upstream/illumos/illumos-gate: usr/src/lib/libbsm/common/audit

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	* CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	* The contents of this file are subject to the terms of the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	5	* Common Development and Distribution License, Version 1.0 only
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	6	* (the "License"). You may not use this file except in compliance
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	* with the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	* or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	* See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	* and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	* When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	* If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	* fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	* information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	* CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	21	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	22	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	23	* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	24	* Use is subject to license terms.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	25	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	26	#pragma ident "%Z%%M% %I% %E% SMI"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	27
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28	#include <sys/types.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	29	#include <sys/stat.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	30	#include <sys/systeminfo.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	31	#include <bsm/audit.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	32	#include <bsm/libbsm.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	33	#include <bsm/audit_uevents.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	34	#include <bsm/audit_private.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	35	#include <unistd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	36	#include <stdlib.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	37	#include <string.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	38	#include <pwd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	39
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	40	#include <locale.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	41	#include "generic.h"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	42
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	43	#define AUDIT_GET_DIFFS_NO_CRONTAB 1
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	44	#define AUDIT_GET_DIFFS_CRONTAB 0
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	45	#define AUDIT_GET_DIFFS_ERR -1
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	46	#define AUDIT_GET_DIFFS_NO_DIFFS -2
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	47
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	48	static int audit_crontab_get_diffs(char cf, char tmp_name,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	49	char **bufptr);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	50
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	51	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	52	audit_crontab_modify(char path, char tmp_path, int sorf)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	53	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	54	int r, create = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	55	char *diffs = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	56
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	57	if (cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	58	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	59	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	60	au_event_t event;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	61	char *anc_name;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	62	auditinfo_addr_t ai;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	63
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	64	if (getaudit_addr(&ai, sizeof (ai))) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	65	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	66	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	67
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	68	r = audit_crontab_get_diffs(path, tmp_path, &diffs);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	70	if (r == AUDIT_GET_DIFFS_NO_DIFFS) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	71	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	72	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	73	if (diffs != NULL && r != AUDIT_GET_DIFFS_ERR) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	74	aug_save_text(diffs);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	75	free(diffs);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	76	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	77
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	78	if (r == AUDIT_GET_DIFFS_NO_CRONTAB) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	79	create = 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	80	if (diffs == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	81	aug_save_text("");
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	83
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	84	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	85	* create an ancilary file if audit characteristics exist
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	86	* else delete an ancilary if if one exists
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	87	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	88
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	anc_name = audit_cron_make_anc_name(path);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	if (anc_name == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	r = -1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	92	else if (audit_crontab_process_not_audited()) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	93	(void) unlink(anc_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	94	free(anc_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	95	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	96	r = audit_cron_setinfo(anc_name, &ai);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	97	free(anc_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	98	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	99	aug_init();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	100	aug_save_auid(ai.ai_auid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	101	aug_save_euid(geteuid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	102	aug_save_egid(getegid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	103	aug_save_uid(getuid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	104	aug_save_gid(getgid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	105	aug_save_pid(getpid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	106	aug_save_asid(ai.ai_asid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	107	aug_save_tid_ex(ai.ai_termid.at_port, ai.ai_termid.at_addr,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	108	ai.ai_termid.at_type);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	109
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	110
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	111	aug_save_path(path);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	112	event = (create) ? AUE_crontab_create : AUE_crontab_mod;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	113	aug_save_event(event);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	114	aug_save_sorf(sorf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	115
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	116	if (aug_audit() != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	117	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	118	return (r);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	119	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	120	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	121
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	122	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	123	audit_crontab_delete(char *path, int sorf)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	124	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	125	int r = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	126
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	127	if (cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	128	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	129	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	130	char *anc_name;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	131	anc_name = audit_cron_make_anc_name(path);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	132	if (anc_name != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	133	r = unlink(anc_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	134	free(anc_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	135	} else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	136	r = -1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	137
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	138	aug_init();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	139	(void) aug_save_me();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	140
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	141	aug_save_path(path);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	142	aug_save_event(AUE_crontab_delete);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	143	aug_save_sorf(sorf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	144	if (aug_audit() != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	145	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	146	return (r);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	147	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	148	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	149
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	150	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	151	* gets differences between old and new crontab files.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	152	* arguments:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	153	* cf - name of crontab file
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	154	* tmp_name - name of new crontab file
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	155	* bufptr - pointer to an array of characters with
