upstream/illumos/illumos-gate: usr/src/lib/libbsm/common/audit

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	* CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	* The contents of this file are subject to the terms of the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	5	* Common Development and Distribution License, Version 1.0 only
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	6	* (the "License"). You may not use this file except in compliance
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	* with the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	* or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	* See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	* and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	* When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	* If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	* fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	* information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	* CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	21	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	22	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	23	* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	24	* Use is subject to license terms.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	25	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	26	#pragma ident "%Z%%M% %I% %E% SMI"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	27
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28	#include <sys/types.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	29	#include <stdio.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	30	#include <bsm/audit.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	31	#include <bsm/audit_uevents.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	32	#include <bsm/libbsm.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	33	#include <bsm/audit_private.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	34	#include <netinet/in.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	35	#include <generic.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	36	#include <pwd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	37	#include <strings.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	38	#include <stdlib.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	39	#include <unistd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	40
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	41	#ifdef C2_DEBUG
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	42	#define dprintf(x) {printf x; }
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	43	#else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	44	#define dprintf(x)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	45	#endif
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	46
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	47	static void audit_inetd_session_setup(struct passwd *);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	48	static au_tid_addr_t audit_inetd_tid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	49	static int auditingisoff;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	50	static au_class_t eventclass;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	51	static int preselected;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	52	static au_mask_t kmask;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	53
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	54	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	55	audit_inetd_config(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	56	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	57	struct au_event_ent *ee;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	58
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	59	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	60	* If auditing is turned off, then don't do anything.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	61	* Especially don't return an error
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	62	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	63	if (auditingisoff = cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	64	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	65	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	66	aug_save_event(AUE_inetd_connect);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	67	if (cacheauevent(&ee, AUE_inetd_connect) != 1)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	68	return (1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	70	eventclass = ee->ae_class;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	71
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	72	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	73	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	74
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	75	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	76	* save terminal ID for user level audit record generation
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	77	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	78	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	79	audit_inetd_termid(int fd)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	80	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	81	struct sockaddr_in6 peer;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	struct sockaddr_in6 sock;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	83	int peerlen = sizeof (peer);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	84	int socklen = sizeof (sock);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	85	uint_t port;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	86	uint32_t *addr;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	87	auditinfo_addr_t ai;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	88
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	if (auditingisoff) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	92
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	93	(void) aug_save_namask();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	94
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	95	/* quick preslection */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	96	if (auditon(A_GETKMASK, (caddr_t)&kmask, sizeof (kmask)) < 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	97	/* should generate syslog message here or in inetd.c */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	98	preselected = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	99	return (1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	100	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	101
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	102	/* now see if we're preselected. Ignore success/failure for now */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	103	if ((kmask.am_success\|kmask.am_failure) & eventclass) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	104	preselected = 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	105	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	106	preselected = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	107	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	108	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	109
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	110	/* get peer name (use local termid if not a socket) */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	111	if (getpeername(fd, (struct sockaddr )&peer, (socklen_t )&peerlen)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	112	< 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	113
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	114	/* use machine terminal address if unknown ports */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	115	if (auditon(A_GETKAUDIT, (caddr_t)&ai, sizeof (ai)) < 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	116	return (1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	117	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	118
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	119	/* termid unset, make it legal (0.0.0.0) */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	120	if (ai.ai_termid.at_type == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	121	ai.ai_termid.at_type = AU_IPv4;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	122
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	123	audit_inetd_tid = ai.ai_termid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	124	aug_save_tid_ex(ai.ai_termid.at_port,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	125	(uint32_t *)&ai.ai_termid.at_addr,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	126	(uint32_t)ai.ai_termid.at_type);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	127	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	128	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	129
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	130	addr = (uint32_t *)&peer.sin6_addr;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	131
