/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include #include #include #include #include #include #include #include #include static int s_audit; /* successful audit event */ static int f_audit; /* failure audit event */ static int ad; /* audit descriptor */ void audit_allocate_argv(flg, argc, argv) int flg; int argc; char *argv[]; { int i; if (cannot_audit(0)) { return; } switch (flg) { case 0: s_audit = AUE_allocate_succ; f_audit = AUE_allocate_fail; break; case 1: s_audit = AUE_deallocate_succ; f_audit = AUE_deallocate_fail; break; case 2: s_audit = AUE_listdevice_succ; f_audit = AUE_listdevice_fail; break; } ad = au_open(); for (i = 0; i < argc; i++) (void) au_write(ad, au_to_text(argv[i])); } void audit_allocate_device(path) char *path; { if (cannot_audit(0)) { return; } (void) au_write(ad, au_to_path(path)); } int audit_allocate_record(status) char status; /* success failure of operation */ { auditinfo_addr_t mask; /* audit ID */ au_event_t event; /* audit event number */ int policy; /* audit policy */ int ng; /* number of groups in process */ gid_t grplst[NGROUPS_UMAX]; #ifdef DEBUG printf(("audit_allocate_record(%d)\n", status)); #endif if (cannot_audit(0)) { return (0); } if (getaudit_addr(&mask, sizeof (mask)) < 0) { if (!status) return (1); return (0); } if (auditon(A_GETPOLICY, (caddr_t)&policy, 0) < 0) { if (!status) return (1); return (0); } /* determine if we're preselected */ if (status) event = f_audit; else event = s_audit; if (au_preselect(event, &mask.ai_mask, AU_PRS_BOTH, AU_PRS_REREAD) == NULL) return (0); (void) au_write(ad, au_to_me()); /* add subject token */ if (is_system_labeled()) (void) au_write(ad, au_to_mylabel()); if (policy & AUDIT_GROUP) { /* add optional group token */ (void) memset(grplst, 0, sizeof (grplst)); if ((ng = getgroups(NGROUPS_UMAX, grplst)) < 0) { (void) au_close(ad, 0, 0); if (!status) return (1); return (0); } (void) au_write(ad, au_to_newgroups(ng, grplst)); } if (status) (void) au_write(ad, au_to_exit(status, -1)); else (void) au_write(ad, au_to_exit(0, 0)); /* write audit record */ if (au_close(ad, 1, event) < 0) { (void) au_close(ad, 0, 0); if (!status) return (1); } return (0); } void audit_allocate_list(list) char *list; { char buf[1024]; char *file; char *last; if (cannot_audit(0)) { return; } (void) strcpy(buf, list); for (file = strtok_r(buf, " ", &last); file; file = strtok_r(NULL, " ", &last)) (void) au_write(ad, au_to_path(file)); }