Regarding log_file_parser

| Hi， I have some doubt about the bold code below， at audit-2.5/src/auditd-config.c static int log_file_parser(struct nv_pair *nv, int line, struct daemon_conf *config) { char *dir = NULL, *tdir; DIR *d; int fd, mode; struct stat buf; audit_msg(LOG_DEBUG, "log_file_parser called with: %s", nv->value); /* get dir from name. */ tdir = strdup(nv->value); if (tdir) dir = dirname(tdir); if (dir == NULL || strlen(dir) < 4) { // '/var' is shortest dirname audit_msg(LOG_ERR, "The directory name: %s is too short - line %d", dir, line); free((void *)tdir); return 1; } /* verify the directory path exists */ d = opendir(dir); if (d == NULL) { audit_msg(LOG_ERR, "Could not open dir %s (%s)", dir, strerror(errno)); free((void *)tdir); return 1; } when parsing the field "log_file", If the dir is examined nonexistent, why don't create it ? what are the reasons for the design? Thanks. -- frank |