ERROR, "Error compiling script %s: %s", ctx->filename, duk_safe_to_string(cx, -1)); duk_pop(cx); @@ -628,6 +641,7 @@ runaway_killer_thread_execute_js (gpointer user_data) if ((pthread_err = pthread_mutex_lock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error locking mutex: %s", strerror(pthread_err)); return NULL; @@ -641,6 +655,7 @@ runaway_killer_thread_execute_js (gpointer user_data) err: if ((pthread_err = pthread_mutex_lock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error locking mutex: %s", strerror(pthread_err)); return NULL; @@ -649,12 +664,14 @@ runaway_killer_thread_execute_js (gpointer user_data) end: if ((pthread_err = pthread_cond_signal(&ctx->cond))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error signaling on condition variable: %s", strerror(pthread_err)); ctx->ret = RUNAWAY_KILLER_THREAD_EXIT_STATUS_FAILURE; } if ((pthread_err = pthread_mutex_unlock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error unlocking mutex: %s", strerror(pthread_err)); ctx->ret = RUNAWAY_KILLER_THREAD_EXIT_STATUS_FAILURE; @@ -671,6 +688,7 @@ runaway_killer_thread_call_js (gpointer user_data) if ((pthread_err = pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldtype))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error setting thread cancel type: %s", strerror(pthread_err)); goto err; @@ -679,6 +697,7 @@ runaway_killer_thread_call_js (gpointer user_data) if (duk_pcall_prop (cx, 0, 2) != DUK_EXEC_SUCCESS) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error evaluating admin rules: %s", duk_safe_to_string (cx, -1)); goto err; @@ -686,6 +705,7 @@ runaway_killer_thread_call_js (gpointer user_data) if ((pthread_err = pthread_mutex_lock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error locking mutex: %s", strerror(pthread_err)); return NULL; @@ -697,6 +717,7 @@ runaway_killer_thread_call_js (gpointer user_data) err: if ((pthread_err = pthread_mutex_lock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error locking mutex: %s", strerror(pthread_err)); return NULL; @@ -705,12 +726,14 @@ runaway_killer_thread_call_js (gpointer user_data) end: if ((pthread_err = pthread_cond_signal(&ctx->cond))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error signaling on condition variable: %s", strerror(pthread_err)); ctx->ret = RUNAWAY_KILLER_THREAD_EXIT_STATUS_FAILURE; } if ((pthread_err = pthread_mutex_unlock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (ctx->authority), + LOG_LEVEL_ERROR, "Error unlocking mutex: %s", strerror(pthread_err)); ctx->ret = RUNAWAY_KILLER_THREAD_EXIT_STATUS_FAILURE; @@ -765,6 +788,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx if ((pthread_err = pthread_mutex_lock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error locking mutex: %s", strerror(pthread_err)); goto err_clean_cond; @@ -772,6 +796,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx if (clock_gettime(PK_CLOCK, &abs_time)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error getting system's monotonic time: %s", strerror(errno)); goto err_clean_cond; @@ -781,6 +806,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx if ((pthread_err = pthread_create(&authority->priv->runaway_killer_thread, NULL, js_context_cb, ctx))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error creating runaway JS killer thread: %s", strerror(pthread_err)); goto err_clean_cond; @@ -792,6 +818,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx /* Log that we are terminating the script */ polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Terminating runaway script after %d seconds", RUNAWAY_KILLER_TIMEOUT); @@ -800,6 +827,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx if ((pthread_err = pthread_mutex_unlock(&ctx->mutex))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error unlocking mutex: %s", strerror(pthread_err)); goto err_clean_cond; @@ -808,6 +836,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx if (cancel) { if ((pthread_err = pthread_cancel (authority->priv->runaway_killer_thread))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error cancelling runaway JS killer thread: %s", strerror(pthread_err)); goto err_clean_cond; @@ -815,6 +844,7 @@ runaway_killer_common(PolkitBackendJsAuthority *authority, RunawayKillerCtx *ctx } if ((pthread_err = pthread_join (authority->priv->runaway_killer_thread, NULL))) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error joining runaway JS killer thread: %s", strerror(pthread_err)); goto err_clean_cond; @@ -884,6 +914,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter duk_set_top (cx, 0); if (!duk_get_global_string (cx, "polkit")) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error