1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 #include <sys/types.h>
26 #include <stdio.h>
27 #include <unistd.h>
28 #include <sys/fcntl.h>
29 #include <bsm/audit.h>
30 #include <bsm/audit_record.h>
31 #include <bsm/audit_uevents.h>
32 #include <bsm/libbsm.h>
33 #include <bsm/audit_private.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <syslog.h>
37 #include <netinet/in.h>
38 #include <libgen.h>
39 #include <generic.h>
40
41 #ifdef C2_DEBUG
42 #define dprintf(x) { (void) printf x; }
43 #else
44 #define dprintf(x)
45 #endif
46
47 static int audit_halt_generic(int);
48
49 /* ARGSUSED */
50 int
audit_halt_setup(int argc,char ** argv)51 audit_halt_setup(int argc, char **argv)
52 {
53 char *cmdname;
54
55 dprintf(("audit_halt_setup()\n"));
56
57 if (cannot_audit(0)) {
58 return (0);
59 }
60
61 cmdname = basename(*argv);
62
63 aug_init();
64
65 if (strcmp(cmdname, "halt") == 0)
66 aug_save_event(AUE_halt_solaris);
67 else if (strcmp(cmdname, "poweroff") == 0)
68 aug_save_event(AUE_poweroff_solaris);
69 else
70 exit(1);
71 (void) aug_save_me();
72 return (0);
73 }
74
75 int
audit_halt_fail()76 audit_halt_fail()
77 {
78 return (audit_halt_generic(-1));
79 }
80
81 int
audit_halt_success()82 audit_halt_success()
83 {
84 int res = 0;
85
86 (void) audit_halt_generic(0);
87
88 /* wait for audit daemon to put halt message onto audit trail */
89 if (!cannot_audit(0)) {
90 int cond = AUC_NOAUDIT;
91 int canaudit;
92
93 (void) sleep(1);
94
95 /* find out if audit daemon is running */
96 (void) auditon(A_GETCOND, (caddr_t)&cond, sizeof (cond));
97 canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE));
98
99 /* turn off audit daemon and try to flush audit queue */
100 if (canaudit && system("/usr/sbin/audit -T"))
101 res = -1;
102 else
103 /* give a chance for syslogd to do the job */
104 (void) sleep(5);
105 }
106
107 return (res);
108 }
109
110 int
audit_halt_generic(sorf)111 audit_halt_generic(sorf)
112 int sorf;
113 {
114 int r;
115
116 dprintf(("audit_halt_generic(%d)\n", sorf));
117
118 if (cannot_audit(0)) {
119 return (0);
120 }
121
122 aug_save_sorf(sorf);
123 r = aug_audit();
124
125 return (r);
126 }
127