0
|
1 |
/*
|
|
2 |
* CDDL HEADER START
|
|
3 |
*
|
|
4 |
* The contents of this file are subject to the terms of the
|
|
5 |
* Common Development and Distribution License, Version 1.0 only
|
|
6 |
* (the "License"). You may not use this file except in compliance
|
|
7 |
* with the License.
|
|
8 |
*
|
|
9 |
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
|
10 |
* or http://www.opensolaris.org/os/licensing.
|
|
11 |
* See the License for the specific language governing permissions
|
|
12 |
* and limitations under the License.
|
|
13 |
*
|
|
14 |
* When distributing Covered Code, include this CDDL HEADER in each
|
|
15 |
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
16 |
* If applicable, add the following below this CDDL HEADER, with the
|
|
17 |
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
18 |
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
19 |
*
|
|
20 |
* CDDL HEADER END
|
|
21 |
*/
|
|
22 |
/*
|
|
23 |
* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
|
|
24 |
* Use is subject to license terms.
|
|
25 |
*/
|
|
26 |
#pragma ident "%Z%%M% %I% %E% SMI"
|
|
27 |
|
|
28 |
#include <sys/types.h>
|
|
29 |
#include <stdio.h>
|
|
30 |
#include <unistd.h>
|
|
31 |
#include <sys/fcntl.h>
|
|
32 |
#include <bsm/audit.h>
|
|
33 |
#include <bsm/audit_record.h>
|
|
34 |
#include <bsm/audit_uevents.h>
|
|
35 |
#include <bsm/libbsm.h>
|
|
36 |
#include <bsm/audit_private.h>
|
|
37 |
#include <stdlib.h>
|
|
38 |
#include <string.h>
|
|
39 |
#include <syslog.h>
|
|
40 |
#include <netinet/in.h>
|
|
41 |
#include <generic.h>
|
|
42 |
|
|
43 |
#ifdef C2_DEBUG
|
|
44 |
#define dprintf(x) {printf x; }
|
|
45 |
#else
|
|
46 |
#define dprintf(x)
|
|
47 |
#endif
|
|
48 |
|
|
49 |
static char **gargv;
|
|
50 |
static int save_afunc();
|
|
51 |
|
|
52 |
static int audit_uadmin_generic(int);
|
|
53 |
|
|
54 |
/* ARGSUSED */
|
|
55 |
int
|
|
56 |
audit_uadmin_setup(int argc, char **argv)
|
|
57 |
{
|
|
58 |
dprintf(("audit_uadmin_setup()\n"));
|
|
59 |
|
|
60 |
if (cannot_audit(0)) {
|
|
61 |
return (0);
|
|
62 |
}
|
|
63 |
gargv = argv;
|
|
64 |
|
|
65 |
(void) aug_init();
|
|
66 |
aug_save_event(AUE_uadmin_solaris);
|
|
67 |
(void) aug_save_me();
|
|
68 |
aug_save_afunc(save_afunc);
|
|
69 |
return (0);
|
|
70 |
}
|
|
71 |
|
|
72 |
static int
|
|
73 |
save_afunc(int ad)
|
|
74 |
{
|
|
75 |
if (gargv && gargv[1])
|
|
76 |
(void) au_write(ad, au_to_text(gargv[1]));
|
|
77 |
if (gargv && gargv[2])
|
|
78 |
(void) au_write(ad, au_to_text(gargv[2]));
|
|
79 |
return (0);
|
|
80 |
}
|
|
81 |
|
|
82 |
int
|
|
83 |
audit_uadmin_fail()
|
|
84 |
{
|
|
85 |
return (audit_uadmin_generic(-1));
|
|
86 |
}
|
|
87 |
|
|
88 |
int
|
|
89 |
audit_uadmin_success()
|
|
90 |
{
|
|
91 |
int res = 0;
|
|
92 |
|
|
93 |
(void) audit_uadmin_generic(0);
|
|
94 |
|
|
95 |
/*
|
|
96 |
* wait for audit daemon to put halt message onto audit trail
|
|
97 |
*/
|
|
98 |
if (!cannot_audit(0)) {
|
|
99 |
int cond = AUC_NOAUDIT;
|
|
100 |
int canaudit;
|
|
101 |
|
|
102 |
(void) sleep(1);
|
|
103 |
|
|
104 |
/* find out if audit daemon is running */
|
|
105 |
(void) auditon(A_GETCOND, (caddr_t)&cond,
|
|
106 |
sizeof (cond));
|
|
107 |
canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE));
|
|
108 |
|
|
109 |
/* turn off audit daemon and try to flush audit queue */
|
|
110 |
if (canaudit && system("/usr/sbin/audit -t"))
|
|
111 |
res = -1;
|
|
112 |
|
|
113 |
/* give a chance for syslogd to do the job */
|
|
114 |
(void) sleep(5);
|
|
115 |
}
|
|
116 |
|
|
117 |
return (res);
|
|
118 |
}
|
|
119 |
|
|
120 |
int
|
|
121 |
audit_uadmin_generic(sorf)
|
|
122 |
int sorf;
|
|
123 |
{
|
|
124 |
int r;
|
|
125 |
|
|
126 |
dprintf(("audit_uadmin_generic(%d)\n", sorf));
|
|
127 |
|
|
128 |
if (cannot_audit(0)) {
|
|
129 |
return (0);
|
|
130 |
}
|
|
131 |
|
|
132 |
aug_save_sorf(sorf);
|
|
133 |
r = aug_audit();
|
|
134 |
|
|
135 |
return (r);
|
|
136 |
}
|