xref: /illumos-gate/usr/src/lib/libbsm/common/adt.h (revision dc25fd745d311a1cf9d98d7b7897caa0877adff0)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * adt.h
23  *
24  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25  * Use is subject to license terms.
26  *
27  * This is a contract private interface and is subject to change
28  */
29 
30 #ifndef _ADT_H
31 #define	_ADT_H
32 
33 #include <bsm/audit.h>
34 #include <bsm/libbsm.h>
35 #include <bsm/audit_record.h>
36 #include <bsm/audit_uevents.h>
37 #include <door.h>
38 
39 #ifdef	__cplusplus
40 extern "C" {
41 #endif
42 
43 #define	ADT_STRING_MAX	511		/* max non-null characters */
44 #define	ADT_NO_ATTRIB	(uid_t)-1	/* unattributed user */
45 #define	ADT_NO_CHANGE	(uid_t)-2	/* no update for this parameter */
46 #define	ADT_NO_AUDIT	(uid_t)-3	/* unaudited user */
47 
48 /*
49  * terminal id types
50  */
51 #define	ADT_IPv4	1
52 #define	ADT_IPv6	2
53 
54 /*
55  * for adt_set_user(): ADT_NEW if creating a session for a newly
56  * authenticated user -- login -- and ADT_UPDATE if an authenticated
57  * user is changing uid/gid -- e.g., su.  ADT_USER changes only the
58  * ruid / euid / rgid / egid values and is appropriate for login-like
59  * operations where PAM has already set the audit context in the cred.
60  * ADT_SETTID is for the special case where it is necessary to store
61  * the terminal id in the credential before forking to the login or
62  * login-like process.
63  */
64 enum adt_user_context {ADT_NEW, ADT_UPDATE, ADT_USER, ADT_SETTID};
65 
66 typedef ulong_t			adt_session_flags_t;
67 typedef struct adt_session_data	adt_session_data_t;
68 typedef struct adt_export_data	adt_export_data_t;
69 typedef union adt_event_data	adt_event_data_t;
70 typedef struct adt_termid	adt_termid_t;
71 typedef struct translation	adt_translation_t;
72 
73 /*
74  * flag defs for the flags argument of adt_start_session()
75  */
76 
77 #define	ADT_BUFFER_RECORDS	0x2	/* server buffering */
78 #define	ADT_USE_PROC_DATA	0x1	/* copy audit char's from proc */
79 	/* | all of above = ADT_FLAGS_ALL  */
80 #define	ADT_FLAGS_ALL		ADT_BUFFER_RECORDS | \
81     ADT_USE_PROC_DATA
82 
83 /*
84  * Functions
85  */
86 
87 extern	int	adt_start_session(adt_session_data_t **,
88 		    const adt_export_data_t *,
89 		    adt_session_flags_t);
90 extern	int	adt_end_session(adt_session_data_t *);
91 extern	int	adt_dup_session(const adt_session_data_t *,
92     adt_session_data_t **);
93 
94 extern	int	adt_set_proc(const adt_session_data_t *);
95 extern	int	adt_set_user(const adt_session_data_t *, uid_t, gid_t,
96 		    uid_t, gid_t, const adt_termid_t *,
97 		    enum adt_user_context);
98 extern	int	adt_set_from_ucred(const adt_session_data_t *,
99 		    const ucred_t *,
100 		    enum adt_user_context);
101 
102 extern	size_t	adt_get_session_id(const adt_session_data_t *, char **);
103 
104 extern	size_t	adt_export_session_data(const adt_session_data_t *,
105 		    adt_export_data_t **);
106 extern	size_t	adt_import_proc(pid_t pid,
107 		    uid_t euid,
108 		    gid_t egid,
109 		    uid_t ruid,
110 		    gid_t rgid,
111 		    adt_export_data_t **external);
112 
113 extern	adt_event_data_t
114 		*adt_alloc_event(const adt_session_data_t *, au_event_t);
115 
116 extern	int	adt_put_event(const adt_event_data_t *, int, int);
117 extern	void	adt_free_event(adt_event_data_t *);
118 
119 extern	int	adt_load_termid(int, adt_termid_t **);
120 extern	int	adt_load_hostname(const char *, adt_termid_t **);
121 extern	int	adt_load_ttyname(const char *, adt_termid_t **);
122 
123 extern	boolean_t	adt_audit_enabled(void);
124 extern	boolean_t	adt_audit_state(int);
125 
126 /*
127  * Special typedefs for translations.
128  */
129 
130 typedef	int	fd_t;		/* file descriptor */
131 
132 #ifdef	__cplusplus
133 }
134 #endif
135 
136 #endif	/* _ADT_H */
137