Skip plugin configs that do not have .conf suffix (#398)

While the naming format for plugin configuration files is documented in the auditd-plugins(5) man page, it may appear counterintuitive and deviates from the common naming conventions followed by other widely-used components (e.g., systemd, httpd, SELinux, dracut, and others).

This patch also addresses the handling of non-regular files.

Author: Cropi

audisp/audispd.c

@@ -113,10 +113,21 @@ static void load_plugin_conf(conf_llist *plugin)
 		while ((e = readdir(d))) {
 			plugin_conf_t config;
 			char fname[PATH_MAX];
-
-			// Don't run backup files, hidden files, or dirs
-			if (e->d_name[0] == '.' || count_dots(e->d_name) > 1)
+			const char *ext, *reason = NULL;
+
+			if (e->d_type != DT_REG)
+				reason = "not a regular file";
+			else if (e->d_name[0] == '.')
+				reason = "hidden file";
+			else if (count_dots(e->d_name) > 1)
+				reason = "backup file";
+			else if ((ext = strrchr(e->d_name, '.')) && strcmp(ext, ".conf") != 0)
+				reason = "file without .conf suffix";
+
+			if (reason) {
+				audit_msg(LOG_DEBUG, "Skipping %s plugin due to %s", e->d_name, reason);
 				continue;
+			}
 
 			snprintf(fname, sizeof(fname), "%s/%s",
 				daemon_config.plugin_dir, e->d_name);

docs/auditd-plugins.5

@@ -12,7 +12,7 @@ The plugin directory will be scanned and every plugin that is active will be sta
 .B max_restarts
 times as found in auditd.conf.
 
-Config file names are not allowed to have more than one '.' in the name or it will be treated as a backup copy and skipped. Config file options are given one per line with an equal sign between the keyword and its value. The available options are as follows:
+Configuration files must be regular files that do not begin with a '.' character, contain at most one '.' character, and have a '.conf' suffix. Files that do not meet these criteria will be skipped. Config file options are given one per line with an equal sign between the keyword and its value. The available options are as follows:
 
 .TP
 .I active