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	156	* either an error message or an output of "diff" command.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	157	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	158	* results:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	159	* AUDIT_GET_DIFFS_ERR - errors;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	160	* file not exists (do not free *bufptr in this case)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	161	* AUDIT_GET_DIFFS_NO_DIFFS - errors;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	162	* file exists (do not free *bufptr in this case)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	163	* AUDIT_GET_DIFFS_CRONTAB - OK, old crontab file exists.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	164	* AUDIT_GET_DIFFS_NO_CRONTAB - OK. there is no crontab file.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	165	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	166	static int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	167	audit_crontab_get_diffs(char cf, char tmp_name, char **bufptr)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	168	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	169	struct stat st, st_tmp;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	170	uid_t euid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	171	int len, r = AUDIT_GET_DIFFS_CRONTAB;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	172	char *buf = NULL, err_buf[128];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	173
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	174	(void) memset(err_buf, 0, 128);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	175	euid = geteuid();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	176	if (seteuid(0) == -1) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	177	r = AUDIT_GET_DIFFS_ERR;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	178	(void) snprintf(err_buf, sizeof (err_buf),
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	179	"crontab: seteuid: %s\n", strerror(errno));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	180	goto exit_diff;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	181	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	182	if (stat(cf, &st) == -1) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	183	if (errno == ENOENT) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	184	r = AUDIT_GET_DIFFS_NO_CRONTAB;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	185	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	186	r = AUDIT_GET_DIFFS_ERR;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	187	(void) snprintf(err_buf, sizeof (err_buf),
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	188	"crontab: %s: stat: %s\n",
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	189	cf, strerror(errno));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	190	goto exit_diff;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	191	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	192	len = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	193	} else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	194	len = st.st_size;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	195
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	196	if (stat(tmp_name, &st_tmp) == -1) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	197	r = AUDIT_GET_DIFFS_ERR;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	198	(void) snprintf(err_buf, sizeof (err_buf),
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	199	"crontab: %s: stat: %s\n",
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	200	tmp_name, strerror(errno));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	201	goto exit_diff;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	202	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	203
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	204	if (st_tmp.st_size == 0 && len == 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	205	/* there is no difference */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	206	r = AUDIT_GET_DIFFS_NO_DIFFS;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	207	*bufptr = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	208	goto exit_diff;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	209	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	210
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	211	exit_diff:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	212	/* return information on create or update crontab */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	213	(void) seteuid(euid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	214	switch (r) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	215	case AUDIT_GET_DIFFS_ERR:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	216	if (buf != NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	217	free(buf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	218	*bufptr = err_buf;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	219	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	220	case AUDIT_GET_DIFFS_NO_DIFFS:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	221	if (buf != NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	222	free(buf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	223	*bufptr = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	224	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	225	case AUDIT_GET_DIFFS_CRONTAB:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	226	if (buf != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	227	if (strlen(buf) != 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	228	*bufptr = buf;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	229	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	230	r = AUDIT_GET_DIFFS_NO_DIFFS;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	231	*bufptr = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	232	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	233	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	234	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	235	case AUDIT_GET_DIFFS_NO_CRONTAB:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	236	if (buf != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	237	if (strlen(buf) != 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	238	*bufptr = buf;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	239	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	240	*bufptr = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	241	free(buf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	242	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	243	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	244	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	245	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	246
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	247	return (r);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	248	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	249
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	250	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	251	* audit_crontab_not_allowed determines if we have a case that should be audited
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	252	* but we can't. If auditing is enabled but the current process is not
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	253	* audited, then the ruid of the user doing the editing must be the owner
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	254	* id of the file to be edited.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	255	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	256	* When audit_crontab_not_allowed is called, ruid is for the crontab file
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	257	* to be modified or created.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	258	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	259
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	260	#define PWD_BUFFER_SIZE 512
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	261
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	262	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	263	audit_crontab_not_allowed(uid_t ruid, char *user) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	264	struct passwd pwd;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	265	char buffer[PWD_BUFFER_SIZE];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	266	int rc = 0; /* 0 == allow */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	267
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	268	if (!cannot_audit(0)) { /* allow access if audit off */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	269	if (getpwnam_r(user, &pwd, buffer, PWD_BUFFER_SIZE) == NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	270	rc = 1; /* deny access if invalid */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	271	} else if (ruid == pwd.pw_uid)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	272	rc = 0; /* editing his own crontab */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	273	else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	274	rc = audit_crontab_process_not_audited();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	275	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	276	return (rc);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	277	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	278
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	279	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	280	audit_crontab_process_not_audited() {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	281	struct auditpinfo_addr info;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	282	int rc;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	283
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	284	info.ap_pid = getpid();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	285	if (auditon(A_GETPINFO_ADDR, (caddr_t)&info, sizeof (info)) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	286	rc = 0; /* audit failure: not enabled */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	287	else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	288	rc = (info.ap_auid == AU_NOAUDITID);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	289
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	290	return (rc);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	291	}

author	jpk
	Fri, 24 Mar 2006 12:29:20 -0800
changeset 1676	37f4a3e2bd99
parent 0	68f95e015346
permissions	-rw-r--r--