upstream/illumos/illumos-gate: usr/src/lib/libbsm/common/audit

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	* CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	* The contents of this file are subject to the terms of the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	5	* Common Development and Distribution License, Version 1.0 only
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	6	* (the "License"). You may not use this file except in compliance
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	* with the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	* or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	* See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	* and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	* When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	* If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	* fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	* information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	* CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	21	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	22	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	23	* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	24	* Use is subject to license terms.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	25	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	26	#pragma ident "%Z%%M% %I% %E% SMI"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	27
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28	#include <sys/types.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	29	#include <stdio.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	30	#include <unistd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	31	#include <sys/fcntl.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	32	#include <bsm/audit.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	33	#include <bsm/audit_record.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	34	#include <bsm/audit_uevents.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	35	#include <bsm/libbsm.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	36	#include <bsm/audit_private.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	37	#include <stdlib.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	38	#include <string.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	39	#include <syslog.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	40	#include <netinet/in.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	41	#include <generic.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	42
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	43	#ifdef C2_DEBUG
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	44	#define dprintf(x) {printf x; }
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	45	#else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	46	#define dprintf(x)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	47	#endif
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	48
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	49	static char **gargv;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	50	static int save_afunc();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	51
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	52	static int audit_uadmin_generic(int);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	53
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	54	/* ARGSUSED */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	55	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	56	audit_uadmin_setup(int argc, char **argv)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	57	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	58	dprintf(("audit_uadmin_setup()\n"));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	59
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	60	if (cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	61	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	62	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	63	gargv = argv;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	64
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	65	(void) aug_init();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	66	aug_save_event(AUE_uadmin_solaris);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	67	(void) aug_save_me();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	68	aug_save_afunc(save_afunc);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	70	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	71
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	72	static int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	73	save_afunc(int ad)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	74	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	75	if (gargv && gargv[1])
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	76	(void) au_write(ad, au_to_text(gargv[1]));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	77	if (gargv && gargv[2])
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	78	(void) au_write(ad, au_to_text(gargv[2]));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	79	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	80	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	81
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	83	audit_uadmin_fail()
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	84	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	85	return (audit_uadmin_generic(-1));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	86	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	87
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	88	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	audit_uadmin_success()
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	int res = 0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	92
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	93	(void) audit_uadmin_generic(0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	94
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	95	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	96	* wait for audit daemon to put halt message onto audit trail
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	97	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	98	if (!cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	99	int cond = AUC_NOAUDIT;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	100	int canaudit;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	101
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	102	(void) sleep(1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	103
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	104	/* find out if audit daemon is running */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	105	(void) auditon(A_GETCOND, (caddr_t)&cond,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	106	sizeof (cond));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	107	canaudit = ((cond == AUC_AUDITING) \|\| (cond == AUC_NOSPACE));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	108
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	109	/* turn off audit daemon and try to flush audit queue */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	110	if (canaudit && system("/usr/sbin/audit -t"))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	111	res = -1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	112
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	113	/* give a chance for syslogd to do the job */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	114	(void) sleep(5);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	115	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	116
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	117	return (res);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	118	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	119
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	120	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	121	audit_uadmin_generic(sorf)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	122	int sorf;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	123	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	124	int r;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	125
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	126	dprintf(("audit_uadmin_generic(%d)\n", sorf));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	127
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	128	if (cannot_audit(0)) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	129	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	130	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	131
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	132	aug_save_sorf(sorf);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	133	r = aug_audit();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	134
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	135	return (r);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	136	}

author	jpk
	Fri, 24 Mar 2006 12:29:20 -0800
changeset 1676	37f4a3e2bd99
parent 0	68f95e015346
permissions	-rw-r--r--