deleting old rules, not loading new ones"); goto out; } @@ -893,6 +924,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter if (!push_action_and_details (cx, action_id, details, &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); @@ -902,6 +934,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter if (!push_subject (cx, subject, user_for_subject, subject_is_local, subject_is_active, &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting subject to JS object: %s", error->message); g_clear_error (&error); @@ -924,6 +957,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter if (identity == NULL) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Identity `%s' is not valid, ignoring: %s", identity_str, error->message); g_clear_error (&error); @@ -974,6 +1008,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera if (!push_action_and_details (cx, action_id, details, &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); @@ -983,6 +1018,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera if (!push_subject (cx, subject, user_for_subject, subject_is_local, subject_is_active, &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting subject to JS object: %s", error->message); g_clear_error (&error); @@ -1005,6 +1041,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera if (!polkit_implicit_authorization_from_string (ret_str, &ret)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Returned result `%s' is not valid", ret_str); goto out; diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c index 2839bb77..972baf45 100644 --- a/src/polkitbackend/polkitbackendinteractiveauthority.c +++ b/src/polkitbackend/polkitbackendinteractiveauthority.c @@ -592,6 +592,7 @@ log_result (PolkitBackendInteractiveAuthority *authority, caller_cmdline = g_strdup (""); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "%s action %s for %s [%s] owned by %s (check requested by %s [%s])", log_result_str, action_id, @@ -700,6 +701,7 @@ check_authorization_challenge_cb (AuthenticationAgent *agent, if (is_temp) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Operator of %s successfully authenticated as %s to gain " "TEMPORARY authorization for action %s for %s [%s] (owned by %s)", scope_str, @@ -712,6 +714,7 @@ check_authorization_challenge_cb (AuthenticationAgent *agent, else { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Operator of %s successfully authenticated as %s to gain " "ONE-SHOT authorization for action %s for %s [%s] (owned by %s)", scope_str, @@ -725,6 +728,7 @@ check_authorization_challenge_cb (AuthenticationAgent *agent, else { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Operator of %s FAILED to authenticate to gain " "authorization for action %s for %s [%s] (owned by %s)", scope_str, @@ -1972,6 +1976,7 @@ append_property (GString *dest, else { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error substituting value for property $(%s) when preparing message `%s' for action-id %s", key, message, @@ -2632,6 +2637,7 @@ polkit_backend_interactive_authority_register_authentication_agent (PolkitBacken locale); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Registered Authentication Agent for %s " "(system bus name %s [%s], object path %s, locale %s)", subject_as_string, @@ -2789,6 +2795,7 @@ polkit_backend_interactive_authority_unregister_authentication_agent (PolkitBack agent->locale); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Unregistered Authentication Agent for %s " "(system bus name %s, object path %s, locale %s)", scope_str, @@ -2941,6 +2948,7 @@ polkit_backend_interactive_authority_system_bus_name_owner_changed (PolkitBacken agent->object_path); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Unregistered Authentication Agent for %s " "(system bus name %s, object path %s, locale %s) (disconnected from bus)", scope_str, diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp index 0c783a8e..d8a53ab0 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp @@ -163,6 +163,7 @@ static void report_error (JSContext *cx, { PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "%s:%u: %s", report->filename ? report->filename : "", (unsigned int) report->lineno, @@ -193,6 +194,7 @@ load_scripts (PolkitBackendJsAuthority *authority) GDir *dir = NULL; polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Loading rules from directory %s", dir_name); @@ -202,6 +204,7 @@ load_scripts (PolkitBackendJsAuthority *authority) if (dir == NULL) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error opening rules directory: %s (%s, %d)", error->message, g_quark_to_string (error->domain), error->code); g_clear_error (&error); @@ -231,6 +234,7 @@ load_scripts (PolkitBackendJsAuthority *authority) if (!script) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error compiling script %s", filename); continue; @@ -243,6 +247,7 @@ load_scripts (PolkitBackendJsAuthority *authority) &rval)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error executing script %s", filename); continue; @@ -254,6 +259,7 @@ load_scripts (PolkitBackendJsAuthority *authority) } polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Finished loading, compiling and executing %d rules", num_scripts); g_list_free_full (files, g_free); @@ -275,11 +281,13 @@ polkit_backend_common_reload_scripts (PolkitBackendJsAuthority *authority) &rval)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error deleting old rules, not loading new ones"); return; } polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Collecting garbage unconditionally..."); JS_GC (authority->priv->cx); @@ -838,7 +846,7 @@ js_operation_callback (JSContext *cx) g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex); /* Log that we are terminating the script */ - polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), "Terminating runaway script"); + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), LOG_LEVEL_WARNING, "Terminating runaway script"); /* Throw an exception - this way the JS code can ignore the runaway script handling */ JS_ResetInterruptCallback (authority->priv->cx, TRUE); @@ -995,6 +1003,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter if (!action_and_details_to_jsval (authority, action_id, details, args[0], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); @@ -1010,6 +1019,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting subject to JS object: %s", error->message); g_clear_error (&error); @@ -1022,6 +1032,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter &rval)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error evaluating admin rules"); goto out; } @@ -1051,6 +1062,7 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter if (identity == NULL) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Identity `%s' is not valid, ignoring (%s)", identity_str, error->message); g_clear_error (&error); @@ -1098,6 +1110,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera if (!action_and_details_to_jsval (authority, action_id, details, args[0], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); @@ -1113,6 +1126,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error converting subject to JS object: %s", error->message); g_clear_error (&error); @@ -1125,6 +1139,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera &rval)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_ERROR, "Error evaluating authorization rules"); goto out; } @@ -1154,6 +1169,7 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera if (!polkit_implicit_authorization_from_string (ret_str.get(), &ret)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Returned result `%s' is not valid", ret_str.get()); goto out; diff --git a/src/polkitbackend/polkitd.c b/src/polkitbackend/polkitd.c index 0da298da..96874472 100644 --- a/src/polkitbackend/polkitd.c +++ b/src/polkitbackend/polkitd.c @@ -38,9 +38,12 @@ static GMainLoop *loop = NULL; static gint exit_status = EXIT_FAILURE; static gboolean opt_replace = FALSE; static gboolean opt_no_debug = FALSE; +static gchar *opt_log_level = "err"; static GOptionEntry opt_entries[] = { {"replace", 'r', 0, G_OPTION_ARG_NONE, &opt_replace, "Replace existing daemon", NULL}, - {"no-debug", 'n', 0, G_OPTION_ARG_NONE, &opt_no_debug, "Don't print debug information", NULL}, + {"no-debug", 'n', 0, G_OPTION_ARG_NONE, &opt_no_debug, "Don't print debug information to stderr and stdout", NULL}, + {"log-level", 'l', 0, G_OPTION_ARG_STRING, &opt_log_level, "Set a level of logging (syslog style). Defaults to 'err'.", + "[emerg|alert|crit|err|warning|notice|info|debug]"}, {NULL } }; @@ -74,6 +77,7 @@ on_name_lost (GDBusConnection *connection, gpointer user_data) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_WARNING, "Lost the name org.freedesktop.PolicyKit1 - exiting"); g_main_loop_quit (loop); } @@ -86,6 +90,7 @@ on_name_acquired (GDBusConnection *connection, exit_status = EXIT_SUCCESS; polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + LOG_LEVEL_NOTICE, "Acquired the name org.freedesktop.PolicyKit1 on the system bus"); } @@ -222,6 +227,8 @@ main (int argc, if (g_getenv ("PATH") == NULL) g_setenv ("PATH", "/usr/bin:/bin:/usr/sbin:/sbin", TRUE); + polkit_backend_authority_set_log_level (opt_log_level); + authority = polkit_backend_authority_get (); loop = g_main_loop_new (NULL, FALSE);