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	132	/* get sock name (use local termid if not a socket) */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	133	if (getsockname(fd, (struct sockaddr )&sock, (socklen_t )&socklen)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	134	< 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	135	/* have everything but local port. make it 0 for now */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	136	bzero(&sock, sizeof (sock));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	137	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	138
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	139	bzero(&audit_inetd_tid, sizeof (audit_inetd_tid));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	140
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	141	port = ((peer.sin6_port<<16) \| (sock.sin6_port));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	142	audit_inetd_tid.at_port = port;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	143
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	144	if (peer.sin6_family == AF_INET6) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	145	aug_save_tid_ex(port, (uint32_t *)&peer.sin6_addr, AU_IPv6);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	146
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	147	audit_inetd_tid.at_type = AU_IPv6;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	148	audit_inetd_tid.at_addr[0] = addr[0];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	149	audit_inetd_tid.at_addr[1] = addr[1];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	150	audit_inetd_tid.at_addr[2] = addr[2];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	151	audit_inetd_tid.at_addr[3] = addr[3];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	152	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	153	struct sockaddr_in ppeer = (struct sockaddr_in )&peer;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	154	aug_save_tid(port, (int)ppeer->sin_addr.s_addr);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	155
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	156	audit_inetd_tid.at_type = AU_IPv4;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	157	audit_inetd_tid.at_addr[0] = (uint32_t)ppeer->sin_addr.s_addr;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	158	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	159	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	160	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	161
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	162	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	163	audit_inetd_service(
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	164	char service_name, / name of service */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	165	struct passwd pwd) / password */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	166	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	167	int set_audit = 0; /* flag - set audit characteristics */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	168	auditinfo_addr_t ai;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	169
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	170	dprintf(("audit_inetd_service()\n"));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	171
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	172	if (auditingisoff)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	173	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	174
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	175	if (preselected == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	176	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	177
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	178	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	179	* set default values. We will overwrite them when appropriate.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	180	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	181	if (getaudit_addr(&ai, sizeof (ai))) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	182	perror("inetd");
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	183	exit(1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	184	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	185	aug_save_auid(ai.ai_auid); /* Audit ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	186	aug_save_uid(getuid()); /* User ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	187	aug_save_euid(geteuid()); /* Effective User ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	188	aug_save_gid(getgid()); /* Group ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	189	aug_save_egid(getegid()); /* Effective Group ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	190	aug_save_pid(getpid()); /* process ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	191	aug_save_asid(getpid()); /* session ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	192
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	193	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	194	* do the best we can. We have no way to determine if the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	195	* request is from a system service or from the root user.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	196	* We will consider all root requests to be system service
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	197	* operations for now. We'll readdress this when we devise a
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	198	* better algorithm.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	199	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	200	if (pwd != NULL && (pwd->pw_uid)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	201	aug_save_auid(pwd->pw_uid); /* Audit ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	202	aug_save_uid(pwd->pw_uid); /* User ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	203	aug_save_euid(pwd->pw_uid); /* Effective User ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	204	aug_save_gid(pwd->pw_gid); /* Group ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	205	aug_save_egid(pwd->pw_gid); /* Effective Group ID */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	206	set_audit = 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	207	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	208
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	209	aug_save_text(service_name);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	210	aug_save_sorf(0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	211
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	212	(void) aug_audit();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	213
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	214	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	215	* Note that we will only do this if non-attributable auditing set.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	216	* we might want to change things so this is always called.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	217	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	218	if (set_audit)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	219	audit_inetd_session_setup(pwd);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	220
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	221	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	222	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	223
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	224	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	225	* set the audit characteristics for the inetd started process.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	226	* inetd is setting the uid.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	227	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	228	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	229	audit_inetd_session_setup(struct passwd *pwd)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	230	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	231	struct auditinfo_addr info;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	232	au_mask_t mask;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	233
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	234	info.ai_auid = pwd->pw_uid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	235
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	236	mask.am_success = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	237	mask.am_failure = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	238	(void) au_user_mask(pwd->pw_name, &mask);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	239	info.ai_mask.am_success = mask.am_success;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	240	info.ai_mask.am_failure = mask.am_failure;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	241
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	242	info.ai_asid = getpid();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	243
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	244	info.ai_termid = audit_inetd_tid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	245
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	246	if (setaudit_addr(&info, sizeof (info)) < 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	247	perror("inetd: setaudit_addr");
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	248	exit(1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	249	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	250	}

author	jpk
	Fri, 24 Mar 2006 12:29:20 -0800
changeset 1676	37f4a3e2bd99
parent 0	68f95e015346
permissions	-rw-r--r--